www.vaacase.com Open in urlscan Pro
2606:4700:3035::ac43:b5bb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8...
Submission: On July 23 via api (July 23rd 2023, 4:02:08 am UTC) from US — Scanned from DE

Summary HTTP 284 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 60 IPs in 12 countries across 50 domains to perform 284 HTTP transactions. The main IP is 2606:4700:3035::ac43:b5bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vaacase.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 13th 2023. Valid for: a year.

This is the only time www.vaacase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 16	2606:4700:303... 2606:4700:3035::ac43:b5bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:303... 2606:4700:3031::6815:304d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.100.64.43 95.100.64.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.114.159.208 3.114.159.208	16509 (AMAZON-02) (AMAZON-02)
2	43.201.176.23 43.201.176.23	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:e4:... 2606:4700:e4::ac40:af16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::ac43:91e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
62	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	119.28.134.92 119.28.134.92	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2606:4700:303... 2606:4700:3031::ac43:91b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:25::1726:6212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.95.15 65.9.95.15	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:170... 2a02:26f0:1700:6::17d5:a18f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7 15	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	52.192.246.101 52.192.246.101	16509 (AMAZON-02) (AMAZON-02)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e2:... 2606:4700:e2::ac40:8313	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2600:9000:212... 2600:9000:2127:3800:19:8ca6:3640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
4	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
1 4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	3.9.91.156 3.9.91.156	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	54.171.31.19 54.171.31.19	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.220.108 18.159.220.108	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	13.41.82.34 13.41.82.34	() ()
284	60

16 2606:4700:3035::ac43:b5bb (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.vaacase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3031::6815:304d (United States)

ASN13335 (CLOUDFLARENET, US)

store.vaacase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.vaacase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.vaacase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.vaacase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scupio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dwjhgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.64.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-64-43.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.159.208 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-159-208.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.201.176.23 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-201-176-23.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:af16 (United States)

ASN13335 (CLOUDFLARENET, US)

static.intentarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:91e7 (United States)

ASN13335 (CLOUDFLARENET, US)

yaya0506.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.134.92 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

twtpstat.zhentoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b8 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.logkb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:25::1726:6212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-15.prg50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:1700:6::17d5:a18f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.246.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8313 (United States)

ASN13335 (CLOUDFLARENET, US)

js.akusehat.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:3800:19:8ca6:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pathtosuccess.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Sindelfingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.91.156 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-91-156.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.31.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-31-19.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.220.108 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-220-108.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.82.34 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com 882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com	510 KB
43	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 373580	860 KB
40	vaacase.com 3 redirects www.vaacase.com store.vaacase.com popup.vaacase.com count.vaacase.com twstat.vaacase.com	4 MB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 rtb0.doubleverify.com — Cisco Umbrella Rank: 721 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 16020	63 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 42383 hal900030.redintelligence.net — Cisco Umbrella Rank: 287875	56 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 117	4 KB
7	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 97283 ssl.sitemaji.com — Cisco Umbrella Rank: 220866	58 KB
6	intentarget.com static.intentarget.com — Cisco Umbrella Rank: 270169	11 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	281 KB
4	akusehat.info js.akusehat.info — Cisco Umbrella Rank: 337212	8 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 789	2 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1164 eus.rubiconproject.com — Cisco Umbrella Rank: 623 token.rubiconproject.com — Cisco Umbrella Rank: 616	11 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 425 fonts.googleapis.com — Cisco Umbrella Rank: 82	101 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	271 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 26599 api.webgains.io	31 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 49999 medialead.de — Cisco Umbrella Rank: 49616	1 KB
3	pathtosuccess.global cdn.pathtosuccess.global — Cisco Umbrella Rank: 17306	411 KB
3	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 323 ads.yap.yahoo.com — Cisco Umbrella Rank: 14341	1 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 491 rtb.openx.net — Cisco Umbrella Rank: 861	636 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 63205 sync.logly.co.jp — Cisco Umbrella Rank: 66264	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 25575 audiencedata.im-apps.net — Cisco Umbrella Rank: 28074	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1815	21 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 24158 api.dable.io — Cisco Umbrella Rank: 21620	38 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 261	47 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 355	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2266	813 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 784	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 128584	6 KB
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643	326 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 559	42 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1361	326 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61596	438 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 801	336 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 607	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1019	731 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 43281	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 170525	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 218246	931 B
1	feebee.tw fsa-api.feebee.tw — Cisco Umbrella Rank: 236150	1006 B
1	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 232566	2 KB
1	dwjhgx.com dwjhgx.com	1 KB
1	logkb.com pic.logkb.com	97 KB
1	zhentoo.com twtpstat.zhentoo.com — Cisco Umbrella Rank: 281692	582 B
1	yaya0506.com yaya0506.com	1 KB
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 231457	565 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 92470	17 KB
1	scupio.net www.scupio.net — Cisco Umbrella Rank: 261277	2 KB
284	50

	Domain	Requested by
54	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com tpc.googlesyndication.com www.vaacase.com pagead2.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com www.googletagservices.com
31	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com googleads.g.doubleclick.net www.vaacase.com 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
21	store.vaacase.com	www.vaacase.com
18	securepubads.g.doubleclick.net	ad.sitemaji.com securepubads.g.doubleclick.net www.vaacase.com www.googletagservices.com
16	www.vaacase.com	3 redirects www.vaacase.com cdnjs.cloudflare.com
15	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
8	googleads.g.doubleclick.net	75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com pagead2.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
6	cdn.doubleverify.com	75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com cdn.doubleverify.com
6	www.google.com	tpc.googlesyndication.com 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
6	static.intentarget.com	www.vaacase.com static.intentarget.com yaya0506.com dwjhgx.com
5	www.googletagservices.com	securepubads.g.doubleclick.net 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
5	ad.sitemaji.com	www.vaacase.com securepubads.g.doubleclick.net srcdoc ad.sitemaji.com
4	hal900030.redintelligence.net	1 redirects 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com hal900030.redintelligence.net
4	hal9000.redintelligence.net	9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com hal900030.redintelligence.net
4	js.akusehat.info	static.intentarget.com js.akusehat.info
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagmanager.com	www.scupio.net www.googletagmanager.com adv.office-partner.de
3	cdn.pathtosuccess.global	75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com cdn.doubleverify.com
3	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
3	rtb0.doubleverify.com	cdn.doubleverify.com
3	ajax.googleapis.com	api.dable.io static.intentarget.com
3	cdnjs.cloudflare.com	www.vaacase.com ad.sitemaji.com
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	x.bidswitch.net	2 redirects
2	match.360yield.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	8019191.fls.doubleclick.net	1 redirects www.vaacase.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal900030.redintelligence.net 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	www.vaacase.com
2	eus.rubiconproject.com	nt.compass-fit.jp eus.rubiconproject.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ssl.sitemaji.com	ad.sitemaji.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.dable.io	static.dable.io
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900030.redintelligence.net
1	onetag-sys.com	1 redirects
1	rtb.openx.net	9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
1	dis.criteo.com	9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	medialead.de	1 redirects
1	track.webgains.com	www.vaacase.com
1	futalis.de	hal900030.redintelligence.net
1	adv.office-partner.de	hal900030.redintelligence.net
1	fsa-api.feebee.tw
1	fsa-api.feebee.com.tw	ad.sitemaji.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	secure-assets.rubiconproject.com	1 redirects
1	audiencedata.im-apps.net	dmp.im-apps.net
1	dwjhgx.com	static.intentarget.com
1	l.logly.co.jp	nt.compass-fit.jp
1	882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pic.logkb.com	www.vaacase.com
1	twtpstat.zhentoo.com	cdnjs.cloudflare.com
1	region1.google-analytics.com	www.googletagmanager.com
1	yaya0506.com	static.intentarget.com
1	count.xxxssk.com	www.vaacase.com
1	nt.compass-fit.jp	www.vaacase.com
1	static.dable.io	www.vaacase.com
1	www.scupio.net	www.vaacase.com
1	twstat.vaacase.com	www.vaacase.com
1	count.vaacase.com	www.vaacase.com
1	popup.vaacase.com	www.vaacase.com
284	79

This site contains links to these domains. Also see Links.

Domain
effort-us.com

Subject Issuer	Validity	Valid
www.vaacase.com Cloudflare Inc ECC CA-3	`2023-03-13` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
vaacase.com GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
scupio.net E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
static.dable.io R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
intentarget.com GTS CA 1P5	`2023-06-02` - `2023-08-31`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
yaya0506.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
twtpstat.zhentoo.com TrustAsia RSA DV TLS CA G2	`2023-03-19` - `2024-03-18`	a year	crt.sh
logkb.com GTS CA 1P5	`2023-07-09` - `2023-10-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
akusehat.info E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
cdn.pathtosuccess.global Amazon RSA 2048 M02	`2023-04-20` - `2024-05-18`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Frame ID: 3A6DF9C620C7216DEC886AC0EE19DDB2
Requests: 55 HTTP requests in this frame

Frame: https://yaya0506.com/gmifr_lei.html
Frame ID: 78C4CBDC28412F3F32AEA0AA03F4518F
Requests: 7 HTTP requests in this frame

Frame: https://dwjhgx.com/gmifr_lei.html
Frame ID: FD98C7AA19859D99DCB244250B16EEFF
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: E8F8DFA09D4F44A738E71F4F133573EE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 714CDAD23771CB1514C7886D84611A22
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1B0B105B8687B767ED938E5CF16F9D7D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C544A35D05B89F6FA310EDBC3DFF8A6E
Requests: 6 HTTP requests in this frame

Frame: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C9EF9327393F9BEDD3FFB02E79CAC021
Requests: 1 HTTP requests in this frame

Frame: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DB7E7E048C355219E5A8DF533DAF2253
Requests: 1 HTTP requests in this frame

Frame: https://882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5A0C49EAF19E44F7B03CCD1C12095468
Requests: 1 HTTP requests in this frame

Frame: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2D2F73BA7A682320B57503FCA2B4227A
Requests: 1 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=97daacd1-ce06-4112-9741-a71828f46faa&id=dablewidget_goP0dJoQ&category1=%E6%B1%BD%E8%BB%8A&author=0&item_id=4813870&item_pub_date=2023-06-26&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: E3EC9CF4C0E1678AE63AA87DE799D588
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CDD31C006DF3D13F7B87C3064AD7D7D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B31D5D57EB1EB506018EF1C68E96AE7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2753BAA0B86BB7AC381838B35B1B3154
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FE55BABB439CFEBE39F840457961FC0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D827EF1777A1DD9AEB6F8160399E93D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE2233E62712952F622DF5A12416FC87
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX3t-EwhUFbCUN5DvSyCeggxkcWDoj7pUZkoPoUM2yLvJZ2G4yZ_yM6UkdRwr6Z4ycWem0TZMwI0dPMnzz7DVPyBNb9lXYSwyBOUu2U5smxIs-r-nzPXadqjyL4eCulLn5Z7e_StzG5qvUsyMfOjHKSYUCY27eC6j9NpXelp2Wqo4B7FuqULUUEbhcvJ5QBM8QGB6FJ5Iu9zDgSaZX9Nxo98bLQckX4-yx5oHMKExC8WUoCkHPYecY4psePfFFDmuvIYVm7ULZNM2TGes9B3nm5b6scEy710tHEL9Ns9JmqEL6WiGTTxP_embd6zfnTUgdgAhV_7JV6agfVQRQzQ&sai=AMfl-YT924R-A63iNWD-rEluKWSbDRbs6-pBHh02quRfLVgk1By7rvgEF1CkG1Mj9qDh0A8CKo7v51Nl8znIeDEp6Z5pZjYciqUEO3NpHbdWRm0prJbrrLZjgK_Q_S9eNklkFkhXSN1gJSvHb6b8Nwk&sig=Cg0ArKJSzEl8s6deT3AUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 969EADA7FEF241C8A8F8C1FFE44BB0B9
Requests: 6 HTTP requests in this frame

Frame: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3B86D647E8F8F8C36D059482717FBEF2
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B85ACB99E94F638959AD519A09ACF870
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FC656B1A604DE67BF3C0264FC26D6CF
Requests: 2 HTTP requests in this frame

Frame: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3C1EAE7284DEFCE4CDB6FF0B790CB007
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNWXZ0VJg_fuluDSjZEVBbHbu7EqE_tgc0GzlLMNY5fyTDsj76myCgorLq5ut0GmE4wk1fK3ctZxPy0JXBzysYvSpRRSb3v1PlHxZgI5_rcOlifEup1rCiDRGMbeiIMFwwf8Z3G61GbkPtFQqsAS7pkacDNca-t2VL_1ZFDQMZXoUC83GyY
Frame ID: C7BCEE1EDC0A3017F8DA45B5A28C183D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM
Frame ID: 2D5C13DBD846027D1D30F6225FAC07F8
Requests: 5 HTTP requests in this frame

Frame: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6E0DC20285AC6FD4F24511ECA59FF5A8
Requests: 18 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 2675FB6EA9C8DC8FCD52231374ED02D8
Requests: 4 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 256C1F2163A17CA56B76398D8E28831E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 90E6B558A0D747F00571A5EF735F93E7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGLiu7PABMAE&v=APEucNVnifCdxCPRhNaGp3HG-6D5K0FMOwfGDZ9gG9G6sPDo0sq73iZlierlq8FXz8QOaWwmBGjQhFKN0-9I0oDl80isTnYmYdU0wD9-C82UdaHujUPpgUSEPotyvLhEl8es-p2gRIWeW3Y1mefGtWQTA6-nbYFkzbBs2rzEIGK9ow3EbGk7YsI
Frame ID: 66479C63C12F03E1FF91A605EE122A27
Requests: 4 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Frame ID: 5ECCC028CA7D3351446CB6D2762B804F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9769DA9D2698619CF1D5882981A2899
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77047E6CFD7484571082679371CA416F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CA4333945D36E05B90BD26B2F3BFEBA4
Requests: 3 HTTP requests in this frame

Frame: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Frame ID: F50F28A424A0AFFD55F8E640F1C2566C
Requests: 4 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: B2FD659919206C5DCEC05478F9B2D40F
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6DF26A0BEFB34D7EF005D06B912D71FD
Requests: 7 HTTP requests in this frame

Frame: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 6FED96D8839186D0C15688369AD14D5E
Requests: 1 HTTP requests in this frame

Frame: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 9A8AE7C8CCDB19FC8EBECD8EF42A26B2
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB18D884442BF736F5B4809534C1CB9C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1FB2F02589A461EAF74C2951BA8663A8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVmVpOEiGM8H7kyv2fu70_BUZejnGJvmSlIDN5q8W6fZJVSGuy4nGWuhP_C7jyBfbsqlq427cUHIiGJordo73Ep6669tnfBYZ8JGS6aeVO0k408TmQdUhfpZ8efrBjDq_1n9xI68C3vS9LyINtg3PilxWk96-GRIF2CR4LOzsJtz-zx9pY
Frame ID: 94E3092C0B67A52C8B1BD0BA7897709C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2825AD6102AE0A70DE544660B610D9FC
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 50062CDFED937D7F8F89B644B6D527D8
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: EE11A05503154BFBD379430C8FA82EE8
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989
Frame ID: CF0D510385AD675FF526A25005759377
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923
Frame ID: 9EC1AA7F56318278E4DABC5AF00C3501
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Frame ID: B6D20782482B613080F5CE8451DF0B9D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7F0941CE644290A299F82B56AE740A8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

清理積碳根本用不著跑高速，維修工教你兩個土辦法，積碳很快全跑光

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

284
Requests

92 %
HTTPS

41 %
IPv6

50
Domains

79
Subdomains

60
IPs

12
Countries

7044 kB
Transfer

11696 kB
Size

35
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://effort-us.com/book_YkI0c1JUK09tVEs1Vi9MelJ6Z1lvdz09
Title: 植物女教授穿越遠，她被美男野人拐進山洞，她推開他：「不生了，都第五個了！」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_UnFldjJlSmhla2RJdGduc1J6My9IUT09
Title: 他大婚那日，前妻車禍寶寶早產，她躺在血泊里拼命護著肚子：「救孩子！」後來聽說他瘋了，直到前妻牽著一對可愛的寶寶和他擦身而過。

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_emZlMlNReDNQWVp3aUV1MVNpSjhpZz09
Title: 熄了燈，她是他的私人用品；出了門，她是他的首席秘書。「玩膩了，你走吧。」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_UEc2U01ML0VMdTNMbU9UV2V2LzAwZz09
Title: 總裁在機場撿到兩個大哭的奶團子：「去查不靠譜的父母是誰？」「查到了，是您的孩子」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_S0piQWFmb2pxVklmUlBtUmRHVTd6UT09
Title: 「只要你認了，刑滿我娶你」，五年后，婚車在外等了三天，沒見到她。

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_Sk4vbHhjMStVMnAvZzdyK2lMblo3Zz09
Title: 大婚當日他同時納妾，她飲下毒酒，露出絕世容顏，「娶我，你不配！」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_M05HZDFoZkxpc0JtVGhtWTM1OTFlQT09
Title: 媽媽送入停尸房，女兒無助撥通了媽媽手機里唯一的號碼，全城顫抖

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_WitUL1pJWmdMekpkenE1S1Z2R2R0dz09
Title: 重生那天，她為了活命，在東廠門前大喊：「九千歲，我懷了你的孩子」

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.vaacase.com/xstat/pop/4813870/1 HTTP 302
https://popup.vaacase.com/js/ad?lang=zh&aid=4813870&host=www.vaacase.com&type=1&count=0

Request Chain 24

https://www.vaacase.com/xstat/index/1158 HTTP 302
https://count.vaacase.com/?1158

Request Chain 26

https://www.vaacase.com/xstat/moneystat HTTP 302
https://twstat.vaacase.com/stat

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLymNxfQx2jj-fyEupISQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB6UndsXzXFjXhlRI6KwrDw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB6UndsXzXFjXhlRI6KwrDw%26google_cver%3D1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNjE3NDQ5ODEwODM2NTA4Ng%3D%3D

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHvhrH6RdpiV2q4rlvJxlLY&google_cver=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMFwqPC7NhOgVOgXlUaHqK0&google_cver=1

Request Chain 148

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1&__user_check__=1&sync_id=ac944b29-290d-11ee-9896-1ef5e1e50306

Request Chain 159

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=ac92b05e-290d-11ee-a6c2-162d46060506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWM5NDRhZTUtMjkwZC0xMWVlLTk4OTYtMWVmNWUxZTUwMzA2

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEdJ6bS3MXdOosvSM2azX30&google_cver=1

Request Chain 252

https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 256

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=54011700012322104444994012394030&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989

Request Chain 258

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923

Request Chain 260

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 263

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELtF9Ny-zEoS4gqGhpw9kVQ&google_cver=1&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241Rmy1xSs-sVGIvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241Rmy1xSs-sVGIvw

Request Chain 266

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJqw7rgz8xv_at1P28-wpZ8&google_cver=1&google_push=AaAOQGFu9GG0Id6UfmDDrwM2Xo54jmg4b1OgmRbDh1sHSwkAbX6GnrTs48vQI1kPLOYPp7A65BSGFRkLeW8NkQmCLRTEBNHNIwrAtQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJqw7rgz8xv_at1P28-wpZ8&google_cver=1&google_push=AaAOQGFu9GG0Id6UfmDDrwM2Xo54jmg4b1OgmRbDh1sHSwkAbX6GnrTs48vQI1kPLOYPp7A65BSGFRkLeW8NkQmCLRTEBNHNIwrAtQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mXFXfkKwT0-DU_MbGuCJ9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFu9GG0Id6UfmDDrwM2Xo54jmg4b1OgmRbDh1sHSwkAbX6GnrTs48vQI1kPLOYPp7A65BSGFRkLeW8NkQmCLRTEBNHNIwrAtQ

Request Chain 267

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHMvI-RQX2BdisaSCxLUk0I&google_cver=1&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHRaqvpqYiwQ-YJ7mYi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHRaqvpqYiwQ-YJ7mYi

Request Chain 268

https://match.360yield.com/match/ebda?google_gid=CAESEGBNeg-KNq8YVWTAOI1VwRk&google_cver=1&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyuw3TEnMig HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGBNeg-KNq8YVWTAOI1VwRk&google_cver=1&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyuw3TEnMig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GckamqGSRUilxH1C_vHEWA&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyuw3TEnMig

Request Chain 269

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFs3P6oJZI4ijONFh1DcX5c&google_cver=1&google_push=AaAOQGHnd3NDClnHqD8jJsv1u3ZG5XlEIwB5dMqiPfljZTAw0euQnuZ8InTuuZugdanmpmTo1CAXKlJqQU4-zJ_fU9FACCIjHsjTAyY HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFs3P6oJZI4ijONFh1DcX5c&google_cver=1&google_push=AaAOQGHnd3NDClnHqD8jJsv1u3ZG5XlEIwB5dMqiPfljZTAw0euQnuZ8InTuuZugdanmpmTo1CAXKlJqQU4-zJ_fU9FACCIjHsjTAyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ca5fd692-8e72-4511-8821-2669f8119396&%%GOOGLE_PUSH_PAIR%%

284 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09 Show response
www.vaacase.com/ 38 KB
11 KB 495ms
257ms Document
text/html 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db759d3b121ec1d8da4794e0451bc582fe3f93ee99abb820e14088e089bdcee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7eb1066c7f951c26-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:57 GMT
expires: Sun, 23 Jul 2023 12:01:57 GMT
last-modified: Sun, 23 Jul 2023 04:01:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv5PrGokGpweR11mk5hA8%2FDrrLHu%2FFuQ0BVky2Mdw%2BduxM4I5LgGm4D52AErvCBpDedeg9S6wnc0VB9aB%2BZYJMovsq%2FXE%2FkMCrABPaWq74YrFINuevFDfR6BBHIVZNUkfMHpQT61aLnbAOP2rc8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 font.css
www.vaacase.com/Content/global/default/font/ 3 KB
934 B 231ms
229ms Stylesheet
text/css 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/global/default/font/font.css
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 12 May 2023 03:55:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0253988584d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo8ECVL6L1RtSxRwosBvBlTXrq71x2qpOJ5z%2Bz1nD6%2ByzC%2BFfj3X7qprAjWAPNkCeC5rRNEOrmU7UxC9h21JsFjgsIMfE%2BhK9%2F5iVZHLPtd52yTQ7VNb94MktNQEYTOZdkQHr8EBg%2FVIKSPkhiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7eb1066e18ee1c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:57 GMT

GET
H2 200 css3.css
www.vaacase.com/Content/global/default/ 25 KB
4 KB 421ms
420ms Stylesheet
text/css 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/global/default/css3.css?v=31
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 07 Apr 2023 09:17:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6cfb61c53169d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BCQDULmuqX4b1Jl81y%2BH0XdG84YmFQ8UKmyCIoCtYZm1Pl%2BBI2KJUY7k5hg%2FpNkgC5wDTtvb%2FLIfBrOCVuNcDFKgplZYef4gRbB%2FsS736ipowLXqYLSc2s9WDwyuu3%2F1XgYzd7PmWjOAgsaAQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7eb1066e18ef1c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:57 GMT

GET
H2 200 globaldefault.css
www.vaacase.com/Content/css/ 362 B
514 B 415ms
414ms Stylesheet
text/css 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/css/globaldefault.css
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Apr 2023 08:54:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6256af88e56dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN%2B6abDVQSOcu%2FT6eIjD9FLcGF%2F%2BqXHhezKyvWwvvwW0xTLKTXnAFX8Rf5K26iwK1LQrYCabXC%2B6aFJ1ZoISjO%2FiHH94cMe%2BAfYPWRFnk40NjmxsRtGG2Es6lxSjBDMb1zBxaNF1cvolaVl4BZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7eb1066e18f01c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:57 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 81ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vaacase.com/
Origin: https://www.vaacase.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6507680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOw6qgWK6FjACwUJcO8wiSaWdXgktnhBXI3s04iPycoIAFlFYx5NiqqcaZTG9CsK3%2BBEeiMqUT99rKjKA0M9RER0VWupsKTrP%2Bm09YyE5kEOWKgbIcBgv1w4MJRkjeLZtK2qbzpSfEB%2FrMI2ZQopCpfn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7eb1066e693e693f-FRA
expires: Fri, 12 Jul 2024 04:01:57 GMT

GET
H2 200 contents.css
www.vaacase.com/Content/css/ 7 KB
2 KB 227ms
227ms Stylesheet
text/css 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/css/contents.css
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"80d6a3dfb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktTAMuk1BeGdO0Juhn7s6ItuQjHSaoBjy7eP%2BxNWXntRtV8wWCa6IpbuWN%2FFY73RfusiZtrKKQclECSAh%2Fe%2FWhvi5dN1gPf%2BG95CKgxtes%2B%2BqqjKB2PqFm2ab1DwK%2FJuIxaKg%2B32Rpps087LZ6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7eb1066e18f11c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:57 GMT

GET
H2 200 openart.js Show response
www.vaacase.com/Content/js/ 86 B
416 B 412ms
412ms Script
application/javascript 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/js/openart.js
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8891fdbb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUImvCqYS7TNOAtMrdbpxEObLbOk3bICKkGMUlFmvO4MAoY85M8OedVDdCMaDGo2TjKn0iDKYbudFToIp9TD%2FvQ%2BP5qF9%2BD%2FKCZ20oemWSy%2Bo0lNu8jFnuDH0N3By27st5THuf2aL54tuF2b8a4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7eb1066e18f21c26-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:57 GMT

GET
H2 200 8E790F43951B.svg
store.vaacase.com/logo/2023-05-04/ 8 KB
4 KB 106ms
31ms Image
image/svg+xml 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/logo/2023-05-04/8E790F43951B.svg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 074374bb2697a9cc96b9fa9af73e28f40d8e858150b55810e1f85027a5f79673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345249
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 May 2023 02:11:35 GMT
server: cloudflare
etag: W/"94f9e9c02d7ed91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WvUtZLiJzKue5qDEpUJ9fBF9rc3EQoiFIxzb1n7o9UEVt%2F3oeMHDqrtKXw8Y9HlLW1rEi6qbDZvGXR%2F7cFh7T1WhPInSJlV2JgiOzWHO71Z79zHPVQiBzI%2B%2FKPde8tzdIU9aScgnGEhBFH%2FfcRbEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106715f84bb8f-FRA
expires: Wed, 26 Jul 2023 04:07:48 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 39 KB
12 KB 87ms
23ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 12:53:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 05 Jun 2023 08:20:47 GMT
server: nginx/1.12.1 (Ubuntu)
age: 54493
etag: W/"647d9adf-9aee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12131
expires: Sun, 23 Jul 2023 12:53:44 GMT

GET
H2 200 BDF1F95EF975w900h605.jpeg
store.vaacase.com/uploads/20230110/DF/ 73 KB
74 KB 143ms
68ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230110/DF/BDF1F95EF975w900h605.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db8aaa44123a21774674b4cb601a75ac18aa53d3360c3fef3b3c63c08d083888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 07:06:05 GMT
server: cloudflare
etag: W/"41ee951c224d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecCTP%2FGcktBeLdFJoZ4aFWrLXpTCQ6iDFg%2F3O%2FxMxv0Nw%2BCHeyvn7%2BYaVCbkuouNaMv4tEPLIhTYi25eZsLLSvGthqOzoWRJJcVsvrnwD5mBugn9YAePob8kPtQ2AzjYgZ54IBR4bCrGuwdk9q63tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106716f85bb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 DFF747F120E2w900h582.jpeg
store.vaacase.com/uploads/20230110/FF/ 70 KB
70 KB 144ms
70ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230110/FF/DFF747F120E2w900h582.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a436e46e9fb251c84c7017f09cf38241162e5db8d0c8ad09919467847c1551f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 07:06:05 GMT
server: cloudflare
etag: W/"41ee951c224d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGrE%2BxF9Fj%2Fkzkz1z6rpb9lSfVvLuek%2FG1U%2FnxYvwJDhdAewXn6mwSxvK5Mf3GXmYQuYFGPUOAw%2F%2FQkq6h1uUReD6J2l1xl25Kx82MCiQqDbesFFY8yCkkwh6Vyl1xHhS6yyFnlfXjKScKYhMTzDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106716f86bb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 AF5DAF74ED68w900h612.jpeg
store.vaacase.com/uploads/20230110/F5/ 71 KB
71 KB 144ms
69ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230110/F5/AF5DAF74ED68w900h612.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6357245903b0f4b73e17a6c77a2be4f56c7afe851a8588c9f1530152f9cd2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 07:06:05 GMT
server: cloudflare
etag: W/"41ee951c224d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57AxyP3jwbX2y4A2D7ONzZFZy1%2BksT9P8KDGgT9kEHcYBELZM57FvuFrGTIAEqmgWQl8BcBdaitpS24%2BFNMMdCEyclUN710CsSRk9%2BHgBOANMhqF%2B6rRVbvAHgbY5tmlCj2A7Il4K9%2FglZT6DHzTHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106716f87bb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 1F54842BE17Aw900h574.jpeg
store.vaacase.com/uploads/20230110/F5/ 76 KB
76 KB 143ms
68ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230110/F5/1F54842BE17Aw900h574.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db4f2a831f9e3b341e65e11d4f0fef87ebec4a743e3dac8b1ac586e2fee2f9f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 07:06:05 GMT
server: cloudflare
etag: W/"41ee951c224d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOlcbi4p3HtLuWbXsKmGK%2FAFKCm5p6tc%2FrIO6Oqsq7k1OJEYBSMGFBgU8P1CKym7i8Leo49qZfKb1kEpgQNiNgOjEx87yHWBPhE%2FKUKWNG%2FC4gugs6S94yfAZDzfm5PteqyD3IFCbbctwuFgoL5wpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106716f89bb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 1545CD7EC681w900h605.jpeg
store.vaacase.com/uploads/20230110/54/ 68 KB
68 KB 143ms
69ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230110/54/1545CD7EC681w900h605.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 56b88e65d285c8cb27d1955a9dd9b3e82cde51d77366b095b32b6c5c59a26c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Jan 2023 07:06:05 GMT
server: cloudflare
etag: W/"41ee951c224d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCpQmLqcMR0OXIOByDxRf8TN1XXSSm50jI%2BXfZDRByGLHMtWVHQ5v4zaf7dpselNnUnEv2mNHGbGFlmzvtxJSDcQgV8WXrBHGIvXtw1TKaYpGmnqa7a5dXsMH1tOBlGvULTihUsXvYnXc70h4hGd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106716f8abb8f-FRA
expires: Sun, 30 Jul 2023 04:01:57 GMT

GET
H2

200

ad Show response
popup.vaacase.com/js/
Redirect Chain

https://www.vaacase.com/xstat/pop/4813870/1
https://popup.vaacase.com/js/ad?lang=zh&aid=4813870&host=www.vaacase.com&type=1&count=0

5 KB
2 KB

439ms
420ms

Script
text/html

2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.vaacase.com/js/ad?lang=zh&aid=4813870&host=www.vaacase.com&type=1&count=0
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 994032c5666f4116f40104a03c983c0542b5c1a20c2c984a689574c14eb10b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jifknq4Gx6DtyH2TCe4JffmMbnxw2vxF5v0IwjwFfo25kl8my7HMQnJD2FBBRXJAZzKUCykEugGBDJLjHXjwWSNohf08QiIW7nM2CdYDbAZoqfIQrjzPcnUOOcEMF7aZiJyfzrYPAcm%2B4XexbvlEEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7eb106736926bb8f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 23 Jul 2023 04:01:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtdeIP8sWFoGPo%2FESig4orKh1AKIRHNc3PA2M0no7cilFaL1ffm987u3zP4hvJMaGHmog3CsE%2BOK0clQqipGVIIRq2nxo73%2FDd963vJUpiuVO2YMPLtEly02StU7h9OEpDuADqvhAHyslRaHarY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.vaacase.com/js/ad?lang=zh&aid=4813870&host=www.vaacase.com&type=1&count=0
cache-control: private
cf-ray: 7eb10670bb5818cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 91992A0E2AF9w1000h525.jpeg
store.vaacase.com/uploads/20230722/19/ 64 KB
64 KB 51ms
50ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/19/91992A0E2AF9w1000h525.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 00e668b79eb6dacf1a5656861df768928491931f00e8d5ff7c99751553050c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50419
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:41:18 GMT
server: cloudflare
etag: W/"eb9e99235fbcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayI7AgGb9oaGTHiqd%2Bcouz2o2z4qFUTgMPV7mlPqqfDZ0wPZKMmMcA6pnGtMeeoGmTmVDjYA0mQ1DSgeQl%2B3oZ9eWAB%2BhzstnMelWQ1DQoQeEGsHfJoyweC9bsTtg4ugRMrIACX2uQfIrzYiOcqA4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fa8bb8f-FRA
expires: Sat, 29 Jul 2023 14:01:39 GMT

GET
H2 200 AE72D3D958C4w864h486.jpeg
store.vaacase.com/uploads/20230722/E7/ 82 KB
83 KB 28ms
27ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/E7/AE72D3D958C4w864h486.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 45d70c2af5e738b341189f613dff2fb93d11be36454aceda53fcb2d2b6c6398c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57641
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:40:24 GMT
server: cloudflare
etag: W/"bd821235fbcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLMK2EvPY47tmbyBPakLCkifl4wRY2QzN%2F5yxhcbZjF6XrO98GjgP4JDbsqSjxDKqfsPZDZtoAuNwydJhVujEfDbYiuuGzme49Z1SXdurpRNWLoqzZBi69nOAI28J5dHn9JyDR%2B%2BaWWi2MsNJ8TQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fa9bb8f-FRA
expires: Sat, 29 Jul 2023 12:01:17 GMT

GET
H2 200 876E6F154BB5w640h427.jpeg
store.vaacase.com/uploads/20230722/76/ 36 KB
36 KB 50ms
49ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/76/876E6F154BB5w640h427.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f2aafc24d21d1e1eb885bd5be0b1223889bac93b19da5fbe294bc947f215bfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50419
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:39:23 GMT
server: cloudflare
etag: W/"e7f79fde5ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJZ%2FuyObV1Bx05ajAuIu3WhElPPGfpbvu1KhOKh6qOXDcKxS%2FDttAC9Rs1ZMv6DmBvsfOlaawNvoUn8J2xpvWsE6ifAeC7Az2ZjrmqBIAWrczTn7c04U1qQOeUuQcC6byskx3w%2FFQGz2qb2KKPczXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fadbb8f-FRA
expires: Sat, 29 Jul 2023 14:01:39 GMT

GET
H2 200 467C170C4FC7w640h360.jpeg
store.vaacase.com/uploads/20230722/67/ 54 KB
54 KB 59ms
58ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/67/467C170C4FC7w640h360.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6d488d8ff810bd5b791ec0951f0f8f784bd6c3918817a4ec83a6650289e16e54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:38:50 GMT
server: cloudflare
etag: W/"6ee123cb5ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NszP1FL4e1Laziz3cKT3agpZ3hAXYE7ddf9U8HqhgJD7QhpvmV8iNvgjXgG3dSmor8Pl9L7GXQBF9rFRjQiq6G%2FEGT1e3PNhlnVxhfVGGyt7h8%2BrHxs3JTB9LA7aTB0QCywBJqV2hTqiq2ueTTEdbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717faebb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 258B6BB0DF05w1000h525.jpeg
store.vaacase.com/uploads/20230722/58/ 44 KB
44 KB 52ms
51ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/58/258B6BB0DF05w1000h525.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9a10a619ad45b680d50c999823a953b5bbc326cb6029572b243db24231bd2f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57641
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:38:15 GMT
server: cloudflare
etag: W/"d7d078b65ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpkcZS17KdEPGHYgS0OmLCbj0Cx%2BeWQqDH6ZxNTTijT69NZo%2F%2B9PuHIjzi6f8YTgVdix7D9juN90QULh9ZOY22kmEaAtC4VMp64OixIahPiws4WqjGVf2ChVe4%2BA8b0vs0d0v%2B%2FHOYtu3I5xvPqVeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fafbb8f-FRA
expires: Sat, 29 Jul 2023 12:01:17 GMT

GET
H2 200 7A9097F754DCw640h512.jpeg
store.vaacase.com/uploads/20230722/A9/ 32 KB
32 KB 51ms
51ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/A9/7A9097F754DCw640h512.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b72b3fabcc4e2dcade89583297e57384901ed3f243c73f24adbafa48a5e9efb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50314
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:36:24 GMT
server: cloudflare
etag: W/"ae3fb735ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BeTn11t%2B1jNKavwCo573A7AEz4PN07mEpD2G%2FiLHia3zb3Bm81V9VlYCr0jPNzvH3D6F4hqh33zermyz%2Flcw2zdHrV1lMtTa74sytV6Eer9%2BBw6iBb3psu4vbkzS53da5AYzSr6U%2B%2FD8dXC5SyKAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fb1bb8f-FRA
expires: Sat, 29 Jul 2023 14:03:24 GMT

GET
H2 200 06851F47A597w640h360.jpeg
store.vaacase.com/uploads/20230722/68/ 27 KB
27 KB 51ms
50ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/68/06851F47A597w640h360.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3932d1a4891db7fdd419eb96fcb45f66bf969b24c275f1d119897690fe52edf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57641
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:35:27 GMT
server: cloudflare
etag: W/"ba9efb515ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjZ%2BK5Itwog1tbuXeFeqW097nXc514pQTMkwOqihQiL9R8pP0pmDq9XjyJ%2BNL3iu0pw2hmNFzue1Omy86x2%2B1SHJYJ7x5TE%2Fl3dqAnvmEnsoYyn9XIuNlM9zDE9JFCVkZ%2B5zHS4twyNdmYQNRDDRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fb2bb8f-FRA
expires: Sat, 29 Jul 2023 12:01:17 GMT

GET
H2 200 7CBF444C4470w640h342.jpeg
store.vaacase.com/uploads/20230722/CB/ 26 KB
27 KB 72ms
72ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/CB/7CBF444C4470w640h342.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c2db2ccde872f276511e672967f10776d4a16d76cc0110abaa70bd42ac21d65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:34:53 GMT
server: cloudflare
etag: W/"8ec11b3e5ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05i9XyTUNs2AM9uym1HMElJ6ud0p0RGiD0UHLaFL1ugdaZpuxbMB4G4n9FoHuTh0E2dG9GdCe5Mn9PJNh2R3S1OHQYd1ip7E0IBx8JiqpcSDQOheYDwGsLNmav9lt1ChbE%2B9GNmjanfzxI1UJEgmCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fb3bb8f-FRA
expires: Sun, 30 Jul 2023 04:01:58 GMT

GET
H2 200 8285AED7FE09w864h486.jpeg
store.vaacase.com/uploads/20230722/28/ 71 KB
72 KB 52ms
51ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/28/8285AED7FE09w864h486.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06ce36654840dd406850ad3e56eeab99b9a333f0216707d5d78b7ac828415dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57641
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:34:13 GMT
server: cloudflare
etag: W/"85288265ebcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iASL%2FbRV%2FtWjZmq20yhsdgXCyEcErdKs%2BTkq5o3sN%2FYNHBVJ7TdwHeice1%2FvDByD%2FzUm%2BbO7NQwlFItaw%2FMILBd462j3WoY7hH%2F4Wj0VYv533oo7OBh5ShBGRx33CtlqdZOMLtW058qO1Bby3qC%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fb4bb8f-FRA
expires: Sat, 29 Jul 2023 12:01:17 GMT

GET
H2 200 F186065440EEw864h486.jpeg
store.vaacase.com/uploads/20230722/18/ 35 KB
35 KB 53ms
53ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/20230722/18/F186065440EEw864h486.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c92ed5476c6196bf32c85c584484c67eed2a82f61d258eee9a49adc6c5ac56e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50314
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 05:32:46 GMT
server: cloudflare
etag: W/"1ed529f25dbcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmNLm6W5sVq14IUdisui5IfiLGQw4%2FncKOiS175DJ6oFlb6G3WEiPJEgcqFK487vxB8aWgI%2BeteQTXLXqwtpUibkN6wh8n1TTFec2N8F7yYqFfoyN3fv4TN13OwbLLgr%2B%2Bu1Q0dxIeKaLkJl0Fr%2B6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106717fb5bb8f-FRA
expires: Sat, 29 Jul 2023 14:03:24 GMT

GET
H2

200

/ Show response
count.vaacase.com/
Redirect Chain

https://www.vaacase.com/xstat/index/1158
https://count.vaacase.com/?1158

7 KB
2 KB

563ms
390ms

Script
text/javascript

2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.vaacase.com/?1158
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 377617a04febfaa3218890f1f999fc5e2a97aad01c3c755c976a79ee0038a1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIjyDih2obsCb%2FhPeuGSVzkvZwjLHGXKerZaYKNN%2B2wT3cANucD6FT7rvgRoqIYsBmMzH%2BuM6gj5p60XsBk8w2TXmNRDq2a1VQJkPjJGO5yrP6HIMG0LLygZJAKIlh3HzISb7Aq8I5vQms3s%2BHNo4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7eb1067459dbbb8f-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 04:06:58 GMT

Redirect headers

date: Sun, 23 Jul 2023 04:01:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWErmZsk5lxAxPT3%2FAf0XWKT9tw5ki8s8a0jnXGiiQdm2ypcktOXotBvtb%2B9XPvuHrD5CrEj%2F%2Fmy%2B2i6VlTz%2BiRZputkOITVOk9UL%2BJ3WKWw0Tla91a%2BFKH3mPF6SaL8CSrtW%2B%2B4wRaO94IMEEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.vaacase.com?1158
cache-control: private
cf-ray: 7eb10670bb6218cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 53ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 813259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQkb%2BPIR0%2FN3DQuugqpcc36%2BOqROWDDrUguRBG1NRpRUIR2Oryc80OQC%2B0XZzRhs0y%2FpQlcKB8lFmQZme1%2F%2BvYIiZjd0k%2FBYsMaPCUoQcWXqXpD%2BzNtGxQwyS19e4CORd89W%2FnqybKppi4I%2F5dJE8LvP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7eb106710ab39a39-FRA
expires: Fri, 12 Jul 2024 04:01:57 GMT

GET
H2

200

stat Show response
twstat.vaacase.com/
Redirect Chain

https://www.vaacase.com/xstat/moneystat
https://twstat.vaacase.com/stat

6 KB
3 KB

443ms
401ms

Script
text/html

2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.vaacase.com/stat
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 41a8c16bff7d2ff0bf18149d440e4d63cbad9379663aa0aa424a4cbf162d031e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gObJ1YDRlkhQBupWhnl%2B0v%2B58Q36mVReN2d67eylgj52n8%2BNJ0oMXeN9cRv6ChI%2FL6%2Bzq9sw2QfFmqIqYablWOmpCh772Q%2FabWuY0grPkp%2B7fKMbL4NOvkNVsGwsLUrHwZh%2Bk%2BbOw%2FoTvIA4Vfxvsrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7eb106729873bb8f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 23 Jul 2023 04:01:58 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQQpJxJIyT%2FwE7gb7KY93i2b3YE9SAaAflby8jHNvFuTLTRw02pJNSZwnM2sxe%2Bsf9N1dvN%2BKClbVmunc22S7%2BCBbbPxpEcNr4FIlOdLcWmaKZvJvxuu3fNWMcvaXFrKljxKqAVnh1rCE%2BTS5nU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.vaacase.com/stat
cache-control: private
cf-ray: 7eb10670eb7b18cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
www.vaacase.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 26ms
23ms Script
application/javascript 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vaacase.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 17:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b6cdef-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8YXua50Bl%2BFDFEoPRnDbMd5i5z%2FNX9JL7jcK5zVfN7NFSMaAA6TZFTt4hsTbQNA7BiO%2BkRtpoJvgZOFjGF86jKS9MtktASc2yNZA3VdXXRhC9kPZIL512UqY0vW%2BdNDHYFVdGAqBG24zjgF5pI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7eb10670eb7d18cb-FRA
expires: Tue, 25 Jul 2023 04:01:57 GMT

GET
H3 200 top.png
www.vaacase.com/Content/images/ 2 KB
2 KB 442ms
440ms Image
image/png 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vaacase.com/Content/images/top.png?v=3
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1810
last-modified: Wed, 22 Mar 2023 12:52:23 GMT
server: cloudflare
etag: "73bad625bd5cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BM9qw8remWoEfcP2whoqCAmXjeLHp8CgIpDMa%2BGzu1TTch0%2B0iYTOFkwUslDpwiOrbWDJ%2FXYHS7RDN1tMhK8lvpwHn7riZqlQ%2Fpf%2BqSTNEAjoBh7wOH5TBhGc9%2BcJlK26HEjRWHuEWFxlJVMRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7eb10670eb8118cb-FRA
expires: Sun, 23 Jul 2023 12:01:58 GMT

GET
H2 200 / Show response
www.scupio.net/kanglei/ 3 KB
2 KB 642ms
569ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scupio.net/kanglei/
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.9
Resource Hash: 5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.9
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf%2BWgJLZzCFiX20KqsTBhVbYidueYD8%2BblA1z5Zy1aqKiK2qvcR960JlP%2FwSfN%2B8uGeO75J4E4WKmhApAjzA%2BMJcVD8RiQleahjE1CBo9qJoyo3xV60JHLqrDIs0vYMjQUYbE6P%2BSK%2FwjBVvgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7eb106715af02c5b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 globaldefault.js Show response
www.vaacase.com/Content/js/ 2 KB
1 KB 443ms
440ms Script
application/javascript 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/js/globaldefault.js
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 06 Apr 2023 08:04:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5bab43665e68d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Fp%2BnB%2BnbdPDty3uWJ83yaoM7uk2sGBjK4t7MNo52OJuyFC7swhTLq%2FCwRAiuTVo2ClYU6xS%2FkonsVt0Prb0otwJwQdatZmRGJShhrNieL6kY0MFn1EXq%2BhVQt9DRMGHdzsP26LxlIuTH5aHzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7eb10670eb7e18cb-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:58 GMT

GET
H3 200 innerAD.js Show response
www.vaacase.com/Content/js/ 11 KB
3 KB 230ms
229ms Script
application/javascript 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/Content/js/innerAD.js?v=1690084917897
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1dae407d996ce9f8b25d5fbd18932e8a9282af677882efa24646e4bb715c502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Apr 2023 08:48:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0bedfc0e46dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ets7GWSCPuJJo2%2FINn2h3G%2FHdgYTRqtjgNKjVYVOgaevPIBAQMsEAuvfBm5F74bpDGFauF4T9GIlHWlHgTs4OgpB7rL9VXCooUHaKYgBtLhCRu8EzKYui%2B5738gIsheGBQVvNbvM3Dev%2FVsSArY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7eb10670eb8218cb-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 23 Jul 2023 12:01:58 GMT

GET
H3 200 gmifr_lei.html Show response
www.vaacase.com/ Frame 78C4 1 KB
1 KB 410ms
408ms Document
text/html 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/gmifr_lei.html
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7eb10670eb8018cb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:58 GMT
expires: Sun, 23 Jul 2023 12:01:58 GMT
last-modified: Sat, 22 Jul 2023 14:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kadd00yKb149XKPJxN%2BqGQg%2B4ZCEKAnr29ruEiRT0hyILSLgxMHW1tZvTCCWWV1adHUAAnpT4cSpth0ywCDElJICNnrI5U6Dvoz1AylfCq9FnWmWjeAQcGBu1y9M61Wgivw7780SMdOH83MV5U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 101 KB
37 KB 190ms
47ms Script
application/javascript 95.100.64.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.64.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-64-43.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 1d518d4a321c9861b70b31796f8b089e46ed48c3baad85ca67c0d5ca09ab784d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: YAisaWzdM8j25oTWVzMipf_X_Wb_Oirc
content-encoding: gzip
date: Sun, 23 Jul 2023 04:01:58 GMT
last-modified: Wed, 19 Jul 2023 22:01:30 GMT
server: nginx/1.20.0
x-amz-request-id: AYGR8WG9NF75XKTK
etag: "8eea0d5f4648c9c8b96fbf4fc3adbc2d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=68904
accept-ranges: bytes
content-length: 37067
x-amz-id-2: dBHy39a5nUf32FelFPWe9QTrlEQE+tPVPsAuHWEZPC4kViSUa+ZypxKznA/f/dklR1GG4jjATJk=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 79 KB
17 KB 1253ms
487ms Script
text/javascript 3.114.159.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.159.208 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-159-208.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2b9926619b3499fdbda8697a7f949a42669db5a041fdc3489e974610bfffc70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 839 B
1 KB 1196ms
673ms Script
text/javascript 43.201.176.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

43.201.176.23 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-43-201-176-23.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"347-8GoA0VRJvJkpQNrk5QcObAOdyHQ"
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 78C4 2 KB
1 KB 589ms
519ms Script
text/html 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b5803d0cdeb7f2165c836c4de8d4ec1ec30af32162b1be00d9f44b62be956e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvFSO%2B%2FYSlP0BtfVK%2BHm5OFmPxf3mcRnQ4OUFhAzMTVTdT19S4yQEE2yMuR8mDrIbkb13FihZmie85EugTNtSLWdPcAbe6oem%2FJCk%2BN1eBEoxCG0JriW%2F61nzpFdUjDz%2BGjWdWiWiivsEsTC0lRat3NwEP%2Bo"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7eb10673ece24d7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 95F223E0062Ew658h370.jpeg
store.vaacase.com/uploads/2023-07-20/ 40 KB
40 KB 35ms
34ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/2023-07-20/95F223E0062Ew658h370.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1f9c931b987c409515d39cc15b60dcc8b18386ef0f1ca5a527d5a42041053e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165571
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 20 Jul 2023 08:15:09 GMT
server: cloudflare
etag: W/"9b4a8c4ce2bad91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxvqST3on%2Bpp8IxYRZeOzfMVaU9kpcX0eR2fS%2B9lRc5UdxGwJmGOVRgt4VhaC1XOb88IZwXH0Uv2fGSerfjTlonYSRWaFvlPpykCsZtAKOWEnqhF5cOURpEi1pVVG4mP5xZrdocD2PF8V2bEEXDpWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106761b2dbb8f-FRA
expires: Fri, 28 Jul 2023 06:02:27 GMT

GET
H2 200 F16BF93EA5A4.Png
store.vaacase.com/uploads/ 3 KB
3 KB 39ms
38ms Image
image/png 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/F16BF93EA5A4.Png
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 195e6636d3f6dce1239d1ee3a5b5d3833baa50b3248934f29a60618f5d9fb35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165498
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2019 05:10:52 GMT
server: cloudflare
etag: W/"6fcc75b81315d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9E4P%2BzK2YhoQHT4imrbuTLa0fcTwXsRTTfdgBbqoO%2FTyiRo%2BxF0L58XRE%2BHEDGiqwX8pl9NZcnF7RBYo%2BJKfMXE%2BR5PvgXGYqAqmUnOxt8YQorBi5vki6dH30douMOl0qRoHWILqlXBZTCURIO0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106761b31bb8f-FRA
expires: Fri, 28 Jul 2023 06:03:40 GMT

GET
H2 200 CB8DFA9879F6w1200h628.png
store.vaacase.com/uploads/2023-07-20/ 2 MB
2 MB 28ms
28ms Image
image/png 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/2023-07-20/CB8DFA9879F6w1200h628.png
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64902ec21be8580587f7940d93357cad631a498df0b36351477da22c8e6fcf61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136838
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 20 Jul 2023 08:36:17 GMT
server: cloudflare
etag: W/"cd747340e5bad91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kz6KNWUQ7cOM4WXjxgeIlBY5O5pFOq1TSuGeK7Vc2z7emeB2%2FT2aNZnY13s%2FtP%2FtP7cOClo0R93dpk3dVveElMyySZYYRTqhU6gJuahz9wO6ptXFb8rkjnbOBw02VXfN3YZ8vKYAG9N1fc8Ubk%2BSaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106761b32bb8f-FRA
expires: Fri, 28 Jul 2023 14:01:20 GMT

GET
H2 200 74844B661570w1200h628.png
store.vaacase.com/uploads/2023-07-14/ 1 MB
1 MB 31ms
31ms Image
image/png 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/2023-07-14/74844B661570w1200h628.png
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e5dadff75979305810165f460898d4395bab3f78ae29a3e51ffbd7c41f5e663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50313
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 14 Jul 2023 07:02:18 GMT
server: cloudflare
etag: W/"e7c7c72021b6d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk1sBzek42bd%2B5sJq7gGAEq2f%2Bw9QVVWuudMtflvooOYmjGG0Zu%2FAu2C2g4%2F71hoo%2BDxbZs9opHgb2DJTDX1emS5g8PX2Rvg8N2jpCn69WtGkqDU9TZeQ2PMswY0hKzIk38TslQiMsSxLe6gZLbRpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106761b33bb8f-FRA
expires: Sat, 29 Jul 2023 14:03:25 GMT

GET
H2 200 947AFF8B9912w1252h654.jpeg
store.vaacase.com/uploads/2023-07-21/ 76 KB
77 KB 30ms
29ms Image
image/jpeg 2606:4700:3031::6815:304d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.vaacase.com/uploads/2023-07-21/947AFF8B9912w1252h654.jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:304d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a79c2f154599886f44bc9a76f334aee4f9fcb8777cd4babf19fe185f05e038c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165498
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 05:29:51 GMT
server: cloudflare
etag: W/"e476a5f94bbd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1VL0q3GddkFB7lU5SbTbeSljbqaitTCuYdqrlsiDnZ5NonKilrIcohVRgSC%2BZOxC8qOC5nCAY2QES0wTiGBYj%2FFZ%2Fm0oC%2BI96Id%2B4zwe9cP6FUZGU49tS%2F%2Fvlpbt1DT4%2FUuYCtiYkYERK77LOLzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7eb106761b35bb8f-FRA
expires: Fri, 28 Jul 2023 06:03:40 GMT

GET
H3 200 gmifr_lei.html Show response
www.vaacase.com/ Frame FD98 1 KB
1 KB 31ms
31ms Document
text/html 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/gmifr_lei.html
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7eb106762f6418cb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:58 GMT
expires: Sun, 23 Jul 2023 12:01:58 GMT
last-modified: Sun, 23 Jul 2023 04:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7lfgUSHxmZM6Vzw2CLuVCMSk5Dnd%2FPE8KgmDmVShy%2BTpvpaq5y%2FEFAVmwFFXptUNIiBJdWgB7BDcXiSPxQ1Rd0EP2b3tVftjXU8Ihh54LCl3CKzxkC1Zby99IMtt0JV11BMabTf113WL0d%2BVo4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 / Show response
static.intentarget.com/track/kangleigm/ Frame FD98 2 KB
993 B 516ms
516ms Script
text/html 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/gmifr_lei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca97ba63a756b341df17b81955d1f204671561c6751aec5455f06e4d2ac7f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jM0RlQ%2BvbzQow8O0AuNNWkyb0gl9N8W0u%2Brv5Vs6Gb7chlpipf6x%2Bs%2BQLqXuhPTUzi4j5Q3e%2FDFn%2FRwJHDml19mvNF%2Fk5x6Y1eGPz7VOKl8cZATks%2BIxnealj4SCyiLBke5cIY3cEAqKjD2AYNU9HCRMRcB"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7eb106765e554d7a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 1106ms
272ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=6c59d540-b2bd-d73f-a8e2-c08159713330&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&referrer=&rd=0.8518955593656121&sid=1158&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/115.0.5790.102%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:01:59 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 99ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Requested by

Host: www.scupio.net
URL: https://www.scupio.net/kanglei/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83eb567af88d56072761e7425f0c09c0e210247d26129e16f7dd4ed35ae2243b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65969
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jul 2023 04:01:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E8F8 80 KB
27 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80bf194c9c096d688e0ae860100ebee9a1bb0a2a74bfb3dcaf5d06b9052ee4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27583
x-xss-protection: 0
server: cafe
etag: 944 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 714C 80 KB
27 KB 136ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a3e5516719a62582f9e5e21da717d74398e393bf933fcd1255952bda384c8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27583
x-xss-protection: 0
server: cafe
etag: 54 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1B0B 80 KB
27 KB 143ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14955b82b802c4c4d7b497174f47ccb877457de9afca4be74b45352bb3355b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27591
x-xss-protection: 0
server: cafe
etag: 487 / 19561 / 31076291 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C544 80 KB
27 KB 130ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1bf842593c18749fd88f8617b7cee2088ec2f4a2c584c95b392631cf50e7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27585
x-xss-protection: 0
server: cafe
etag: 881 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

POST
H3 200 ad0113 Show response
www.vaacase.com/xstat/ 2 KB
1 KB 219ms
218ms XHR
text/html 2606:4700:3035::ac43:b5bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vaacase.com/xstat/ad0113
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b5bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0775ae0e617cde4743d77560d8cff339896bdbb2ab8a3e78afc1c13dddc7fde

Request headers

Accept: */*
Referer: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS%2Fx%2F5qn4d8BMondNW3dWINouLkXIH%2Bhp4PfLowM5H9GLHJVPKKXi6ItiHziQTbwH6ajrbTiLZ0QVtrKRCEdGW3IyOJbDKi2iaRjxZ8LOUkInkG60gXILwc%2FXI7CeNJ%2FYZYg82cyT6uFyMSXA8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7eb10677585e18cb-FRA
alt-svc: h3=":443"; ma=86400

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame 78C4 0
0

GET
H2 200 gmifr_lei.html Show response
yaya0506.com/ Frame 78C4 1 KB
1 KB 306ms
231ms Document
text/html 2606:4700:3035::ac43:91e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yaya0506.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:91e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7eb106780be51959-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbwtaU1dVKN0skFdOGp6vdPN%2FP0Jjf96ucu9PDF1OsUFpwfivZF4Ke5S4w%2Bw1lso2h4qYqc6%2BPzxmR4UXi6ojI2hj2IIzmfuFOI6vmXhlJEeqSWsKMC9g%2Ba2%2FcEOYTSnRlxuGS8qLDhfDWM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40e420457af331960d3b55fd10174de6e95af24516c0ef3b2339990946216b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jul 2023 02:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5200
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 23 Jul 2023 04:35:19 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame E8F8 385 KB
122 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5977
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:22:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 714C 385 KB
122 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5977
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:22:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame C544 385 KB
122 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5977
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:22:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ Frame 1B0B 385 KB
123 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 21:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23641
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 21:27:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 82ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VCEDQQD6JV&gtm=45je37j0&_p=1128126536&cid=968454278.1690084919&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690084919&sct=1&seg=0&dl=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&dt=%E6%B8%85%E7%90%86%E7%A9%8D%E7%A2%B3%E6%A0%B9%E6%9C%AC%E7%94%A8%E4%B8%8D%E8%91%97%E8%B7%91%E9%AB%98%E9%80%9F%EF%BC%8C%E7%B6%AD%E4%BF%AE%E5%B7%A5%E6%95%99%E4%BD%A0%E5%85%A9%E5%80%8B%E5%9C%9F%E8%BE%A6%E6%B3%95%EF%BC%8C%E7%A9%8D%E7%A2%B3%E5%BE%88%E5%BF%AB%E5%85%A8%E8%B7%91%E5%85%89&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E8F8 33 KB
13 KB 411ms
408ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2267138469789864&correlator=1092519622416859&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690084919155&lmt=1690084919&adxs=632&adys=331&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=14e5ri4c12d6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&top=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=968454278.1690084919&ga_sid=1690084919&ga_hid=1594020031&ga_fc=true&dlt=1690084918874&idt=257

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80b848f004f51331148fe4cfa5170c08bd26b2fd05c5fd42859b83de7ffff8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12935
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E8F8 15 KB
12 KB 143ms
70ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67229d226b829b35c7112defb9c1253c02764fd278073e6798f3af96798c951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0

GET
H2 200 container.html Show response
bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9EF 6 KB
3 KB 132ms
28ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 714C 32 KB
12 KB 318ms
318ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=45529836018177&correlator=2452493354009677&eid=31076312&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690084919186&lmt=1690084919&adxs=632&adys=4776&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=5qywmcovmf0j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&top=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=968454278.1690084919&ga_sid=1690084919&ga_hid=143668141&ga_fc=true&dlt=1690084918890&idt=282

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

571c3bd08552f27c075dd1e166c27e45c71150279d505fab18cba54982fb7c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12522
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 714C 15 KB
12 KB 120ms
72ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bab35bf11651ee57cd5c59f3bcca21f404fbbbad89f8b6e52fc62963f1524219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11844
x-xss-protection: 0

GET
H2 200 container.html Show response
75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DB7E 6 KB
3 KB 108ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK ad0113stat.ashx Show response
twtpstat.zhentoo.com/ 29 B
582 B 2667ms
273ms XHR
text/plain 119.28.134.92
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://twtpstat.zhentoo.com/ad0113stat.ashx?adid=9&position=1&type=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 119.28.134.92 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73c7a66057f287faff38cfbfd112751a16f86b1718af818c56548cff1c8986b6

Request headers

Accept: */*
Referer: https://www.vaacase.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 145

GET
H2 200 1ECC8F5B03A1w800h800.Jpeg
pic.logkb.com/ad0113/2023-07-22/ 97 KB
97 KB 135ms
43ms Image
image/jpeg 2606:4700:3031::ac43:91b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.logkb.com/ad0113/2023-07-22/1ECC8F5B03A1w800h800.Jpeg
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b83695577891190375f9376f9913bee539c3744fee84dc1d255ac062955c5392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 98927
last-modified: Fri, 21 Jul 2023 22:37:54 GMT
server: cloudflare
etag: "635796fd23bcd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSTr4BBtVVjbRnlQaLSIuADn%2FTP9PqXOTcf8wC5oh432HRaPEff%2BT6MSkihSaqUM4v9mJ2IwELzLl7Mwt%2FhofSPfSQL4%2BM8QbSR4sA4OQT6qHvb8udOSxYHkTQymt%2FdrrVlQqVOKdapXK2%2B7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eb1067998fd9bfe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 30ms
29ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1128126536&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ul=en-us&de=UTF-8&dt=%E6%B8%85%E7%90%86%E7%A9%8D%E7%A2%B3%E6%A0%B9%E6%9C%AC%E7%94%A8%E4%B8%8D%E8%91%97%E8%B7%91%E9%AB%98%E9%80%9F%EF%BC%8C%E7%B6%AD%E4%BF%AE%E5%B7%A5%E6%95%99%E4%BD%A0%E5%85%A9%E5%80%8B%E5%9C%9F%E8%BE%A6%E6%B3%95%EF%BC%8C%E7%A9%8D%E7%A2%B3%E5%BE%88%E5%BF%AB%E5%85%A8%E8%B7%91%E5%85%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=867553569&gjid=1453155230&cid=968454278.1690084919&tid=UA-87942765-23&_gid=1327547083.1690084919&_r=1&gtm=457e37j0&jsscut=1&z=1592757710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vaacase.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C544 28 KB
12 KB 261ms
260ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4485201836879126&correlator=2155266088116340&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690084919231&lmt=1690084919&adxs=632&adys=7813&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=8419sk467arb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&top=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=968454278.1690084919&ga_sid=1690084919&ga_hid=496802341&ga_fc=true&dlt=1690084918907&idt=314

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f955766f06fce1108931798e0fba37cabbe2b290de268412ea68ff453adb0408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12182
x-xss-protection: 0
google-lineitem-id: 6119356740
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138418502062
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C544 15 KB
12 KB 83ms
77ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e465b4415e09cc34545fff418c5363012633b1cc82ab28c160a6c1b831293a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11846
x-xss-protection: 0

GET
H2 200 container.html Show response
882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A0C 6 KB
3 KB 102ms
30ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1B0B 33 KB
12 KB 422ms
419ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2157481203578801&correlator=219753988082985&eid=31076291%2C31076312%2C44797785&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690084919259&lmt=1690084919&adxs=632&adys=6465&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=kmws5xyyz8uq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&top=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=968454278.1690084919&ga_sid=1690084919&ga_hid=1187879501&ga_fc=true&dlt=1690084918898&idt=339

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6573c20f0befd10c153b003a232c9492ff88e8366818f783d9977f253b919831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12644
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1B0B 15 KB
12 KB 124ms
123ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a69dbbd0476cba32959e54255f7d7e4e23d1766fdb6df4920fef66ce2e0e1f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11761
x-xss-protection: 0

GET
H2 200 container.html Show response
93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D2F 6 KB
3 KB 45ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame 78C4 2 KB
1 KB 276ms
276ms Script
text/html 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: yaya0506.com
URL: https://yaya0506.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b84f1090fcbb288d38b5ef17a69450a2aa986530ee8d4dda8f7bfb1e3a77da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie2rJpHh1UHAhJp%2BIgdH97LZBz4M314Z4og%2BbEKT27yWCh%2FhHLnSw4cTgUCmsKkyccq7ysvnSKynakkf5gB6TYlYoF8GG2mCjKUV8kX3T85ZD7SiGo0fwQlVYBgJ5I3q4uDlyQ9Lz%2BBF51JJl2qM4t8RQlY8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7eb10679dd494d8d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E8F8 17 KB
7 KB 102ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 714C 17 KB
6 KB 108ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 240ms
35ms Script
text/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: text/javascript
date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 1061ms
730ms Script
text/plain 65.9.95.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY5MDA4NDkxOF8xXzdkNTQ2Y2IwYThmNw%3D%3D&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-15.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:00 GMT
Via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: PRG50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: UJoZS021hXQ0UnpFFCtAtXRutolf7idzLg4uiuppn1Cewc8XbBPRAg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/webp

GET trkyjs.js
static.intentarget.com/track/kangleigm/js/ Frame FD98 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C544 17 KB
6 KB 91ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 gmifr_lei.html Show response
dwjhgx.com/ Frame FD98 1 KB
1 KB 389ms
215ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dwjhgx.com/gmifr_lei.html
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7eb1067b38a6381a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vT%2BLbnTny7hlMQ1gZsFYo29EpOVxxkbDTp37zb5LS1RfrKbsqUR5xOxz8%2BqVHCVlHb13kH6Ek5MG4Xtr80IgWolDP3EnsEyuyJGCSBki9SYX0DduameWzKebPJeHSJbz9fUpiJgQ1HXf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame E3EC 410 B
440 B 308ms
307ms Document
text/html 43.201.176.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=97daacd1-ce06-4112-9741-a71828f46faa&id=dablewidget_goP0dJoQ&category1=%E6%B1%BD%E8%BB%8A&author=0&item_id=4813870&item_pub_date=2023-06-26&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 43.201.176.23 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-201-176-23.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2078042977d7be81ee63b84342c86fbfc90b72694c365b68350f16bf244f8fa8

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:01:59 GMT
server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B0B 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CDD 13 KB
5 KB 32ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 01:54:38 GMT
expires: Mon, 22 Jul 2024 01:54:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B31 783 B
738 B 88ms
32ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

786a29a52b58063fd54055a1312cfff3ce175a5f9e9625ee0ef885d2299cf7df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PXVu8BzpCwgrLG6LIgduAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-PXVu8BzpCwgrLG6LIgduAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Sun, 23 Jul 2023 04:01:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2753 13 KB
5 KB 35ms
27ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 01:54:38 GMT
expires: Mon, 22 Jul 2024 01:54:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6FE5 783 B
1 KB 86ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d02ef699cd854ceb16484b620a937ab3ef34373d5425ddcdbe6b69b30ec52fed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n1wosJ_dIvXYwbxaX_ULwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-n1wosJ_dIvXYwbxaX_ULwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Sun, 23 Jul 2023 04:01:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D827 13 KB
5 KB 35ms
27ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 01:54:38 GMT
expires: Mon, 22 Jul 2024 01:54:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE22 783 B
742 B 85ms
32ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e588cc8f14fd37d945b2dac564d72eb3ea54a6c312889ed7c6a5653f958f0d70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LFwvb88xnrvfz5J6I9uOzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LFwvb88xnrvfz5J6I9uOzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Sun, 23 Jul 2023 04:01:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 969E 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX3t-EwhUFbCUN5DvSyCeggxkcWDoj7pUZkoPoUM2yLvJZ2G4yZ_yM6UkdRwr6Z4ycWem0TZMwI0dPMnzz7DVPyBNb9lXYSwyBOUu2U5smxIs-r-nzPXadqjyL4eCulLn5Z7e_StzG5qvUsyMfOjHKSYUCY27eC6j9NpXelp2Wqo4B7FuqULUUEbhcvJ5QBM8QGB6FJ5Iu9zDgSaZX9Nxo98bLQckX4-yx5oHMKExC8WUoCkHPYecY4psePfFFDmuvIYVm7ULZNM2TGes9B3nm5b6scEy710tHEL9Ns9JmqEL6WiGTTxP_embd6zfnTUgdgAhV_7JV6agfVQRQzQ&sai=AMfl-YT924R-A63iNWD-rEluKWSbDRbs6-pBHh02quRfLVgk1By7rvgEF1CkG1Mj9qDh0A8CKo7v51Nl8znIeDEp6Z5pZjYciqUEO3NpHbdWRm0prJbrrLZjgK_Q_S9eNklkFkhXSN1gJSvHb6b8Nwk&sig=Cg0ArKJSzEl8s6deT3AUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 ysm_sunflyday.js Show response
ad.sitemaji.com/ Frame 969E 51 KB
16 KB 22ms
22ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_sunflyday.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 96e18d08fbf647109d011e9a7eb4f1ee50a1a2223920ed30e28624f44a31540b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 10:15:43 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 08:23:00 GMT
server: nginx/1.12.1 (Ubuntu)
age: 63976
etag: W/"649bede4-ccee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16156
expires: Sun, 23 Jul 2023 10:15:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 969E 179 KB
57 KB 109ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 container.html Show response
75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B86 6 KB
3 KB 26ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B85A 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 01:54:38 GMT
expires: Mon, 22 Jul 2024 01:54:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7FC6 783 B
737 B 72ms
33ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbde0efeb7e1a635b921636162cd5ce5ffb31aaf6deb88258e9679577dbb757f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kZmgb0rSHLKGsS22xy5fNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kZmgb0rSHLKGsS22xy5fNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Sun, 23 Jul 2023 04:01:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C1E 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C7BC 624 B
577 B 103ms
45ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNWXZ0VJg_fuluDSjZEVBbHbu7EqE_tgc0GzlLMNY5fyTDsj76myCgorLq5ut0GmE4wk1fK3ctZxPy0JXBzysYvSpRRSb3v1PlHxZgI5_rcOlifEup1rCiDRGMbeiIMFwwf8Z3G61GbkPtFQqsAS7pkacDNca-t2VL_1ZFDQMZXoUC83GyY

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3B86 85 KB
29 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B86 42 B
63 B 105ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2TxwYA9eIqbMjIlhDgmRSEIe-0vt-4cwAerCsTwachqmNlAzuTXauOgTNCm1ITI5iDgwIjRtAEe2LC5HVp_LOVZUHe2MlyP2pBfwas8Qm9poRZwo

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B86 0
20 B 105ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8383766084238832103&x=1&ct=76

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3B86 2 KB
1 KB 151ms
29ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&dvregion=0&unit=336x280
Requested by: Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:01:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:29 GMT
Server: UploadServer
ETag: "0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Wed, 12 Jul 2023 08:57:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3B86 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 09:33:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3B86 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 22:19:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B86 179 KB
56 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 51ms
49ms Script
application/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sun, 23 Jul 2023 04:01:59 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame 78C4 7 KB
3 KB 28ms
28ms Script
application/x-javascript 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88408
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIn4fjiyCuuoebZO%2FXJ6xHI4g%2BlSt1TAbDRlDD0YXaUqbPMHTnlyzLkWrxxGn5g5cweI6CQQ%2FcazF4EfkSMJyh9tyJeW%2B9A1S7NvXRCJnR9F08S2OcQv4uSFDNu9%2FtErSOsYBnsztstYlNvZBa1tM3plUEgh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7eb1067bfeca4d8d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 03:28:31 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2D5C 640 B
308 B 36ms
34ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3C1E 85 KB
29 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1E 42 B
63 B 64ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrI_KRWcEbZLNkDuowOjvkexqXHp_aXKC2XMo2C61XxEs-X47iWyBMjY-In24bXiOWILcB4YHu17h1gicLyCCCn0LCQUAwO4wbnnC3ETnb1Vz5kr8

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1E 0
20 B 65ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14704236044330749124&x=1&ct=76

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 3C1E 2 KB
1 KB 90ms
21ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&dvregion=0&unit=336x280
Requested by: Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:01:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:29 GMT
Server: UploadServer
ETag: "0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Wed, 12 Jul 2023 08:57:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3C1E 3 KB
1 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 09:33:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3C1E 20 KB
8 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 22:19:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C1E 179 KB
56 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame 969E 31 B
372 B 744ms
239ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=SD.util.geoCache.callback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_sunflyday.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 7f22749d0475765b0ba3d2e17cfc9689eabf02e8a7f678a9a979138e9d9d19e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: br
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Cache-Control: max-age=86400, public
Connection: keep-alive
Expires: Mon, 24 Jul 2023 04:02:00 GMT

GET
DATA 200
OK truncated
/ Frame 969E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a2bd9137a4bddbc128e8b2274f1143c7360deaf2c5a04ddff567797189c167

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CDD 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame E3EC 94 KB
33 KB 97ms
45ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&url=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=97daacd1-ce06-4112-9741-a71828f46faa&id=dablewidget_goP0dJoQ&category1=%E6%B1%BD%E8%BB%8A&author=0&item_id=4813870&item_pub_date=2023-06-26&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 23:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 23:27:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1

43 B
766 B

34ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNWXZ0VJg_fuluDSjZEVBbHbu7EqE_tgc0GzlLMNY5fyTDsj76myCgorLq5ut0GmE4wk1fK3ctZxPy0JXBzysYvSpRRSb3v1PlHxZgI5_rcOlifEup1rCiDRGMbeiIMFwwf8Z3G61GbkPtFQqsAS7pkacDNca-t2VL_1ZFDQMZXoUC83GyY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:01:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7BC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLymNxfQx2jj-fyEupISQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1

43 B
766 B

34ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNWXZ0VJg_fuluDSjZEVBbHbu7EqE_tgc0GzlLMNY5fyTDsj76myCgorLq5ut0GmE4wk1fK3ctZxPy0JXBzysYvSpRRSb3v1PlHxZgI5_rcOlifEup1rCiDRGMbeiIMFwwf8Z3G61GbkPtFQqsAS7pkacDNca-t2VL_1ZFDQMZXoUC83GyY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENubb5PVr8TqATZwv3P46_0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C7BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB6UndsXzXFjXhlRI6KwrDw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB6UndsXzXFjXhlRI6KwrDw%26google_cver%3D1

43 B
892 B

36ms
36ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB6UndsXzXFjXhlRI6KwrDw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNWXZ0VJg_fuluDSjZEVBbHbu7EqE_tgc0GzlLMNY5fyTDsj76myCgorLq5ut0GmE4wk1fK3ctZxPy0JXBzysYvSpRRSb3v1PlHxZgI5_rcOlifEup1rCiDRGMbeiIMFwwf8Z3G61GbkPtFQqsAS7pkacDNca-t2VL_1ZFDQMZXoUC83GyY

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
an-x-request-uuid: 838d93f5-2f70-4ece-93ac-9e8ab7b71cd8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.19; 217.114.218.19; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
an-x-request-uuid: e929ae5e-01d6-4a65-bffe-b8fd52498ee4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEB6UndsXzXFjXhlRI6KwrDw%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.19; 217.114.218.19; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7BC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNjE3NDQ5ODEwODM2NTA4Ng%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNjE3NDQ5ODEwODM2NTA4Ng%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
an-x-request-uuid: b7d28209-928f-4bac-b92f-41ee0ad55570
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNjE3NDQ5ODEwODM2NTA4Ng%3D%3D
x-proxy-origin: 217.114.218.19; 217.114.218.19; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2D5C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHvhrH6RdpiV2q4rlvJxlLY&google_cver=1

43 B
105 B

34ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHvhrH6RdpiV2q4rlvJxlLY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHvhrH6RdpiV2q4rlvJxlLY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2D5C 43 B
295 B 118ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2D5C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMFwqPC7NhOgVOgXlUaHqK0&google_cver=1

23 B
163 B

58ms
58ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMFwqPC7NhOgVOgXlUaHqK0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sun, 23 Jul 2023 04:02:00 GMT
pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMFwqPC7NhOgVOgXlUaHqK0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2D5C 23 B
163 B 166ms
53ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGK6s7PABMAE&v=APEucNX98UhUVevk6vPjE7BK6iGJrxOImjgo-kiXjCQi5zR-ON02hWSAL_0ZnvJlao08amPCxlh2zkhtiHLX1VMjDCj_zwt4vyfav8pfhCgvtIclEIYHeU24q6P6Sn2Bn36dKliTOjIZ_tDcwOoCSKV6TyjbavDW74VtiSpXpC5X5On-b7wkkKM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sun, 23 Jul 2023 04:02:00 GMT
pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 container.html Show response
93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E0D 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Mon, 22 Jul 2024 04:01:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
static.intentarget.com/track/kangleigm/ Frame FD98 2 KB
1 KB 279ms
279ms Script
text/html 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/
Requested by: Host: dwjhgx.com
URL: https://dwjhgx.com/gmifr_lei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d934e0a30071a0906e350152d351a8a2c38e580acd636af986a0bbf0dcec4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5ZB8i5MxsHOfv%2F14wtl9oQDm1z0267Rxfjcu0FtDvjbAca9EYkHRJB6RqDdwaX6viz2W98XINVLs1fENRAu1PdS5eKjprJEQktQD7TDTPipxgkvvEE5baiqBhe5Uwt6DMIYyuyReLzf0PkHG4F6%2FKrH8fpE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7eb1067cdf784d8d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 2675 102 KB
11 KB 22ms
22ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3374a9454563c0bf3bc15aea87b321fdccc2f4f73feccfeccd1adda2644b97aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 08:31:54 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jul 2023 09:57:44 GMT
server: nginx/1.12.1 (Ubuntu)
age: 70205
etag: W/"64b90518-199ea"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11484
expires: Sun, 23 Jul 2023 08:31:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6FE5 0
0 53ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=45529836018177&rc=
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE22 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=4485201836879126&rc=
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 78C4 95 KB
34 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jul 2024 01:02:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B31 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=2267138469789864&rc=
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2753 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7FC6 0
0 56ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=2157481203578801&rc=
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame D827 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame B85A 37 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B86 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8290815038141&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B86 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8290815038141&version=m202306200101&ct=76&x=1&cor=8383766084238832000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3B86 15 KB
12 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dw0n0FmXMSu34QAvg2bng6nAasEitEIGPDQxBiJfMoU5aDHNchCYgztHfjaIj4H1JU1H18AW-z9iELaE44xqmr0uKGTmSvNPsVaUR2zNdPulmmfBanSS4UwIJUdI614x5yjej-dNDBX_MgzWIOqcl4mnergm6fktFZvXU27XX_5wcbQAw&cry=1&dbm_d=AKAmf-B4zJCirANtLTRhP78Hpom-GNm5uVlrUvDn1-12LhDjOaZbGMqA-VSOQqx_LTM1wqgQWJmCqDeQkSL0veaSvqm7D-3Y3NheponA4P7ibWCNlhc3PUGy1aaLtmRiTezODgpKrAIfuKnr_3A2h5ewRBO4KAdPx-lHSKQwpFn5SDb2L6hVRFBzERQ3aDsZwBpjcP79iy8g8c_ulMNAy11jBjDwWIGEdimcAt_zENRqNfnUniGr83acWxYiaJAbadEIsEa5a7e3rL6kNq-R9Q4f7XK8PowBITvwor2Dnq7eZATMaEys0Uy1pJ02Q58E2dKCc8LcG3DYjrQZzlelf8wN1pjKM28JeYDVL8OTPW5PWvro6oCfEiuHkUH_rjmuZ5Ifn-Ibje8A7vfhmW50la-GHB5p3eZiElouiwgpVogZnZBVeqV3tvu02q9iErJj9Xbbz_TaMxxCXK3vP5um7efYFMVZLrV0uicz-0_wtC5vd0ZOLx_cVZPeSlGoDevrWJ2fnFzM133IxdKi--mKq-QfDKUEqIhAnbxVOoEz4oVTCopoqdvtIiAZRoKpPdCsbw_Q83X0lm242HDAKsPAFmnc2Q1Nk4qgMSoXhPG1kyXc1PKO992PubLJsAU1C26Q4uXHjEeFNdQZz2reMO5QiUwHgygbXhnsjRDH-e_yRLgMaW4JsAxhYxRqK7ZF8X3XfwXTIKRVJTWA-DRcCutUJ1V-41KxIwaWr9zlVqCBhG9vHB2YIA24mauYx_PRrmapg0H2EzCk5bJ-zuphuCyiLcL1G8lP_JxDf1J21kK5i8E3qc0_M2WxrD8dhYHWktzDk96CTxWvPBixRDVGQP7psif_puC0bRTPTXwQBm-ZmvbBnJzrgg8eyh4E297aKAZOu_mUH3qgvbFfxNha17hYyEDhSNxaprkf9WCopm1gCeSkrBrPgVlw_j5vxVZtlCDM1N_n13jjkTIsbQK6qXE1khDyksuWYb97VDge3gDaShrh9OHM7jf8yI2WTvEztw7P5eh3BSX2XBsWptWDF5rPBO-eS0jhi3ISD-7_l03cAesoumV1oRiI_r6xN5k4TczyqizWsQr9WCd6ge-SX9M0_0x2pgdXNg6M0Jxj1zocaNeITTeQfKKT558LlRZReb0BskCaS9U315Dz6Aw6dBvq8F4xrlQPIoc4YbBmLW5h-5seqo3UnlE7e308VP9KnqM0HZRQOGbvSq_kGUcqZe5ZC9bTPfvlui02j78JwOeB-OqxD73yGCM9Yu3BgjLJz_RxFLLF6tCg82Q1jlWEtS4LZ7nxJyWfunqyKd5FuYm5cjNvLJqV-ssWXsWn3BJ5lSslA3G7KP-4f3i_jfg5Xy8pagszgQ258einkUh3aTTZ1DWMDg1BRdfAu8OlJzz0HImGdG_mNXG-vkHmmY4ruiJT2_u24WdxI05mkGsVwh1QPjbCUfD5356yXxkLC9vhpnkG0vf78xI1rCGXcsXLk6vGmUafHypJgXoMq1eQD3QjL014lFk7o_K6RKleX1fR_AE-U1yKkxCa7AlAFaOJ7fbPj3V1AqjMNEMeIo0vcnFgN9Ts9hhca_Z_0iIdk5plTmIQNWlRZmanzmZUm8HkkhwZlHStsDYqQLWCRRuT5GPKpK4ryfINWbyB3DOkm6YLo3JO1jq-egfvCspVTF4I6tk7LG49fYUha8D6qfcA3pN3ynnih9bqLRb8QJzGhX0hV_2YYncNXPSwf7YEiRiJLsTWvfx5vJtLl0NGd_bXdvMK94imh-rgN16UmUvtRflcJHvqajEYAxXphuIL3Cjo_uMdZrsKfkee0ppZPLtveym6bYBkzWWQpKklmojXLYJADjsc4GOKUfso9WC1oQrOMI7ibEYcIAry1a6MXDhGLORu-1yh1jlVRYo4o9a-DYutvumplKDs1TtMOh27eSzV9rw1mNczP79BQnEsGbRSwLIW5WxRTsFAuVm7i6S5FOBGsjKPV9_lAubmSwSPYGMi9O7bB4TGeanbVpZqoJ3l5vf6kyDdf8bwQ4khHMA7nUAk3zmr3SRYGZN-skq61qcbipvfQEcEPejz91dpki2-9eI4zDXQyFt9hM7RRc4_zZgHyjJ80-f-ABzyhuL2xXWcF6rXYq92TfpFoLLA_3gwrSs7QBmLU0CRqwgwI-GtGnY_QXqM58eAU1Ger377iTMyOLUcgG0rlhbLW7QoggJlh8pgL56G0R9c6yZz8GhWW47Psgt03sNEc7uoJV0B2nAJZHsXpmwv6f1DeUGU8lHTkI6zm5mI5qoV1huNGmHH5OKYTZAHpwU_cxsffLKDTCH4rhgt6P99NCeFmApO1XRR1o19nBTtW3wouuuE8WuvNX3-I_ABzvtVGSQqLcSy7dXcCAgFer6Wey_oXH_yD4UZ0dJoNtEV8LuqTNfvKV31iWS1jkGIIutdwRH5yhEXhz4IWyJkNCFdnoS12nWm0Sxhm_U3w6KmFPOZVIGhN_dLEO7kKWv5JRGsa4K7LS_xGHOBrr_PAe4PSLzuh8SkqjLPsMTzLDZZG88ovSxPydvNAUyI6H_cBpaG-4OX7KLyhO9IgHZbZKfpO72OBnJLO7eFlJWkxUv0BGRrfevj5DPYgKJTM0b2HfKoA3v3TvEzBUKUTcMh9P3OirltFuwT0rnZjtQ8Jam4ZXMRxv_qxQWYn0_5ttbfRbDL5D6kUgmeAi1FO4cFiu54I-HL73Rz-Y8n67OacFH4ua71LPyr9lNL-B-IZURY9iqWMdayZiRJ-fuYw9VDXWNYB7W7R74Y1I3Hj2PIxTuhl71s2qZiKy737mcM2mF_tM_o0zMOu5byzEPEvklBZVA3lr2JvaEjYMwWptzL1evf8w1tJ3ydg4HkcoKZIMGdo-bxh9hwAnnfe7AEWV62SmtM9kaESSAO9SJ5CQ-CZIGIrjGJR0pxoEIWhSArtTpF4VNebAumYyCO4SpHAF-9vwMMmaKL7Lo879aXaiFvB7Phdy9B9YaNozRMse3PqqKTVzJbX58U8ylaQBm_KL4i-O-VCHwu5Kees6VLcy-nOduNtmil-vvdyS8oBgEbwNUQpaqYYw-Cjmr_PgtsGRsxXlJIxF49oN1svwtPgKu-_fJ0GCMkq0aQS8s-jrP6gE4snYLEjNcoMIP6pfYTw_ASn38HG3y-A-kPOEE0-i5TjGSKtP3cCQDAN1-4W8pk2ojqpDBhYiBHVYJKMofnkT7SGuYz-gP8Qwuxng&cid=CAQSTABpAlJW12fpKj1L0Cxc2rlk-XcybJHh-TBU-D5HwGtzuoOtQM0f3WJQULulN3Y-btzdFmV7biI6QgLP9VQVL20R1zKZpeGnqOiYntQYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=8383766084238832000&adk=3466583960&idt=105&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fc01ec89c96a4b02bd67bd792aa64566308494bc15d41e17785de44ffac8578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11756
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1E 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6228230345563&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1E 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6228230345563&version=m202306200101&ct=76&x=1&cor=14704236044330750000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3C1E 16 KB
12 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmjhT6t5JCIIsLsPJNux9B68zPOc7SFowQMKd_0nUE-xebO4vF9SnqLX5MEcXpSkkWgg7Sp0x30AsaPBp72dv9JBM5afyHR8us4x-7CUc1kekgt3US_kJsAO_bxeCjnXbgWNBNGw45H1Sm-NCdmtSlNJ23WoeVYNIIMJ5ILqbeuDEDcmM&cry=1&dbm_d=AKAmf-D9L_BhZomXAfsaKTqEHD08XNznPvL98aXRSF86Ct0gt9ESBBlS28jOwNzaBN-oFLfkHPAxbBQOCxCk1ms0xzbuUYoAjuV62XsBnfoWxkmWbXQurGTPpviv1xG0AFSc4K_dx263AG71cs9D4C6uzOYVNZwnQOP3ryMACN9M44dC4wrrLECB0NqzuaCTVVGiLT8pFluvevauukj0jMX1mM6oyPnTaxsZbKo2COs-EOUqsaykhc7x8-ia_49DXwtkQKZnvumatHJBWrYQWezKEp7CT8j6RPz3dsNpBAuwxAeZ345bu65HzzNGKs0YPDOGOlz9kZRVoMfJovGjlK1PynhDB8Xr6sUVQe3dHniEWHNU5L8cRBSC0EsOjwLPerJssu7bZZ79wkIQVJ3ZnW8587iIVm57Sq89hU9RW-e2eGysNFT7uq4VIyxbL_lt1ZjTNMN-IOacO3FlhJGN8FVSIOZ3G8oMQzpNqXGcMCtrLuhUXXOhyZ5_q6EVFJPwemuhdewaXQYGhzwra2LpuPAuNUGMPnRHw2HgmMZgRvS6_j7j0cXNJe0iYmq2nD9hMw7BfEtraC6vArIn5okyx6NTCYWvSTa6mph_kpRyXinR9xX4EXAXx-30yYC-8Y9G5k5qMeZrR9jGypHwLElqNbUXWSd9wfn8yJZlFgBV9lghRDCT3t7ESjFf97btfDRtbRQZN3_SBg6BGh5umpC0f_n33163iv4zawxm1Lb58DAP9V1ojOa0UeQRlaIrClciz6FQT0Is3c12UMNg60ZpM77r2wXOahztWoPa8do2lHOC2XBPZXKjPQvRfOk96x92Tli0bf8bFFmj4ysAmXcVocdXy6Q_oOpS1J8K4r0vcyNLLN0OT9DYd1uLK2fRPQsZlZfrtdu-piwgpiX-ehDeiu2PWMxSUTS8ymIY-R25qTcvdezng0GyaKmbt-Us0PsilNF0E3bkeCiMXi8QUEgy3hkd0tmOM2QO5ghwzOxrkbbNFDSbBno-80FAY3qKfWn5jBil5UTFMefF8hcsDe_vSQWWYmnFX2oUtQUmjQgAjxn6YHWUqWyOOSbRehppAHrJfHw5A8iDCCEwLzA5Cr64HdoBNQViUjUrbEQE5kNQkn57rYTotFM7-D_E6SjwnNcQ4s9JaExsPnHqljiAl-EHGEQ0QpxCZn_wMjkEme06qJrP1MfOaZQjXRTstgfu2Z0njLjpxhx8wL0yY6r5lhHK5I-RlCRL1MWALgjTVqnZeSabw465QjWMUujvHDUGLmokEy9XM1FlLXBu2wqd2ntQVy_k6X24FpW6G9D1gTD3e8FRtdQwMEvKAj11h7gF7W_pnx63VRK0SCwilOKuVsGxIPg5p0ETCySEb_PKXXfT8Gn-DU5ylwZ24Qby0PuoWBd9tLT8EdHZShswNIUQ1roUQwjMICEAIPd-mSPxZ5SrAAn8SqND8VM2S4c8_jpSizFSGBlA53jwbTXoyaAR6GhFelCxERRWXNvKkEDmBXgwD0WE-FHVOJZ1P1dxi8LfBxPJSv8EINA-1vagYVPPnb282_Kf46TwVn3YunVDS-Lz4Vi1CGi9IL2jOozroXCnv3bl_iqpCD8GKrt4vj0ed0Oxir8g1BndKyyDH3d4q6o1QPxIQlHrk57tXZLaZZ2rHWVP-dLiJ5c_-CpHoZbOao0qHIVHla6BsToPMZZb16CRCyWqUMISU5IaLd_TS_HddgYebhQBgocY9cTeFcQVuIaWSxrv3FNkuSrJHUi_0pTXQ02DRyXOcT5wyTTvo4rI6qCpOwYVSus21FWEVqZvFhpjwJdR_co3EFiGH3rBGhpF-eQ8T9lB8WQ-aq3B2VeAGmBOhk_YB3UxRzj8jgPbdgOgkmxUOVrD8eC6Wa-VDc2wrEdjFHEvsex4epDf74R3Had2Bb5FDRICdYfub0IYMecWBXhwB5Q1PgndLtflvysOJmQJ4di6jmF3ravCu4dkcNnGTnXzl6c9rxgIslVkfHRMzXE4MnozqEEl1p6q56PTTgmHfq204-_uM68eC4knj1FrFASL62q2wk_L0hs6Et_v3wa97_vCoqJXtrhapPMJXuHsCTwRu60HUNX6ru6w7NOGXB-do_nfg0_uAQqDBYMIfTM9XoGEwWFo1X5QQGE1MMinppNgEELMT7cEZXU-0KpdKZwogj0e0AKBjfhz3NCECetti7kETifU4NgczDq-aDhNfqVkJGIeCm31q9dZNSOlvKqdDZltGkUCvwQTHlqHYQc67OAZAsKpTUWcwKrxtDeNhPL7C9mP_yUOTM0vl_UmqAWMPgL0zlzGr5V0qmIsZDgbsrNgUi9RCtTNDhgla9byNCGEWZJA8YRAnLmyctRvRvPKF5obhvidd0a7bHxbWCZQflUy-Xnb0oOU0fVpDZ0IFRrW1gH4zy0bzcCMJpw9aX4RCZMvYhv-3eJ4glpXbg-GhUrvLdUjTGB15yh73GVsF2z-q0rRelltBoUaqaWXk2cGmeFeStpzt9C8SJ6Q-LDAJybZGcY1F45parpwVOysra4E3JlrtheazKDfhZX4fsW_e655k1em5m5RMYE9kAqxu8iM9L14PZPXKNOLfgWm51p4OGg26bb2F9EI-NJGcRD7Ye2rwDMRGwtfvRxCm2hNclzDDSJmgh9F3nVE3r9ZZR9AJa0_8LzZRZjGqutD10Emkc_3ATLfEHdUhW0rWmZsye2cESdvRR4FM_ZzlqevI2LWZ-KG1afGoprac_THYV6AeRkfSu-XDo-nntbBO2HaD7ykCLmTEGg_dESsR_KuzKG68QQmvKvJNKTDZ0e3dAg9BGvRiFQ_PYMWy4VcPopyDCt2ZJvqp2VB3K59YjSZTQM1MnU22Gr4uvxu3nsI9HDI6K2XVKA3P4eg63C-jrJyuFGbQ_sklKDMWzRMFwI8fMhVu7MUuDzIseQ4-rvK02C_HWVK4nyZxjaGqjjhv1p8qlZJJguxglJSknz_00toK304mHwE33ZBWq8jklDDR-XmFV2CZHgUGuNrGKb5oIjxiLP0r8Tw79qTrjbzF-9ntxqHICoRH-TcaKOn15SLcgTtO2mPoGQyaiqhcbef3gKsucu79aIPiXc5Fr-A2Ui4F9RSHnxAcOnnghDM7xKtI4FlvgaqahgtFVp9gWXlMsARf4boBGJpPTTTbegLqQgPY5TXgHCCb1zsIkVTIhHp6eezoGugedLwkBhXZarPSjjk09qcMqUlqWK0z-QCmA78BhAWsfk2tnje6a6u2dt5fXA5PMI4L4l_DQqhbFxSH-QliuS8z5la9Q&cid=CAQSSwBpAlJWtl7FPy1Z9q4G3D0aT0PK0kI1Zfi4z_81PGOUffDvSYpKQ6W5jnFIzYbIqT59UklNBrnNqSJWZf6AxOoIjFs7x-N53cGR1xgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=14704236044330750000&adk=1248078277&idt=67&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab8c319906017da1cb00e067c12bafdd129fba0402376e4aabd157c4c7e6b1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
174 B 345ms
273ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H60EJJHSHJRGFSBPCKXMXKXX
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.vaacase.com
date: Sun, 23 Jul 2023 04:02:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 256C 495 B
664 B 804ms
247ms Document
text/html 52.192.246.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.246.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 23 Jul 2023 04:02:00 GMT
etag: "64baa040-1ef"
last-modified: Fri, 21 Jul 2023 15:12:00 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 90E6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

167ms
40ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.vaacase.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Jul 2023 04:02:00 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 23 Jul 2023 04:01:59 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6647 466 B
238 B 40ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGLiu7PABMAE&v=APEucNVnifCdxCPRhNaGp3HG-6D5K0FMOwfGDZ9gG9G6sPDo0sq73iZlierlq8FXz8QOaWwmBGjQhFKN0-9I0oDl80isTnYmYdU0wD9-C82UdaHujUPpgUSEPotyvLhEl8es-p2gRIWeW3Y1mefGtWQTA6-nbYFkzbBs2rzEIGK9ow3EbGk7YsI

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:01:59 GMT
expires: Sun, 23 Jul 2023 04:01:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E0D 85 KB
29 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BbFosWA-rGjTey8Xdxv4Rpe-jN22ljJqJv4BlT_TVP93QBZut8MaaQkyAzOWU2tMfGdbXiO3Ya6op268y1QHkzOjbf2gu5LP2qWyzNZSZOc0SYwJQ

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2553908682688325253&x=1&ct=76

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:01:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 6E0D 2 KB
1 KB 31ms
29ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803425&sid=8351941&dvregion=0&unit=336x280
Requested by: Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:01:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:29 GMT
Server: UploadServer
ETag: "0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=86400,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
Expires: Wed, 12 Jul 2023 08:57:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 6E0D 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 09:33:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 6E0D 20 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 22:19:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E0D 179 KB
56 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:01:59 GMT

GET
H/1.1 200
OK / Show response
ssl.sitemaji.com/geo/ Frame 2675 17 B
266 B 705ms
239ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: text/plain; charset=utf-8
Date: Sun, 23 Jul 2023 04:02:00 GMT
Cache-Control: max-age=86400, public
Server: nginx
Connection: keep-alive
Content-Length: 17
Expires: Mon, 24 Jul 2023 04:02:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6647
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1&__user_check__=1&sync_id=ac944b29-290d-11ee-9896-1ef5e1e50306

43 B
548 B

30ms
30ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1&__user_check__=1&sync_id=ac944b29-290d-11ee-9896-1ef5e1e50306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGLiu7PABMAE&v=APEucNVnifCdxCPRhNaGp3HG-6D5K0FMOwfGDZ9gG9G6sPDo0sq73iZlierlq8FXz8QOaWwmBGjQhFKN0-9I0oDl80isTnYmYdU0wD9-C82UdaHujUPpgUSEPotyvLhEl8es-p2gRIWeW3Y1mefGtWQTA6-nbYFkzbBs2rzEIGK9ow3EbGk7YsI
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEHKjAdkexhFbI3oc2pniYok&google_cver=1&__user_check__=1&sync_id=ac944b29-290d-11ee-9896-1ef5e1e50306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6647
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWM5NDRhZTUtMjkwZC0xMWVlLTk4OTYtMWVmNWUxZTUwMzA2

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWM5NDRhZTUtMjkwZC0xMWVlLTk4OTYtMWVmNWUxZTUwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLm-qd4DEIKN_vEDGLiu7PABMAE&v=APEucNVnifCdxCPRhNaGp3HG-6D5K0FMOwfGDZ9gG9G6sPDo0sq73iZlierlq8FXz8QOaWwmBGjQhFKN0-9I0oDl80isTnYmYdU0wD9-C82UdaHujUPpgUSEPotyvLhEl8es-p2gRIWeW3Y1mefGtWQTA6-nbYFkzbBs2rzEIGK9ow3EbGk7YsI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YWM5NDRhZTUtMjkwZC0xMWVlLTk4OTYtMWVmNWUxZTUwMzA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 6647 0
125 B 107ms
24ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame 5ECC 6 KB
3 KB 122ms
28ms Script
application/x-javascript 2606:4700:e2::ac40:8313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 49182
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFsE2DiDtVIg0tiYv2SJHSH1yLgheNA1Jpx%2Fpj1ooXEHgaAd6YR7RbCdNhEneIORBNBY6Yw0JWhduliS9LJ3%2B9VGMw%2FGrFg1d05KJRB9rCLCjLMQw%2F1BmIqRRWxFmhZkHCWVfQXFCKC5B%2FP5v3YN"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7eb1067eda4a9bb0-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 14:22:18 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3B86 41 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dw0n0FmXMSu34QAvg2bng6nAasEitEIGPDQxBiJfMoU5aDHNchCYgztHfjaIj4H1JU1H18AW-z9iELaE44xqmr0uKGTmSvNPsVaUR2zNdPulmmfBanSS4UwIJUdI614x5yjej-dNDBX_MgzWIOqcl4mnergm6fktFZvXU27XX_5wcbQAw&cry=1&dbm_d=AKAmf-B4zJCirANtLTRhP78Hpom-GNm5uVlrUvDn1-12LhDjOaZbGMqA-VSOQqx_LTM1wqgQWJmCqDeQkSL0veaSvqm7D-3Y3NheponA4P7ibWCNlhc3PUGy1aaLtmRiTezODgpKrAIfuKnr_3A2h5ewRBO4KAdPx-lHSKQwpFn5SDb2L6hVRFBzERQ3aDsZwBpjcP79iy8g8c_ulMNAy11jBjDwWIGEdimcAt_zENRqNfnUniGr83acWxYiaJAbadEIsEa5a7e3rL6kNq-R9Q4f7XK8PowBITvwor2Dnq7eZATMaEys0Uy1pJ02Q58E2dKCc8LcG3DYjrQZzlelf8wN1pjKM28JeYDVL8OTPW5PWvro6oCfEiuHkUH_rjmuZ5Ifn-Ibje8A7vfhmW50la-GHB5p3eZiElouiwgpVogZnZBVeqV3tvu02q9iErJj9Xbbz_TaMxxCXK3vP5um7efYFMVZLrV0uicz-0_wtC5vd0ZOLx_cVZPeSlGoDevrWJ2fnFzM133IxdKi--mKq-QfDKUEqIhAnbxVOoEz4oVTCopoqdvtIiAZRoKpPdCsbw_Q83X0lm242HDAKsPAFmnc2Q1Nk4qgMSoXhPG1kyXc1PKO992PubLJsAU1C26Q4uXHjEeFNdQZz2reMO5QiUwHgygbXhnsjRDH-e_yRLgMaW4JsAxhYxRqK7ZF8X3XfwXTIKRVJTWA-DRcCutUJ1V-41KxIwaWr9zlVqCBhG9vHB2YIA24mauYx_PRrmapg0H2EzCk5bJ-zuphuCyiLcL1G8lP_JxDf1J21kK5i8E3qc0_M2WxrD8dhYHWktzDk96CTxWvPBixRDVGQP7psif_puC0bRTPTXwQBm-ZmvbBnJzrgg8eyh4E297aKAZOu_mUH3qgvbFfxNha17hYyEDhSNxaprkf9WCopm1gCeSkrBrPgVlw_j5vxVZtlCDM1N_n13jjkTIsbQK6qXE1khDyksuWYb97VDge3gDaShrh9OHM7jf8yI2WTvEztw7P5eh3BSX2XBsWptWDF5rPBO-eS0jhi3ISD-7_l03cAesoumV1oRiI_r6xN5k4TczyqizWsQr9WCd6ge-SX9M0_0x2pgdXNg6M0Jxj1zocaNeITTeQfKKT558LlRZReb0BskCaS9U315Dz6Aw6dBvq8F4xrlQPIoc4YbBmLW5h-5seqo3UnlE7e308VP9KnqM0HZRQOGbvSq_kGUcqZe5ZC9bTPfvlui02j78JwOeB-OqxD73yGCM9Yu3BgjLJz_RxFLLF6tCg82Q1jlWEtS4LZ7nxJyWfunqyKd5FuYm5cjNvLJqV-ssWXsWn3BJ5lSslA3G7KP-4f3i_jfg5Xy8pagszgQ258einkUh3aTTZ1DWMDg1BRdfAu8OlJzz0HImGdG_mNXG-vkHmmY4ruiJT2_u24WdxI05mkGsVwh1QPjbCUfD5356yXxkLC9vhpnkG0vf78xI1rCGXcsXLk6vGmUafHypJgXoMq1eQD3QjL014lFk7o_K6RKleX1fR_AE-U1yKkxCa7AlAFaOJ7fbPj3V1AqjMNEMeIo0vcnFgN9Ts9hhca_Z_0iIdk5plTmIQNWlRZmanzmZUm8HkkhwZlHStsDYqQLWCRRuT5GPKpK4ryfINWbyB3DOkm6YLo3JO1jq-egfvCspVTF4I6tk7LG49fYUha8D6qfcA3pN3ynnih9bqLRb8QJzGhX0hV_2YYncNXPSwf7YEiRiJLsTWvfx5vJtLl0NGd_bXdvMK94imh-rgN16UmUvtRflcJHvqajEYAxXphuIL3Cjo_uMdZrsKfkee0ppZPLtveym6bYBkzWWQpKklmojXLYJADjsc4GOKUfso9WC1oQrOMI7ibEYcIAry1a6MXDhGLORu-1yh1jlVRYo4o9a-DYutvumplKDs1TtMOh27eSzV9rw1mNczP79BQnEsGbRSwLIW5WxRTsFAuVm7i6S5FOBGsjKPV9_lAubmSwSPYGMi9O7bB4TGeanbVpZqoJ3l5vf6kyDdf8bwQ4khHMA7nUAk3zmr3SRYGZN-skq61qcbipvfQEcEPejz91dpki2-9eI4zDXQyFt9hM7RRc4_zZgHyjJ80-f-ABzyhuL2xXWcF6rXYq92TfpFoLLA_3gwrSs7QBmLU0CRqwgwI-GtGnY_QXqM58eAU1Ger377iTMyOLUcgG0rlhbLW7QoggJlh8pgL56G0R9c6yZz8GhWW47Psgt03sNEc7uoJV0B2nAJZHsXpmwv6f1DeUGU8lHTkI6zm5mI5qoV1huNGmHH5OKYTZAHpwU_cxsffLKDTCH4rhgt6P99NCeFmApO1XRR1o19nBTtW3wouuuE8WuvNX3-I_ABzvtVGSQqLcSy7dXcCAgFer6Wey_oXH_yD4UZ0dJoNtEV8LuqTNfvKV31iWS1jkGIIutdwRH5yhEXhz4IWyJkNCFdnoS12nWm0Sxhm_U3w6KmFPOZVIGhN_dLEO7kKWv5JRGsa4K7LS_xGHOBrr_PAe4PSLzuh8SkqjLPsMTzLDZZG88ovSxPydvNAUyI6H_cBpaG-4OX7KLyhO9IgHZbZKfpO72OBnJLO7eFlJWkxUv0BGRrfevj5DPYgKJTM0b2HfKoA3v3TvEzBUKUTcMh9P3OirltFuwT0rnZjtQ8Jam4ZXMRxv_qxQWYn0_5ttbfRbDL5D6kUgmeAi1FO4cFiu54I-HL73Rz-Y8n67OacFH4ua71LPyr9lNL-B-IZURY9iqWMdayZiRJ-fuYw9VDXWNYB7W7R74Y1I3Hj2PIxTuhl71s2qZiKy737mcM2mF_tM_o0zMOu5byzEPEvklBZVA3lr2JvaEjYMwWptzL1evf8w1tJ3ydg4HkcoKZIMGdo-bxh9hwAnnfe7AEWV62SmtM9kaESSAO9SJ5CQ-CZIGIrjGJR0pxoEIWhSArtTpF4VNebAumYyCO4SpHAF-9vwMMmaKL7Lo879aXaiFvB7Phdy9B9YaNozRMse3PqqKTVzJbX58U8ylaQBm_KL4i-O-VCHwu5Kees6VLcy-nOduNtmil-vvdyS8oBgEbwNUQpaqYYw-Cjmr_PgtsGRsxXlJIxF49oN1svwtPgKu-_fJ0GCMkq0aQS8s-jrP6gE4snYLEjNcoMIP6pfYTw_ASn38HG3y-A-kPOEE0-i5TjGSKtP3cCQDAN1-4W8pk2ojqpDBhYiBHVYJKMofnkT7SGuYz-gP8Qwuxng&cid=CAQSTABpAlJW12fpKj1L0Cxc2rlk-XcybJHh-TBU-D5HwGtzuoOtQM0f3WJQULulN3Y-btzdFmV7biI6QgLP9VQVL20R1zKZpeGnqOiYntQYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=8383766084238832000&adk=3466583960&idt=105&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C1E 41 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmjhT6t5JCIIsLsPJNux9B68zPOc7SFowQMKd_0nUE-xebO4vF9SnqLX5MEcXpSkkWgg7Sp0x30AsaPBp72dv9JBM5afyHR8us4x-7CUc1kekgt3US_kJsAO_bxeCjnXbgWNBNGw45H1Sm-NCdmtSlNJ23WoeVYNIIMJ5ILqbeuDEDcmM&cry=1&dbm_d=AKAmf-D9L_BhZomXAfsaKTqEHD08XNznPvL98aXRSF86Ct0gt9ESBBlS28jOwNzaBN-oFLfkHPAxbBQOCxCk1ms0xzbuUYoAjuV62XsBnfoWxkmWbXQurGTPpviv1xG0AFSc4K_dx263AG71cs9D4C6uzOYVNZwnQOP3ryMACN9M44dC4wrrLECB0NqzuaCTVVGiLT8pFluvevauukj0jMX1mM6oyPnTaxsZbKo2COs-EOUqsaykhc7x8-ia_49DXwtkQKZnvumatHJBWrYQWezKEp7CT8j6RPz3dsNpBAuwxAeZ345bu65HzzNGKs0YPDOGOlz9kZRVoMfJovGjlK1PynhDB8Xr6sUVQe3dHniEWHNU5L8cRBSC0EsOjwLPerJssu7bZZ79wkIQVJ3ZnW8587iIVm57Sq89hU9RW-e2eGysNFT7uq4VIyxbL_lt1ZjTNMN-IOacO3FlhJGN8FVSIOZ3G8oMQzpNqXGcMCtrLuhUXXOhyZ5_q6EVFJPwemuhdewaXQYGhzwra2LpuPAuNUGMPnRHw2HgmMZgRvS6_j7j0cXNJe0iYmq2nD9hMw7BfEtraC6vArIn5okyx6NTCYWvSTa6mph_kpRyXinR9xX4EXAXx-30yYC-8Y9G5k5qMeZrR9jGypHwLElqNbUXWSd9wfn8yJZlFgBV9lghRDCT3t7ESjFf97btfDRtbRQZN3_SBg6BGh5umpC0f_n33163iv4zawxm1Lb58DAP9V1ojOa0UeQRlaIrClciz6FQT0Is3c12UMNg60ZpM77r2wXOahztWoPa8do2lHOC2XBPZXKjPQvRfOk96x92Tli0bf8bFFmj4ysAmXcVocdXy6Q_oOpS1J8K4r0vcyNLLN0OT9DYd1uLK2fRPQsZlZfrtdu-piwgpiX-ehDeiu2PWMxSUTS8ymIY-R25qTcvdezng0GyaKmbt-Us0PsilNF0E3bkeCiMXi8QUEgy3hkd0tmOM2QO5ghwzOxrkbbNFDSbBno-80FAY3qKfWn5jBil5UTFMefF8hcsDe_vSQWWYmnFX2oUtQUmjQgAjxn6YHWUqWyOOSbRehppAHrJfHw5A8iDCCEwLzA5Cr64HdoBNQViUjUrbEQE5kNQkn57rYTotFM7-D_E6SjwnNcQ4s9JaExsPnHqljiAl-EHGEQ0QpxCZn_wMjkEme06qJrP1MfOaZQjXRTstgfu2Z0njLjpxhx8wL0yY6r5lhHK5I-RlCRL1MWALgjTVqnZeSabw465QjWMUujvHDUGLmokEy9XM1FlLXBu2wqd2ntQVy_k6X24FpW6G9D1gTD3e8FRtdQwMEvKAj11h7gF7W_pnx63VRK0SCwilOKuVsGxIPg5p0ETCySEb_PKXXfT8Gn-DU5ylwZ24Qby0PuoWBd9tLT8EdHZShswNIUQ1roUQwjMICEAIPd-mSPxZ5SrAAn8SqND8VM2S4c8_jpSizFSGBlA53jwbTXoyaAR6GhFelCxERRWXNvKkEDmBXgwD0WE-FHVOJZ1P1dxi8LfBxPJSv8EINA-1vagYVPPnb282_Kf46TwVn3YunVDS-Lz4Vi1CGi9IL2jOozroXCnv3bl_iqpCD8GKrt4vj0ed0Oxir8g1BndKyyDH3d4q6o1QPxIQlHrk57tXZLaZZ2rHWVP-dLiJ5c_-CpHoZbOao0qHIVHla6BsToPMZZb16CRCyWqUMISU5IaLd_TS_HddgYebhQBgocY9cTeFcQVuIaWSxrv3FNkuSrJHUi_0pTXQ02DRyXOcT5wyTTvo4rI6qCpOwYVSus21FWEVqZvFhpjwJdR_co3EFiGH3rBGhpF-eQ8T9lB8WQ-aq3B2VeAGmBOhk_YB3UxRzj8jgPbdgOgkmxUOVrD8eC6Wa-VDc2wrEdjFHEvsex4epDf74R3Had2Bb5FDRICdYfub0IYMecWBXhwB5Q1PgndLtflvysOJmQJ4di6jmF3ravCu4dkcNnGTnXzl6c9rxgIslVkfHRMzXE4MnozqEEl1p6q56PTTgmHfq204-_uM68eC4knj1FrFASL62q2wk_L0hs6Et_v3wa97_vCoqJXtrhapPMJXuHsCTwRu60HUNX6ru6w7NOGXB-do_nfg0_uAQqDBYMIfTM9XoGEwWFo1X5QQGE1MMinppNgEELMT7cEZXU-0KpdKZwogj0e0AKBjfhz3NCECetti7kETifU4NgczDq-aDhNfqVkJGIeCm31q9dZNSOlvKqdDZltGkUCvwQTHlqHYQc67OAZAsKpTUWcwKrxtDeNhPL7C9mP_yUOTM0vl_UmqAWMPgL0zlzGr5V0qmIsZDgbsrNgUi9RCtTNDhgla9byNCGEWZJA8YRAnLmyctRvRvPKF5obhvidd0a7bHxbWCZQflUy-Xnb0oOU0fVpDZ0IFRrW1gH4zy0bzcCMJpw9aX4RCZMvYhv-3eJ4glpXbg-GhUrvLdUjTGB15yh73GVsF2z-q0rRelltBoUaqaWXk2cGmeFeStpzt9C8SJ6Q-LDAJybZGcY1F45parpwVOysra4E3JlrtheazKDfhZX4fsW_e655k1em5m5RMYE9kAqxu8iM9L14PZPXKNOLfgWm51p4OGg26bb2F9EI-NJGcRD7Ye2rwDMRGwtfvRxCm2hNclzDDSJmgh9F3nVE3r9ZZR9AJa0_8LzZRZjGqutD10Emkc_3ATLfEHdUhW0rWmZsye2cESdvRR4FM_ZzlqevI2LWZ-KG1afGoprac_THYV6AeRkfSu-XDo-nntbBO2HaD7ykCLmTEGg_dESsR_KuzKG68QQmvKvJNKTDZ0e3dAg9BGvRiFQ_PYMWy4VcPopyDCt2ZJvqp2VB3K59YjSZTQM1MnU22Gr4uvxu3nsI9HDI6K2XVKA3P4eg63C-jrJyuFGbQ_sklKDMWzRMFwI8fMhVu7MUuDzIseQ4-rvK02C_HWVK4nyZxjaGqjjhv1p8qlZJJguxglJSknz_00toK304mHwE33ZBWq8jklDDR-XmFV2CZHgUGuNrGKb5oIjxiLP0r8Tw79qTrjbzF-9ntxqHICoRH-TcaKOn15SLcgTtO2mPoGQyaiqhcbef3gKsucu79aIPiXc5Fr-A2Ui4F9RSHnxAcOnnghDM7xKtI4FlvgaqahgtFVp9gWXlMsARf4boBGJpPTTTbegLqQgPY5TXgHCCb1zsIkVTIhHp6eezoGugedLwkBhXZarPSjjk09qcMqUlqWK0z-QCmA78BhAWsfk2tnje6a6u2dt5fXA5PMI4L4l_DQqhbFxSH-QliuS8z5la9Q&cid=CAQSSwBpAlJWtl7FPy1Z9q4G3D0aT0PK0kI1Zfi4z_81PGOUffDvSYpKQ6W5jnFIzYbIqT59UklNBrnNqSJWZf6AxOoIjFs7x-N53cGR1xgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=14704236044330750000&adk=1248078277&idt=67&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1573725297936&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1573725297936&version=m202306200101&ct=76&x=1&cor=2553908682688325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6E0D 16 KB
12 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHBs5z4iPX_s9K2ki_SB0cVnsOWgM7EOB1iuaINfbuCMoDXtM3Qd9xHZ5cuoPq7TjpGpVh7zXZ8C83S0fhiHoJQ1lH46O9QNB67NFGW_In0kHBGfC6g1nK4W7vUeDqla5nRRhxqOR7u2nx0LLuz9xmhPVOuxyAMcVUTj0ph-Jm-bslam8&cry=1&dbm_d=AKAmf-D2vnm1N6Xp-geBMMTB4lYunKfzt_6oKaOB8lIV04z3rS75N9i8op7EasGeGUornNrClT_1z17t7PQBJOLUh35d_jj1EQ0jFzZRl7N-X3u7p0O01jLFGkiipLBzYvKV-u8D5Non3NRxhhQPjo6EUp8LqHwUV4wD_aVGzAvASA_wmyzs-RS93irb4Mv2lyAxK7lHzCJRfZfuqQYow31KXAjgK558cE5QFTJeUWomb7ZvDUnvS__S0zXlVtYxayE3Ks_8sYPu7ZaAqxHFWxucLLPhRU0SsvFUhT-893oaRs0ZmnCRid81zXZJUhGBXS4ATDrMW2eeZHR3zmV8SXNocXNm_-EmQ_vdxgFMlKHb6agOCG_JjmALdmJSZdDyHrawxkbOgxQLcChj1y7uKnyYZKWtpX63KnZboMCBineWVZ_EVnohm5nXOgdGsdcoeHSoBTHQ9TG8kQjZ-OdzgEWlwnvVdENj2ApSWKzHzRMy-UnGPwlGjq3UWEEiqpZrJsGlyPZrLX0MRvqBvkQaD3UctuigxMysjg4jLQrNCGcvFJNpNmoCkA_GosBzqfEBArV0MKIrT9YbWpMCEfhxGdK1sQTt7cifpViobYU1mgWnIJ_KDvTL46cnDMzaCJE1iv4ZahISpEOXtPTjP7GBcxFJq-dE7tUaCrooUtEvH9uGJarvbeFjXuxlACXdsZ3gGuccyL-x2wOMDbOWZJ9fyOZvTJ1-_a7nR1g_yKtx9-AJiOArd_BC67G6Iw6l0U86l9_qNNNUq-gNoepijUNVzuhR_X5nODAlVpQMEFJfipycjAujgiOQ6K71XHG3SyyuwhnKVSdLYKbnxOrIgBvOScSpfpPoslY2QU2yz1cRDXORFyI4rApJh41Fjq2LaimWlgaTt1nlwTzve45Wp0lxUvBHFeQYHcxFe50Phabg9cvYn0A6wFsbLaU_nt5lqr22ENiG_I4GPyXMXdLn-UHAA7mOvIpA7vuzz3lRDBdQdosyLywa0txV1u1DOkegwOIVp3DK0DfSj3wFzMWKvdyRZ6wKfRHvk8-aqKkSQZ46Xql93OH31mBOSnOfrl46e1sM4vG1ZLpZo1noSOqTLAL3xO0ux823jVGlpNMjTnN6-xuW-fOvNxeUbKnewqa26OpwHmQagis8ubHLe0jbJWY8V2fxoF6-TLWu6jcfK2c_IALd1Wa8988jb-e6EwNAL6mmfRfGyTEFzDM445FqVTXdxioQSzWnAXx2BJ7VhBq7Xtr60MciovTUxx3l2dJ40hRsabNqO3yORR_fgHK3RZ_yH3nkTKQ6l3HSrvTkjE-k_gGtmu6Zd0hA8Qn0nCBwKgg8MTuvlRLkaRRDgULfn7gzp02bALkpMNAhDjr-JQQ-qYE4XXFkElhVFRrZfQAAmkf6ImWS3J5aUn2ljqAniBIYu93pR8-uaqXRV0W3zxMMY1JrB_SuOCz43IbHyGkb30IqTO81ycHIgpt0dpVzhfbaVSeGU8DdrdFsnX449GkJw_8cwaw4B0M109gdObN_dixinlLP0a58AukFZrqYfJglXlX6-Vhu1iw0_gkUdaYINPwT8qtTEVv3fXjmbJwPgXGLqJV27DNdI1sNdAggdeU_FlC1zQltutpX1FENSiRg2NqfPAw3S3Nos23xREx9VGxO5pCl7NEXt4eu7iXUmOhGx25j3fHFR6YatExv2s_-70OcguT9rm59gQkEHekFLlxH2DNYw5-K25_a577bXwjsO-13EybP61QHdVnXjcB7m-3rxTPkIbQJS5XZjiGZ9JZo38W_dU3zJedCaVM2TGj-G3oIsY2-LFcW-4zu4VYFZnAIfgQ97dUnAdW7hBCGxyIxCJEg_i-qgUg5_aqvdkfI8E-IMzFlOHiManRw_nPqeLkkkLPlvJAVwCMieXC_nwCwb_fOr7bf31w9FIQuB74oYIYFMRV4qPGlx5ycDvX3XlDKouYXtx-oOU_-GbjG5YVifYoy1RtofE9-XOO5aC7NnPZ5jpvaRV3PYMJTwDU52dmC_Pg8xF6OhcHaRRPFz6w0Z8bHmWHVDJZ4xKmowYsCUDf5si5Dgr8Zlcw4TLe_PdeZigiulEilBuI1eb7Kle_M7VR4VSJfKYmCw7T2RBbSTd8PGzgxD0J_HfL8vFhIEheLYzAz4drVIT1zstymF45Qips8WLB-zRdxGumwv6GLZCW5vEM76MGpTxXKsSlt2epZnq9quk-E_8OUmCSmHMy34Pq4Z7AegdCUZgM0TWq0EWYGe1fUAd9oY0qQyBIC7elkJgOxwCPvgtIwJbhw_BW4C8yFGSvLdvjkizWSaeHpnD0kX15Q19l5RsH8onAttNFLMlWq1EFuveWsDmGguT_lY1gVD9FpPNSvQgLYzwB2RvVQn8Veflpvu7nfJYfo0Fc0qy99vUdHdy88al4cgIAq8G46PgjF-XwQOT8SSl_0sscpttdkFzVae09u2TlMb_5GdSnrXjsRVmFrhsWsELPmlz3eivkj5IVoqWYURjyWcO2ljP6nFoI08zSgqwfve0DtfgKBbW1ut3gho37eMLZyOixop0UB6BVjy5_FwnxV5iNxIXM3PhwiNQIRj9TyhbW0Kcagq2uKHoJPuOfPjVvlB_Gi8vt6aPcFXreEsFPiQf2RNyyL_bvZ_aLMv5KitfVWOMEglOKQnZyQVfWscVDN6OQXEtu3TV23OwB7jHHmxMJBcqxI1HS6OvowA6DZNcKyju0647tIEKsypohTbrFBihq1YnRa8Ohm-Smwytdzj-7Tvq4JJMr26YmU-SvgPXwIuQDGPyaD7SJTukXetaG4uVbweAVDoZVaAYFzedj1bPEDBt6MRS-UQfupcT_OnUplyQpFGMlbcaHpTAf3rQ5J_5YTDltaj1rYv6y9dshR4Wl1X4d5CU3k8J6S-DOPggYSm24cvlOnr1m8Fh6uXWg2GEOZ_zfD2E8TYH_MY50PdNodW32pStGQ2JNXzP6AFL1uiH64Axmwf4nVudjT7M8XeV8Sm1yiXhJ-7ywGdySO680y3_zRaWpiBDz3hW_LPRLeStAppZrx6y0lbBi-gEDwBTeijBH7m6ROqvL3CNJqr0b24tI_5eni8lkjiLolTCczIVjcGOXIkcEX90q5ywOvyIRGIky_3Tv3K-y1O7juFNDgWFY8FwDGGMPOhigswG2sXUuI83XZqY3fgksqGAe8vxCeOWsEMPj0ylFxtYGTgj0lQJmJOxFhN0FfWb5GEjIlb8n6IeddVPr8buvQgbmxXJVdrmNvj_cG&cid=CAQSSwBpAlJWHrx4jrjrid1KndT6SmvAAUS7KtxOG0zIk63qzfK3s06c1pO1CFzkhK8xLXfgVmAYPLFXwZHZUOxybj6vQMkWPpcGNyJXhBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=2553908682688325000&adk=105519565&idt=51&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3876dabc43d987605647bb3ec0567bbe75f6b4e2cb633e5a0245fb5197a67c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11989
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame 3B86 57 KB
19 KB 23ms
22ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&dvregion=0&unit=336x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:31 GMT
Server: UploadServer
ETag: "4455786dc20506b8e54048c7119b5c5f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Thu, 11 Jul 2024 05:45:16 GMT

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame 3C1E 57 KB
19 KB 24ms
24ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&dvregion=0&unit=336x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:31 GMT
Server: UploadServer
ETag: "4455786dc20506b8e54048c7119b5c5f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Thu, 11 Jul 2024 05:45:16 GMT

GET
H3 200 trkyjs.js Show response
static.intentarget.com/track/kangleigm/js/ Frame FD98 7 KB
3 KB 32ms
32ms Script
application/x-javascript 2606:4700:e4::ac40:af16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:af16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 May 2022 15:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88409
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOtM75ovSRIQFtWvMNKukWjn2ZhgHsUTw8WpMaGhqvVgcpNZ8kQptQAchhyOtMJ%2FfZY%2FgHJYO%2F5pfaRvlL7yCWqWiImkz2CFG%2B5qRCKzI4v2OEJS9S9PXiFymhK1JdkVp0B14Mid9%2FcTWW7%2FcaPUAy2hjGOP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7eb1067ef9284d8d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 03:28:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D976 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 117959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E0D 41 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHBs5z4iPX_s9K2ki_SB0cVnsOWgM7EOB1iuaINfbuCMoDXtM3Qd9xHZ5cuoPq7TjpGpVh7zXZ8C83S0fhiHoJQ1lH46O9QNB67NFGW_In0kHBGfC6g1nK4W7vUeDqla5nRRhxqOR7u2nx0LLuz9xmhPVOuxyAMcVUTj0ph-Jm-bslam8&cry=1&dbm_d=AKAmf-D2vnm1N6Xp-geBMMTB4lYunKfzt_6oKaOB8lIV04z3rS75N9i8op7EasGeGUornNrClT_1z17t7PQBJOLUh35d_jj1EQ0jFzZRl7N-X3u7p0O01jLFGkiipLBzYvKV-u8D5Non3NRxhhQPjo6EUp8LqHwUV4wD_aVGzAvASA_wmyzs-RS93irb4Mv2lyAxK7lHzCJRfZfuqQYow31KXAjgK558cE5QFTJeUWomb7ZvDUnvS__S0zXlVtYxayE3Ks_8sYPu7ZaAqxHFWxucLLPhRU0SsvFUhT-893oaRs0ZmnCRid81zXZJUhGBXS4ATDrMW2eeZHR3zmV8SXNocXNm_-EmQ_vdxgFMlKHb6agOCG_JjmALdmJSZdDyHrawxkbOgxQLcChj1y7uKnyYZKWtpX63KnZboMCBineWVZ_EVnohm5nXOgdGsdcoeHSoBTHQ9TG8kQjZ-OdzgEWlwnvVdENj2ApSWKzHzRMy-UnGPwlGjq3UWEEiqpZrJsGlyPZrLX0MRvqBvkQaD3UctuigxMysjg4jLQrNCGcvFJNpNmoCkA_GosBzqfEBArV0MKIrT9YbWpMCEfhxGdK1sQTt7cifpViobYU1mgWnIJ_KDvTL46cnDMzaCJE1iv4ZahISpEOXtPTjP7GBcxFJq-dE7tUaCrooUtEvH9uGJarvbeFjXuxlACXdsZ3gGuccyL-x2wOMDbOWZJ9fyOZvTJ1-_a7nR1g_yKtx9-AJiOArd_BC67G6Iw6l0U86l9_qNNNUq-gNoepijUNVzuhR_X5nODAlVpQMEFJfipycjAujgiOQ6K71XHG3SyyuwhnKVSdLYKbnxOrIgBvOScSpfpPoslY2QU2yz1cRDXORFyI4rApJh41Fjq2LaimWlgaTt1nlwTzve45Wp0lxUvBHFeQYHcxFe50Phabg9cvYn0A6wFsbLaU_nt5lqr22ENiG_I4GPyXMXdLn-UHAA7mOvIpA7vuzz3lRDBdQdosyLywa0txV1u1DOkegwOIVp3DK0DfSj3wFzMWKvdyRZ6wKfRHvk8-aqKkSQZ46Xql93OH31mBOSnOfrl46e1sM4vG1ZLpZo1noSOqTLAL3xO0ux823jVGlpNMjTnN6-xuW-fOvNxeUbKnewqa26OpwHmQagis8ubHLe0jbJWY8V2fxoF6-TLWu6jcfK2c_IALd1Wa8988jb-e6EwNAL6mmfRfGyTEFzDM445FqVTXdxioQSzWnAXx2BJ7VhBq7Xtr60MciovTUxx3l2dJ40hRsabNqO3yORR_fgHK3RZ_yH3nkTKQ6l3HSrvTkjE-k_gGtmu6Zd0hA8Qn0nCBwKgg8MTuvlRLkaRRDgULfn7gzp02bALkpMNAhDjr-JQQ-qYE4XXFkElhVFRrZfQAAmkf6ImWS3J5aUn2ljqAniBIYu93pR8-uaqXRV0W3zxMMY1JrB_SuOCz43IbHyGkb30IqTO81ycHIgpt0dpVzhfbaVSeGU8DdrdFsnX449GkJw_8cwaw4B0M109gdObN_dixinlLP0a58AukFZrqYfJglXlX6-Vhu1iw0_gkUdaYINPwT8qtTEVv3fXjmbJwPgXGLqJV27DNdI1sNdAggdeU_FlC1zQltutpX1FENSiRg2NqfPAw3S3Nos23xREx9VGxO5pCl7NEXt4eu7iXUmOhGx25j3fHFR6YatExv2s_-70OcguT9rm59gQkEHekFLlxH2DNYw5-K25_a577bXwjsO-13EybP61QHdVnXjcB7m-3rxTPkIbQJS5XZjiGZ9JZo38W_dU3zJedCaVM2TGj-G3oIsY2-LFcW-4zu4VYFZnAIfgQ97dUnAdW7hBCGxyIxCJEg_i-qgUg5_aqvdkfI8E-IMzFlOHiManRw_nPqeLkkkLPlvJAVwCMieXC_nwCwb_fOr7bf31w9FIQuB74oYIYFMRV4qPGlx5ycDvX3XlDKouYXtx-oOU_-GbjG5YVifYoy1RtofE9-XOO5aC7NnPZ5jpvaRV3PYMJTwDU52dmC_Pg8xF6OhcHaRRPFz6w0Z8bHmWHVDJZ4xKmowYsCUDf5si5Dgr8Zlcw4TLe_PdeZigiulEilBuI1eb7Kle_M7VR4VSJfKYmCw7T2RBbSTd8PGzgxD0J_HfL8vFhIEheLYzAz4drVIT1zstymF45Qips8WLB-zRdxGumwv6GLZCW5vEM76MGpTxXKsSlt2epZnq9quk-E_8OUmCSmHMy34Pq4Z7AegdCUZgM0TWq0EWYGe1fUAd9oY0qQyBIC7elkJgOxwCPvgtIwJbhw_BW4C8yFGSvLdvjkizWSaeHpnD0kX15Q19l5RsH8onAttNFLMlWq1EFuveWsDmGguT_lY1gVD9FpPNSvQgLYzwB2RvVQn8Veflpvu7nfJYfo0Fc0qy99vUdHdy88al4cgIAq8G46PgjF-XwQOT8SSl_0sscpttdkFzVae09u2TlMb_5GdSnrXjsRVmFrhsWsELPmlz3eivkj5IVoqWYURjyWcO2ljP6nFoI08zSgqwfve0DtfgKBbW1ut3gho37eMLZyOixop0UB6BVjy5_FwnxV5iNxIXM3PhwiNQIRj9TyhbW0Kcagq2uKHoJPuOfPjVvlB_Gi8vt6aPcFXreEsFPiQf2RNyyL_bvZ_aLMv5KitfVWOMEglOKQnZyQVfWscVDN6OQXEtu3TV23OwB7jHHmxMJBcqxI1HS6OvowA6DZNcKyju0647tIEKsypohTbrFBihq1YnRa8Ohm-Smwytdzj-7Tvq4JJMr26YmU-SvgPXwIuQDGPyaD7SJTukXetaG4uVbweAVDoZVaAYFzedj1bPEDBt6MRS-UQfupcT_OnUplyQpFGMlbcaHpTAf3rQ5J_5YTDltaj1rYv6y9dshR4Wl1X4d5CU3k8J6S-DOPggYSm24cvlOnr1m8Fh6uXWg2GEOZ_zfD2E8TYH_MY50PdNodW32pStGQ2JNXzP6AFL1uiH64Axmwf4nVudjT7M8XeV8Sm1yiXhJ-7ywGdySO680y3_zRaWpiBDz3hW_LPRLeStAppZrx6y0lbBi-gEDwBTeijBH7m6ROqvL3CNJqr0b24tI_5eni8lkjiLolTCczIVjcGOXIkcEX90q5ywOvyIRGIky_3Tv3K-y1O7juFNDgWFY8FwDGGMPOhigswG2sXUuI83XZqY3fgksqGAe8vxCeOWsEMPj0ylFxtYGTgj0lQJmJOxFhN0FfWb5GEjIlb8n6IeddVPr8buvQgbmxXJVdrmNvj_cG&cid=CAQSSwBpAlJWHrx4jrjrid1KndT6SmvAAUS7KtxOG0zIk63qzfK3s06c1pO1CFzkhK8xLXfgVmAYPLFXwZHZUOxybj6vQMkWPpcGNyJXhBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=2553908682688325000&adk=105519565&idt=51&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7704 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 117959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3B86 686 B
722 B 160ms
40ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_476816244445&jsTagObjCallback=__tagObject_callback_476816244445&num=6&ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&advid=&adsrv=&unit=336x280&isdvvid=&uid=476816244445&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&aUrlD=3&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTaufd4fb6%6077ff4e4aba_6bh5bbfb2h64cf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C&dvp_exetime=13.90&callbackName=__verify_callback_476816244445
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 42bb4183c387f22419586cf2e066eefe11d33edd5ea77e42e5e7a7124b7e02ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/22/2023 04:02:00

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 3C1E 686 B
723 B 156ms
41ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_288784966634&jsTagObjCallback=__tagObject_callback_288784966634&num=6&ctx=26679214&cmp=30199027&plc=371803422&sid=8351941&advid=&adsrv=&unit=336x280&isdvvid=&uid=288784966634&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.00&dvpx_strhd=0.00&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&aUrlD=3&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTau35fdc34bhg_5e53d6a37_%60263g5dg2h5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C&dvp_exetime=3.00&callbackName=__verify_callback_288784966634
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 22fb9bf6887f066af5c6caf7dc608a861ec090bd2c0b2dd9c49c372414a8807e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/22/2023 04:02:00

GET
H/1.1 200
OK dvbs_src_internal119.js Show response
cdn.doubleverify.com/ Frame 6E0D 57 KB
19 KB 23ms
23ms Script
application/javascript 2a02:26f0:1700:6::17d5:a18f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26679214&cmp=30199027&plc=371803425&sid=8351941&dvregion=0&unit=336x280
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 08:57:31 GMT
Server: UploadServer
ETag: "4455786dc20506b8e54048c7119b5c5f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080000,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18798
Expires: Thu, 11 Jul 2024 05:45:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 90E6 34 KB
10 KB 42ms
41ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 50672bee095db1c417d3649f7588f97953ccecee62b31a87ff1d93e15bb0b362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Jul 2023 13:56:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35639
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 23 Jul 2023 13:55:59 GMT

GET
H2 200 336280_4.css
js.akusehat.info/track/css/ Frame 5ECC 3 KB
1 KB 34ms
32ms Stylesheet
text/css 2606:4700:e2::ac40:8313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=23J6S4YK6MVCTD7HCBM8&sectionCode=d0f1f448-4828-4ed1-934d-614e40ebf651
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 128936
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeYvj%2B%2BH7Yvmqf8TLhF4fmY1Mho5QyYCfWv6nBaKmOGZXDLvNzKfqPv%2FXjk0pxAN1RPcIG6KRL%2FpicpRkrULlEBByLV9DBmmSl6zYqGdriaWp6BRfG7cZ7W9Tqq%2F7KoevP4Hxm6Q6xdVelUe7bSs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7eb1067fbae19bb0-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 16:13:04 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 5ECC 69 KB
22 KB 120ms
30ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 03:33:39 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NJ4QY8MDNGVPGP3K
age: 1702
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: 7VNML2XWbqTBBkje7cAGuY4PHb3L7whdfbjY2wJg6FKS5/Vy4M6Pw82tp0Yn/184Bt5Ee17T9fY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame FD98 95 KB
33 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jul 2024 01:02:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CDD 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4gMK0w
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2753 0
10 B 25ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ehGFiQ
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D827 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ts9F2A
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B85A 0
10 B 23ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2HNqyA
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CA43 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 117959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 6E0D 686 B
724 B 66ms
37ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_798886437729&jsTagObjCallback=__tagObject_callback_798886437729&num=6&ctx=26679214&cmp=30199027&plc=371803425&sid=8351941&advid=&adsrv=&unit=336x280&isdvvid=&uid=798886437729&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=115&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&aUrlD=3&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTauHHH%5DG2242D6%5D4%40%3ETar9EEADTbpTauTauhb3e373gccf5ch_5dhgd625h_34d_%60fd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C&dvp_exetime=7.20&callbackName=__verify_callback_798886437729
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 43ea1e7b40f3b77d82b804076987e89f0d9c06d08266a85cb16b60d5ded39f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:00 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/22/2023 04:02:00

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame D976 37 KB
14 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 90E6 284 B
536 B 1003ms
23ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7704 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 3B86 0
234 B 915ms
248ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=6f2e99aab584417e89b534693c0c84f7&vfdur=162&cbust=1690084920430289
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:01 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/22/2023 04:02:01

GET
H2 200 DV_GlobalPassback_Update_336x280.jpg
cdn.pathtosuccess.global/ Frame 3B86 136 KB
137 KB 919ms
249ms Image
image/jpeg 2600:9000:2127:3800:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_336x280.jpg
Requested by: Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3800:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6653607e0b602b82817826e816ad773787a72cd46e92983b39a35d4bb2399968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:57:48 GMT
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:38 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 9062
x-amz-server-side-encryption: AES256
etag: "8824fffbd8d96f189034cba860a61627"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 139629
x-amz-cf-id: QhcwlUEPyf98Uk5FJhqveXNLSXfJUqUxTSFUOD_rZXYgTy2r3ZIWQw==

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 3C1E 0
234 B 916ms
249ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=430ca055592448f29d251cf445e53929&vfdur=159&cbust=1690084920431304
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:01 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/22/2023 04:02:01

GET
H2 200 DV_GlobalPassback_Update_336x280.jpg
cdn.pathtosuccess.global/ Frame 3C1E 136 KB
137 KB 980ms
310ms Image
image/jpeg 2600:9000:2127:3800:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_336x280.jpg
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3800:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6653607e0b602b82817826e816ad773787a72cd46e92983b39a35d4bb2399968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:57:48 GMT
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:38 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 9062
x-amz-server-side-encryption: AES256
etag: "8824fffbd8d96f189034cba860a61627"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 139629
x-amz-cf-id: O9H9_yB2lEai0jxLNilmR3ejq-bOBAVCVAF5uhXJQUK1PoPK2IdGMA==

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 6E0D 0
234 B 911ms
249ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=55f81a7a715a4d73bc26a25b993c3cfc&vfdur=67&cbust=1690084920437401
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:01 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/22/2023 04:02:01

GET
H2 200 DV_GlobalPassback_Update_336x280.jpg
cdn.pathtosuccess.global/ Frame 6E0D 136 KB
137 KB 975ms
309ms Image
image/jpeg 2600:9000:2127:3800:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_336x280.jpg
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:3800:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6653607e0b602b82817826e816ad773787a72cd46e92983b39a35d4bb2399968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 01:57:48 GMT
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:38 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 9062
x-amz-server-side-encryption: AES256
etag: "8824fffbd8d96f189034cba860a61627"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 139629
x-amz-cf-id: 06mZdpqXoRgws34-T0MuwkDKAF9H8fcAU9nCf3ubBFGjMsdMDCwefw==

GET
H3 200 gemini_2getherclick_ifr.js Show response
js.akusehat.info/track/js/ Frame F50F 6 KB
3 KB 34ms
34ms Script
application/x-javascript 2606:4700:e2::ac40:8313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Requested by: Host: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Feb 2020 08:38:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 184780
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbxsYc%2B4h9POKX%2BUDk5Y9UYlsnBTWvhOv3K4tI6So%2BX45ZDYKtGjv1HvNk9YKhSkwos7PCIxZryYeJpO1DkQ%2Fj1K%2FMkOX%2Fy%2Fu7x1er0aIGNVewkNjJJGmVQm1XYyEAsiT%2F5%2FW8Db9RqdiWJWjcOW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7eb10680da129b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 00:42:20 GMT

GET
DATA 200
OK truncated
/ Frame 3B86 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84dbca43fb07cae9e813ab91bcca06ff15f2626b59e812678381fb851d8fe2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3C1E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 699be0a25a9d30c2c23a2fa2c10be85a2c4f89df298fb23d3c8da054f960705f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame CA43 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5ECC 256 B
578 B 840ms
288ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=d0f1f448-4828-4ed1-934d-614e40ebf651&apiKey=23J6S4YK6MVCTD7HCBM8&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fyaya0506.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yaya0506.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sun, 23 Jul 2023 04:02:01 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 1dc9ea26-3cf6-4c22-915a-be5b81cf0064

GET
DATA 200
OK truncated
/ Frame 6E0D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5dadbbd762b6840163f0488c4f93b8863da903a1cacfc8f03bb8058cb312e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 336280_4.css
js.akusehat.info/track/css/ Frame F50F 3 KB
2 KB 30ms
30ms Stylesheet
text/css 2606:4700:e2::ac40:8313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.akusehat.info/track/css/336280_4.css
Requested by: Host: js.akusehat.info
URL: https://js.akusehat.info/track/js/gemini_2getherclick_ifr.js?size=336280&cssHost=//js.akusehat.info/track/css/&cssUrl=//js.akusehat.info/track/css/336280_4.css&aid=0&apiKey=7S3PRYCYM8HR3CGJBSGF&sectionCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 08:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 128936
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z5rGMh00PFx4xwuzn4cPrfV3IK9w5ZIxnm2DjSLsUN1hslOrqKU%2FQHJ8A7uCJWhz%2BsAEqGoXD3n3v0dCM%2FSkm4A%2BHWmADWStzLDhKqSGahM6OhHb2h964lJuisKB8XslRdKcRk3XuFsUlZXm6e2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7eb10681aade9b80-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 16:13:04 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame F50F 69 KB
21 KB 31ms
31ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 03:33:39 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NJ4QY8MDNGVPGP3K
age: 1702
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-id-2: 7VNML2XWbqTBBkje7cAGuY4PHb3L7whdfbjY2wJg6FKS5/Vy4M6Pw82tp0Yn/184Bt5Ee17T9fY=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access: public
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H/1.1 200
OK campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 2675 1 KB
2 KB 951ms
242ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=sunflyday_s1&device=pc&n=1&position=promo2&fhash=c3VuZmx5ZGF5X3Mx&size=336x280&slot=336x280&cate=&q=&host=&is_tw=0&country=de
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 873480c6d7eed9561c4523f717b3d7b278f4b6e39bbfa0336a8c93e2d27c765f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:01 GMT
content-encoding: gzip
Server: nginx
Transfer-Encoding: chunked
access-control-allow-methods: *
Content-Type: application/json
access-control-allow-origin: https://www.vaacase.com
vary: Accept-Encoding
access-control-allow-credentials: true
Connection: keep-alive
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 969E 0
0 101ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQXoCVfeFYPptgBzkttXotH-b6I6nsz-VR2cSapG09XpHEBLlONTUARQ6Vat9VpuXVl91G0gQ7KEQjiMexjLcRF-wbwT-RIGsw4tuoOqeUugUnJqVT39IS9G0mWMWT8fdfeeqPUwvdIHLvAAU2AQ5_Rj7E0jV2vRuRYWanT5rb2xiYIOpmEflZtuBURyAjy2GOWvXLaFQ6ZmG6DZnyij6OCJHppz4Tfjccq8QkbghXyBmsZk-ww0pGvQXjn3E-H5x4zcqy4P6wnwD5lQxwaUHzA3y25TKckOhnxVh-IihuxFrpiq1xSTdmbLYUq2ip43RiqlIS6penwGVWa68JRmSg&sai=AMfl-YQPcCXSjjTRF77mZkq7KyoketecDxlk8-e6BIClX_NGd5HXgzS3D2fd2h4qHoO8iWZKWHc5UpVX3ifZ6E-PlCIheuF_syNWMYGqcRbgIAlAUXmdiSoQMwj1C2qNvpWXf8dzmVqYnTxcmlsDXDQ&sig=Cg0ArKJSzOeybnSEkNoUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Jul 2023 04:02:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D976 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj9tlN6a8ZPCRNYmNgQfriZvQAgAAAAA4AeAEAg&bg=!09Cl0ITNAAZsPphkTD47ADkAdvg8Wv-Rr7XYYsbiNdzearujIeqIzc-aC17oS6-8XJ2vg7JNiCxLHKifgfiwO2I_0F342QrOzZYCAAAAw1IAAAAHaAEHmQNk7r-fV4Ov7zfsnzt5EGHAOzu0-NUBoD9bwI16r2K8Qql3aGGEiUIDJIs0n24Lad7JA0DTaLWEarMdm8u_JjlI9d2FyAMtCBJjWEYZKNvaHihu13tt_MW-sweWmc1JQ4wnNMiYVck2GzbMgzgVcPssCMZMBN4ThorzvtRHE6VwvZwBX_n58Et8fhDbR8wKjDQhv9ZEf9O4bbHe4d38g_p91KPKERYnOgpJeffcOX3NDmUOqS3UUbRFfmLd3gIGXhTd_inOKqfCScMgzyXQhTS4HoKEKLjTDHauGDSHxfpsZhKjNg-vemXhwplzhIbjF2OAi5e_3885PoA_dFsInnRNymLhxuDoKb-t0Hzay854Kd_YQA4KjTnNHbUoJHWN8cEt0XI_zP5Y4QgewZzRl0mVZPatxEJ9D-cdJdRk9u_7ckkABYSw1vJ0nyO_LYqVjVfwW0jROrCO4bTmOwiIgSJMBKViaBMD4M_w_FxXCyPo2aK2eapS0xrFrkDWCMBOX4fkJrJU9J08PSmmlay2XeGTsjNYQBbctbbMR3Fsd7fOm0LjnOqjxQ82_EOX2I8t64--5lrtiE-SNM2LCcz8hnT6yeXdXYMIUjM63xyWf1tWaDkU4mxrAEAa2KHO9MFkDP9GJrynN543ySinZfQ60PZJeS8VIa3SGA1_4KEWmkuVCNza0VD2agcf3jEXzR95rCI5jqM2BchhTYyGU_tmnc290_w619ceF1-jcqfUYB8GGN2w9tPl5Wch9Od3s2dFJZpNgyTQfZWzJNxel8Hl3W6CJJUgWtrTQlrT7XLPG0Vr7XuqwdOPCMajhMSReQaBF6Xy19gPianx1yXXpcdQDMdpa9ZSjYfDcwXPhTkrsFMMSlq-B_FTkIgVRrsz-IhNShHG7YYARYjy6wDkLgvzkfqkp-x49eo2nfeAqVKlMX9oFPxsXsBuwROG0AKuwGe9raG0gDApc7nO9V1s2JScNukPnJ6DMTF9k04hF4TB95w7dXjnLlQtAosGB6vsdDHZbgMxUYb0n4i0ACmmOcLDsNgcd8NHOEl9PYyIiNyOpoukT_L7qEmXdYDhpruUfOgzZvqJlIm0rUPQI3sKDwsQRhtBwVvN5c1SBFS5dZi2D0WwNYD8HSlbmTprnt-_viWdvO_NINe8VA

Requested by

Host: 75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
URL: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7704 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ben7EN6a8ZLf-NcW8lQfv1JqwBQAAAAA4AeAEAg&bg=!Hh2lHUnNAAZsPphkTD47ADkAdvg8Wg8D4lwUMax1K8MUHBqq4u8s3moGPCRCga_-hI3eyiCQvmAJmVjiSmX0Tu7pZl3w_fgYsbsCAAAAo1IAAAAFaAEHmQNI3rCqHdAPtG6cdeNlQffdp3NEZ5IcMnAbet88uJGTkFpcKxifgh7JhhASX80RDOoNYbCa695ARPlzubCBtEEWGycUgXwpPVgD-etMcej-AIxx-F9NCvjiKZYx5AincUtoO9JgP7I-rFyLpo1fiUM_uNnEjVIveiTsqqHSn6LJiZ8y0N2XyZ3GSHBYJ2_klW1iDts6Wo0jQnnF7DVqGbAID5aRJZ5PnygJH0md83-05vipq4okhupvY7IOGk5AwmDNx6Ui5-NbHRrYuh4PCsupsVhjfPgGJT6qMj7mdREDFh1ho0jmU2_OsCatPJb2zmpVAARZvJ4rgxCI0HbqW1oc8XLP6CNF4VAWUKLGjRO8oSGyXVvC07eTRPsVbtjd33_iFIszZ8Y_WPnoQ0loGfMwDYnEzX8SggXjUmqV1Ak_Yj6DHwuLrFxHj-FneuP_Az_T7cpgo0K6XUUGu6UwVpIaz1hVY1Qo97ClheMPTqYNHzqjgJ8TsPe9d3QT03y4-WZ-CUGBxFKpjRzOolZ4hhEr-M2j5ri3RVSvvaodpHdtsI5y2dmAZEpJvWDLyT8ZReTRqbVjqZLT5VQmZkWE-4oC3J6VfLvqV6bxeghAhzakVfscZysqT3JIEgxnFKKQFOqWTvW3OpmUIJ1IOFNhWkDxjvtAzeKQMPi4AIQGdyAHqxdp_vv8oosahVGwe33dqR3gkvrmP1ekz_3cMF_Kjw8DfVoufce6Ey7BzX3bSXiBpk-cHowmmfpToqNUiMl_2lQERBbh4IIQqbw5BdWaZxtK2UXWZSZip2xy8GEK_M9FmOa1KwgeB8tFq9uWplQ1PQbC1T5jelok1KKeTpSvNeuRKlYrF_VZGMMZoDFO976BHLePpAyvIrxp6Jgd_h77eTwYXWDnBIx2l1zBhwt86YzMMnvALa8Dhc7PW2l8ADP9ZxPgJGBkdTqerNQvHAEwhQCHe6AUBSQpfXcQ4ksyHDg-BrdKLfOeCXdZmHZ0jumPQdtuY-_2akTPjg6dACyv7AcMvsRa6GbQhmLuWi9pVGdPW3taC1wlxcjytu96BujSGQOjHM6wCIznVTDn9KZzVkVqGe9jYl8mQCEHoFl3r9ZBY4uTpd_Bzhv2

Requested by

Host: bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
URL: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E8F8 0
0 377ms
376ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=2267138469789864&bg=!a2ilaDzNAAZsPphkTD47ADkAdvg8Wm15QogFE3BBnPbbKTPYTCWr76H3NjLiqsUbX7MEhuoCzyKXC3G14xRVgidRYU5No0aEGW4CAAAB6FIAAAAHaAEHmQLw-W70ZTvSLkiZ3Qiy4fuEkY8mQC1r8Al5vqrjZ3oxdXujk04EEjhEjaFkwl7G6LdcBuJkkUySC23VvBlLbZB27ITPGh-rVdPYftcyVZkqoKfmzNP5GnEdOtUx0o-lUAOhpSoZ16dyqseIZ2h6B8ZD_YQhqfLvBAfAJbUFZskgkX6V7RdVa0jB0A5R1unmB-fgGc5OdU948jF5eb2_DcqXF4Jb05VpA7iUss1eHYpXkKhy_sobjM-7-wcFXS3CMmGEdvdE35ZP0F72xAi20kE6m97i6fQ17fNTWi1nEiCL9Wf0TNKpkstem_WG3R5blmwuJ0sVEsCQlVCmkQt7-YT9Hq-jLF_1HvDpPtG4zm4uuFBHtLeYkUG4Zx6TL0LIJThBpio10265k3Ij9HJVuvDKHCO6KqrLTRpbaBCDW4kf4XBjfUKNTLdVrc9FRVgGwfQaMXKk5hDw31DopS6nh7psC2g90MvlrzoVbSVdxNBr6K7rfHsEbewUVLfSexh8AR6LNmEFokL-ZwePZBZqTzvRk2BjdsNLMfLy-gNwqXEj50nQmhNo-8DXrGGmq66yQ7gVtvzI-vgn4xgbp-TmppCy20Z-3POU4HlxevT0HEmJrDkPpf35920oxAxqs6r8Y_YNcN1GQpqYxXAje0ULsXrXZOD8PmJ_x6OMyAvm_kDyOQezIXc2kFBOxtWwmRj4j-qEtZ4pKFyJvpoYU33JMiSZrt5iQGWsRRBi-jWmjBDXW_xseGyxKEGYPbebCFEY5Eg6pYfsHcj0_iTD5_lB12KncnlDGFj0OpXw6ZVY5uhTBiaXvTdAt1Tkz1BSUC-2-NC9gxNUkx2VCVOBnl4pcaZkAcR9BtiocJ7Jd-ghxs3GupMsidN7uDO7mANs2C-_KqIr52eEojnsh8HudQu2El1ZTccQGymsPfukRiZ34BF_MESGRAgkf509Fe3xSJDnPB6h8dqosQgTJFqUGdQyxLgQSu1LUYGpBeORCwed_-XWSCI
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 714C 0
0 377ms
377ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=45529836018177&bg=!1dal1oLNAAZsPphkTD47ADkAdvg8WhenN23R0gdCzvXt8oeLyyBikFJHucvbzXwGYHwrwMcRVY8n8NEwL1yut_xebzCEWBq88G4CAAABx1IAAAAGaAEHmQL8E4X7jpAmVlyRok5N2MEy1GcBQ2-vfTUBf3oyV_lLY18mVGfGj_PhMz0DvQVz0DcFqGPrGLYczfjo_iqwJI-FzOvAsx2n3Kh67jDzAE38mwTjEpnJfy8Nj_oBMb2JBZjNuSP43i1u0wgJczXkwTsVhIcO5O7_WG7BlmGGVuiffj9SCsmi1mNkTxKLb2zulxFU22sJC-6KtlYglylKeKIbJPi1viah8aDPCLpcHnyqBs9Br8O0hUX5afl6VfgWfPnnNJkbYO_N6C_mImCSBjKgRpYaqyhr6sL0OBHvfOt6raXcowVPxkk3CDm-OjCsTAjhY8QmwVx6qUuC75xundxwsAiSrvLzXJu54G1jtZa-egxelk-bMhDnQjzN0o4zKJk7aeZ8jPKiHkcRNJxa2e3BAgvZ87PMa0JQMLWCM-sabFRe1oWHjA6ovh1mlbplo-8wvDa_NGkKVXval12k8kWfrdv3TX3UtmTcpwl48GlRQLxNUGZ0UQECu72vG7n9VMi_QfzIUpRLwwBj69s5lHCQyvCQEda7s-DQl9_HzxzsbVExSL2mxeYEFxhF728E6lw2h_dYl0BptUzDH1VU6Mz_fy-H968gjnzYsOGj6LRa-PUrtony3_VwMpjyaldQYbZwn17sJo0koQYyf7mqjSIKCCAyJRxmBLvN_bwhWoO-TSErbZikMAI8pKnxWbUF_-9ejRVy4s43ZP-lp7DASb0vvVyg3GukI5jak9NIpWI6DX630lPYxfXqmB0suZdhhELHqx9DUVM19RSgydAepglTnPykZ6v1Nle3ROYmzyXLaMngtJv0MK_ciTi24gCUkOUNOuPEj7mr2pjVPqWvha543HlgMzTeqoXArqpBLOtIbcfUWRpItOdHNCws8MlcCJ70TmP5TiU2CR2_Frpn9X7pfgO1Th2WH-HBF7prMzW6sgdA-ScHI9ogpVA2cH_YzREneaFPVCF3iUDZ7uJSfdJOAx6BIi6-lkPkBjjYRz2QjgW6CKascNvV67c5JCE
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C544 0
0 375ms
375ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=4485201836879126&bg=!ExClEETNAAZsPphkTD47ADkAdvg8Wl3PBELegMjvif4iUt378FzYonukNphoywtbrSHI7xTaJekKPo6muBjrJncpC6IdBB8E6ikCAAABx1IAAAAGaAEHCgCGByq_Z4PhebGkPx3caqyqGUw487kjz6YQlh9PR6MtQK2-XGseyDuNs5oGdRmZf-pqyTzbpc9simR_9eWQWlk_3-a4eJ4z4HE9Ra2IGU9g6lR8I6MVnVfvPDceCrP3c4OWEFL7lfXwwt0_FSkflIjeRhRNppSQHPAX1iBZ8Z0th-QtfhQbNK6ZAvRt_FvB2RvkCIFNRZqYr7gYsoBz70-jVhO8N2xCEvld44TcrZAfAMAxI9bO0zisvZZIrcz8RCFXVWpHLidZxUdXeFu7NzELCvWIp93vpBUaRDHnkWICjBav03w87r5f2I4XcsnqBeeiJ-qBWwicicNpx_aeEh3bE9eEcgGoO-29KFE-w4UZOVGSpjB-ONXV-pVOMtuI6vbZOi_BVLYaC0VB90z3wZrUU5PXAtvwvijYK74C27ZWv-MKvqmTdEh7u6Q2_Usjx0GN5gTkb-meAInx0_--9T-S_3OvRr8YMQnjTguX9RYzEcbBcfisTuyJSXBn4OWuK7IrEqzPiaMMs5sSeYH_FSNXg-SRXphu6k94K5i_U0UXTX9OP4bA8rLgGj9afs9HVo2-tCXJnjZRVVby816NKvpk5e3UnniEmOfaCpxyfCS5-OzqGm5qZMdEJUGxQ7zSE615DHv9vUK4Lx2VK38jfj1C0ApA13kaRsE8J1GJ8y2cCpPnO9zoDlaCNR8UCAKUXEca20wTnebQ0xq2ucaT9H1V4SYLb2U5XuRp5zT9rNPI_ED8QvppugiLva4seZW3iroOXi3WHOkDoaZUujZh-JDtKBdUvsHEcUeozspqllpIE7NoLU8MBEkYjuyOibpFuk-rH2pMTCwehTveYcbKd11kLteqR8HkjuCYLiu0LAVDy9OXv9zpcibLF1v1cU0yYn6AqN370SCnb_zl7U2nCS9arpW5d22FqxC3kJz9weISqtXWA-dx0YJtjP_BQR3KaLQH2a7hJU7QNHZ3tukbIMeOrJCxuJ0C08uUwWCOf85YgbN07lhESSFPIntXiR0--_4qjUUyoYx85Nz5oofn7nDLwH-cTgf8Sl7zGoEFGW4rtzxW9C1nHURkLOd-fQB2DFURF1UQzd9KyqeWG-3Nr6LWTn0a10VcT_Wb6-biX17ZQjqIDFsjM23g1iE8fzu8MndDl9Ybycga9pbv0J-UXVRbdOjbQlh8WpTBQm3sHxc
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B0B 0
0 351ms
351ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=2157481203578801&bg=!MjGlMWXNAAZsPphkTD47ADkAdvg8Wi0jaekwlFxvXjdehN6MEfilhDbqqmTPsBaeii6tuAkuHE6oq53EjerN3g3xXTFoEIP6WyoCAAABs1IAAAAIaAEHCgCP3GFQQpwj7zxe2PAJ1iIhfaissejkJ_ICEKgKFNDqacly5b9hoOMATf4USKwjLzzgf0FnTQzeipqTIjWKw6_PNjxEYRcsrdYIUm_0jdscnQhbucPAhnQ54eD8CtQH9dhr_PrkxgUz0oow98TbSncUN7wdP0vb98ignPOmxsM77Zvvf2bV9BDxk7z6OtNpIUqZAvk-pSW61xnoC8ZA24QGMnwpg77L_tPlzlXZNe8Ze3Ckb2rd8vgxSRXI06bYtDgIzNXpxedx6g2Q_fto9u_n0i6xpxJBbWa1IQ08uAftBfmRVnu6V-93PMCDFZ48QXwLMO1ixVKctjftfmVEJ43BgkhZoQ7b8sA35GVO5wsdb7Da3jy-eam96QtHOjMMPB7J0_B08fSmiSzguo6Deg82xRfLO8Iki5Uf8Sj1vIA8QHmtq5OgCGlE4uqNccwE6gg88xD3TMuFk4iFBiTnDLSiNvlfKSoXJyoFY8vF45DkYjS9Zn8XFgECIgtIjP00niSuy8Fv0gIBK_ZaSHpGm2puV5qCSIP3_6zZuZKl3-lUfAz2EO5lvltz32feVrSJKK1cSXIH4gzRXyyatPLKS-AGMD8fY1dyq38XYjY03FQ5okRyfg8NMtSYY96waPPu8azoAZXDZeg13i4wX34iY5MJi1s0aIdkiXv1V-JlOJFjQKYVW0MogsCXo4FXMyrfNy7LVryOa1gwMPGGEQB0sX9EPWRUHk9ACM5F81ao71x4qgxFaJIgZr9JbBBxHh6fvZn8sucT7lTs22eP2y9_uP872vyQCQshGVwnlJMnfoDbV2k9y5ytvsV0X7UGPAA85ztls2esYcJGAwgXgx2vcZLdj3sUZoYk9cOfkpkEbcOogIkMzlbJtpOA2PBwCBFBtElZQV_2p_nJPCtoffuo_9mpSyDasfiAOOD-hChmhsxfEeacA9cQd_GWD4lmmb_K-YWJUpE6W_NXrzTVxtFtdpvUn9F5He0_3g_vIv8QIgztxMLock2ALM6OCEiNQUyHHrPD3YFzjQ2_JPG9H41p3WqY8t79lUGXUNB6ITxDzQsdNTK7EOlmhwUxhTOpiJtc1b_kygM-nrms7_mx4Cg14YO8lr5gZKTsiytiaPQtyxBl3zK6Y8q3sP7RhxrW4wyTvIdzHdqcURr8g-NUrBNiMjoELSo54FdwxQHPDCkBKs3nBr_2JQlEA4iCrpi3ww
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame F50F 256 B
323 B 279ms
278ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=2c67468e-2e89-4737-95cd-eb63e4c9f2ab&apiKey=7S3PRYCYM8HR3CGJBSGF&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fdwjhgx.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

a857be6c72c3a0b032e7732d196ac05f142ba5cb791d5d13322603ad9cbc1ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dwjhgx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sun, 23 Jul 2023 04:02:01 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: ffccc9f1-65be-4554-9d79-2a317065393b

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 256C 0
268 B 454ms
454ms Script
text/plain 52.192.246.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.246.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-246-101.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 23 Jul 2023 04:02:01 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA43 0
20 B 181ms
181ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuL-IOKa8ZMirBuWD4gGXsaP4DgAAAAA4AeAEAg&bg=!_v2l_anNAAZsPphkTD47ADkAdvg8Wgi1H5NHAQhlOU2rKeKwvO0tkFcVBKET-0_CeroJaaWqBCafMe7ER9i2Y4GNEmSuoA1rzQkCAAAAVFIAAAAGaAEHmQNb6HZhRApAatMGZWJC4F4xlnTFEbSmMA7weh0NUwxLH0EdrwfTeHkB5-C69uNTKjDr7oPjNeQYVzba9cPgqGQlE33UfC2irrONQFl_KR30DUgDdWFAbLLm-i6s9x06fdqNtMFHd1Wq1Wr7a0RDgg0LFsIv0FEi6xlvAIB5dYykZREC1ZydHCOAfroA9gDjuFA9sVQMAIqaTsj1vV0Htl7cEht-e_11VxFYHrk9VGmC3yUdTwKZGpOeaQyXtMOByCgcq0ya6NXgtGz8wVQinxzB-8eKRbb4nzC37JiQ6G_ne5frsj8xQpi1mMeQFPv2vKVhOP8Oa8Jui04roj8ENa-vuNnIs2yBsWiAjUF3F61AX-XEZ_M8juW5-XJPgXYiZHNw78UXGr1NJIevIEfGXn_aPFiqXIut_FeCHbMzEldb06fds5GYfShtGshJrOclNVX-osDH1p06eg2_94sTaIJVavR3BPfjD7l8_i-ZBG_KuLp9ijgRXLkCNkZR9ze4zuzqg8IDgAjjVRAwj_Kr7hCMRdC_tEz-YbnXTec7wHS_nbMJNmrh8jFhAgfHQkPsR61XfM5PN4-5tkMfu8SiCtVmwL39As7bUl2m5fm-sC3AgqdjESPqdd39EBvnZDrsosUjMLcM-BzcJkFIGUyBZCFNR-zDtBWQgWd-N-SBszmd6W7JZKLPBqHfyNX4LBd0Y5BvnAzBaPTNJLzstiy1zrYEvkzhfY_ZiSQWQUZEiiWIp9JbRe264ZmjA3mFV_lqVCzVKQmrWR_sP5cfyKQdaU1C6nLO_HpyZrduEPzz_lJvvZ42PO8xmAta71Z1WlQ6cTgclJEHXQyh-5MZs1B3E1oeRFwGPoen-PtO2ESV0d0HFnxmRpiKd9agniT7d84dOyG4HgOJi4OtpG6qZ5qwbtz5xI3MQMmqAZDaiUFE22rvoYu44Fp81go2692EOizgGc5e-nuaS5Y-wxits4b0IrkZ8LVuL88GM7nhP0s81tkq_YomCokICCMyCDZ4vK2lQ2njla0P3W9d8HdA5X-WoGOf-TivA0jXeQIfXijEnQCDbXLEtwK1gaKlOogOLcTDdmjVFlzoQyhRj-DiRwmKPJQw8R_UKwUvVRt_Nq5-PZ8cp6CuDK-R4mWKEdsJpA

Requested by

Host: 93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
URL: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame B2FD 70 KB
5 KB 27ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4528314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ocaucVsRRn%2Fwqt2e6%2Brrm6xSW0xiYsUzxbu5VnYn5WQ9bFFEERBU1FKjCmaaw%2FJGnKK5IS%2B1j0LptWwP8RTGmSQLYtIB%2FS5W34WHojmeu4BEdWmg%2FfdLRqRD9VIbOhuhHj9UgIolrBjX126RAoBCT2T"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7eb10687f8c09a39-FRA
expires: Fri, 12 Jul 2024 04:02:01 GMT

GET
H3 200 ysm_sunflyday.js Show response
ad.sitemaji.com/ Frame B2FD 51 KB
16 KB 22ms
21ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_sunflyday.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 96e18d08fbf647109d011e9a7eb4f1ee50a1a2223920ed30e28624f44a31540b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 10:42:26 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 08:22:58 GMT
server: nginx/1.12.1 (Ubuntu)
age: 62375
etag: W/"649bede2-ccee"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16156
expires: Sun, 23 Jul 2023 10:42:26 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame B2FD 6 KB
2 KB 23ms
23ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 2cc9489c54b1b02303de7008f4ea63a4cf72c06a9f587075570557319a4d3018

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 00:37:09 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 01 Jun 2023 01:43:07 GMT
server: nginx/1.12.1 (Ubuntu)
age: 12292
etag: W/"6477f7ab-16c9"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2222
expires: Mon, 24 Jul 2023 00:37:09 GMT

GET
H/1.1 200
OK IzMesOVdirGtZ1ZiAZOcBy7qwJUQiU2l1VI3CllQO5BO5sI2kbtZcgvDmb-xhnY0E4GyKf4drzrrplA-_d9AYOPabldMtZg1rH4Ei7wDa6GxPdnKhQIb79dMBVkVs7FO7NrvfPG-KoxVszOHHALr4FyXoqLsRRwxR-eFWv17NDcePiFQehdggaIwhozwOt6jkbIUx...
fsa-api.feebee.tw/maji/v2/view/ Frame 2675 842 B
1006 B 959ms
245ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMesOVdirGtZ1ZiAZOcBy7qwJUQiU2l1VI3CllQO5BO5sI2kbtZcgvDmb-xhnY0E4GyKf4drzrrplA-_d9AYOPabldMtZg1rH4Ei7wDa6GxPdnKhQIb79dMBVkVs7FO7NrvfPG-KoxVszOHHALr4FyXoqLsRRwxR-eFWv17NDcePiFQehdggaIwhozwOt6jkbIUxY8_lqbtKkInc9PoYf_M31aF5qbGNLirXL7ewkv-Bintwjwhr9S2LSx2s8DrTIhfsnCjuEmbVnRlkhmV9W1_Ruk1VOpfNwIF_YkpE6mZs8.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vaacase.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:02 GMT
Server: nginx
Connection: keep-alive
x-robots-tag: noindex
Content-Length: 842
Content-Type: image/gif

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6DF2 80 KB
27 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_sunflyday.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44317b0ce661040de1e7c770893c3cae07aab0a9729e96c60b98f75dba5dd10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27539
x-xss-protection: 0
server: cafe
etag: 218 / 19561 / 31076268 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:02:01 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/ Frame 6DF2 385 KB
122 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88188519fe77336fb1c2efaa1c64e4e060133a3cbec7faa83e16e6543fa0a41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5523
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125228
x-xss-protection: 0
server: cafe
etag: 3607765217029924898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:29:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 6DF2 83 B
90 B 211ms
211ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vaacase.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c0447d59eb586eb830021df70ba7525185d76ad5ae58c260470f48767ca1b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65
x-xss-protection: 0
expires: Sun, 23 Jul 2023 04:02:01 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6DF2 25 KB
12 KB 367ms
366ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=750915275053410&correlator=1729600447235895&eid=31076268&output=ldjh&gdfp_req=1&vrg=202307190101&ptt=17&impl=fifs&iu_parts=22670248360%2Csunflyday_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=1&adks=1884041671&sfv=1-0-40&sc=1&cookie=ID%3D637b66ec7ba30167%3AT%3D1690084919%3ART%3D1690084919%3AS%3DALNI_MZYA8J4ggYzhga1DFuA2kJXY2TteQ&gpic=UID%3D00000c429a7174f9%3AT%3D1690084919%3ART%3D1690084919%3AS%3DALNI_MZ6aYlOwf1wYrq_sXOzJ8KE_zGTPQ&abxe=1&dt=1690084921928&lmt=1690084921&adxs=632&adys=8641&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=x2e3tdhilqa6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=5&url=about%3Asrcdoc&ref=about%3Asrcdoc&top=https%3A%2F%2Fwww.vaacase.com%2Fdoc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk&frm=23&vis=1&psz=336x280&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=968454278.1690084919&ga_sid=1690084922&ga_hid=1526289085&ga_fc=true&dlt=1690084921626&idt=143

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29fe6fc82f259ecf615a417451af93f396add41424dda6a24fc8203650900d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11864
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vaacase.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6DF2 15 KB
12 KB 68ms
68ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39390e7853cdfea3fc0df2b6467c37782429388fc5c2bc23b238c25746eac267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11767
x-xss-protection: 0

GET
H2 200 container.html Show response
9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FED 6 KB
3 KB 57ms
28ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:01 GMT
expires: Mon, 22 Jul 2024 04:02:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DF2 17 KB
6 KB 311ms
310ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Jul 2023 04:02:02 GMT

GET
H3 200 container.html Show response
9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A8A 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307190101/pubads_impl.js?cb=31076268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:01 GMT
expires: Mon, 22 Jul 2024 04:02:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB18 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 01:54:38 GMT
expires: Mon, 22 Jul 2024 01:54:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1FB2 783 B
767 B 32ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ddaa19925b4e5eed5a75ab9850135e279cba231cff456e5e0d03fa9027d05255

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OYDKjpWkARPl-IYjGLwFoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-OYDKjpWkARPl-IYjGLwFoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:02 GMT
expires: Sun, 23 Jul 2023 04:02:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 94E3 398 B
222 B 38ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVmVpOEiGM8H7kyv2fu70_BUZejnGJvmSlIDN5q8W6fZJVSGuy4nGWuhP_C7jyBfbsqlq427cUHIiGJordo73Ep6669tnfBYZ8JGS6aeVO0k408TmQdUhfpZ8efrBjDq_1n9xI68C3vS9LyINtg3PilxWk96-GRIF2CR4LOzsJtz-zx9pY

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9A8A 85 KB
29 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:02:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A8A 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DIGLzStnrCvXB0iC74hW_L1lCLcLB_IiDWSoiez1SNsIoa8PFiU5IckLz1yg6sUcDph6q8MM9nqAAM7H0-1u-H5Qeoj6tYl-cV327RAyTSbmJBgz4

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A8A 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6603402376489593715&x=1&ct=77

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9A8A 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 09:33:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9A8A 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 22:19:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A8A 0
0 31ms
29ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUlqd_HMMJdxDR87qJan5o_EsB2yshs9VpeMQCs0H2ALfvjjKr8VbXdU_4VQAECnkxdmwrpNDiLLVJpJnIo9tPOFrTYA
Requested by: Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A8A 179 KB
56 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jul 2023 04:02:02 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame EB18 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1FB2 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307190101&jk=750915275053410&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 94E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEdJ6bS3MXdOosvSM2azX30&google_cver=1

43 B
163 B

136ms
43ms

Image
image/gif

185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEdJ6bS3MXdOosvSM2azX30&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVmVpOEiGM8H7kyv2fu70_BUZejnGJvmSlIDN5q8W6fZJVSGuy4nGWuhP_C7jyBfbsqlq427cUHIiGJordo73Ep6669tnfBYZ8JGS6aeVO0k408TmQdUhfpZ8efrBjDq_1n9xI68C3vS9LyINtg3PilxWk96-GRIF2CR4LOzsJtz-zx9pY
Protocol: HTTP/1.1
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEEdJ6bS3MXdOosvSM2azX30&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 94E3 43 B
163 B 151ms
36ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVmVpOEiGM8H7kyv2fu70_BUZejnGJvmSlIDN5q8W6fZJVSGuy4nGWuhP_C7jyBfbsqlq427cUHIiGJordo73Ep6669tnfBYZ8JGS6aeVO0k408TmQdUhfpZ8efrBjDq_1n9xI68C3vS9LyINtg3PilxWk96-GRIF2CR4LOzsJtz-zx9pY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:01 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B86 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8290815038141&version=m202306200101&ct=76&x=1&cor=8383766084238832000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A8A 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2988571541040&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A8A 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2988571541040&version=m202306200101&ct=77&x=1&cor=6603402376489594000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A8A 16 KB
12 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5jk8XsxqEafbypJnZcg0oSIo9OF5jKMp0b_j1BN9IF9f26AtTVtakTOALHdwZIlHbM-J1JajMACf3Phtv9GLRmbm_UboLX4ZJRqEMInfb9zLaehmMbDZwMHUP6NCWkl7Roef3IUWr1X5tQrm3TZpxBCLHhx1CCnZAWT-OoCITs7JZPPA&cry=1&dbm_d=AKAmf-CRoR8UBrJ7XfQ6f7K3lTERaAELBKZ45IrXmcN6ETHDapLxEpMRVg1V4J3r7fVuZKPDbC4aCmd_vql2AB0ZOSLtgfJ1iF-2kejNGm_kSIW6RFYngFUfCoqRiloqr2RI-WP87aleH5m-YBdPO-9ABgjvPGbbowm14ynxR6ph6VE8F9zSmpw2cAKDkNw1RB-SxQnwToseeQdSuMgQMdo41zD_hhxzHC5Vx3WBqqn4IPgVDtMY7FWZObvDpS-7z8T-eJqQtB8-i3WhdIjGxV6DD98jqCnwEnBeHBEYOAi4jz36En5scmuoKif4poy8Uite4yGuVRLvS23Kmo-Jjuv2oALrvh6nxUIqaXObgV9OlpyHiI668EM88AyiL0BdfIT9yVQIqPPGf3U0tZjJxGXUijTBchY_wLXSbcnvo6tYDr8Ka1ZhMTuu17Je0jpSARDsT8QDs44-EDrl21LKORPe0aqOd2C9e_ONNoX9jdz7RolrTzeE65JRife0iPQo0wzGjR7pUFaEF4soLxx9TfteTDNKNGOhT3mxaxJPYfv7UYdw490t3YqXkQwiNVKZua8jgPZE4Ndess4tK3aha6fLci2ErFZWmRRf8RH115NND2LvBUqlX0VWeSSELePVAxgqIST3PCDj6f5Zo0m6-qZtrDiYmtaG_wC4Fm17NqwLhft75l7R9xgGIPSmTvaKSR_Wrj4FK9__WBYy67F5j0_EbOsUkkrMBkAPRSTXoIujCLT5l_gB-N-iKFZrQZBcNCELqH7qmvdwhLcCWFzfhnRBUZOYE3zeEpNVgpAKi61SGkIViQxC7ZypPg5XAmRKu4Irmc3TdwTLZRjhOxd6H5_2qEB820N8boSwpihkkO8ZzVxEhZIOMvUFPx6la9pQRZtYEz1VTohT2B0_5FJp7JR8Dqp36OCz-i2UQBnvTP6La2_2MFmqqBYI8jD9AN6RO7eso5vClwTdvLBln08IzSrCWqpfhxyYxiOVpYmp3IH8M0DqzY-i77SHqwFYHBk59hkLCvQOn4d3yJdDYI9_Ta_KROP5rpUCK0Z6nL8g1C-JFSY_46IoCikfhkGJWBrKgbMgv9EJJz0jC1lu818oEr7tsuX9p106za6BOwWi6CqXCnddsFFKklZp02n4KpM-b0JPVJo1kLhC4wZ89uFJCsGoKbXgt1Cs7aOPJUL6HShXPorEEYyFWIWmr1ad_3nMq2Ugve8QxCVkjarr6wPnfWvLbE9jQulAM0Cr_ibtYWzWkWy7yDYkJ_rxaJS4mHtW2QAYwt8m_p3h5AGBtvvxXK7vdlmkKAef6RNdGbPrBpSnYFnLyOZRcGLfZ96xfgbRqhygh4pGtHxQc6SPrIMJF-JAYvkdnpGc6DqTE-8sBI7TA_cXs5ovmyGu3-BvCMCA8VTrBd7kOASP-m5TTlnz_OPrEuCfXWqd3cWS00W-nvvh4Mh5FXTfIYuWylX8Y-rCOtEwe_TENQI4rRhnRSHHyLrlmS20PptrBL3KZ_JQmHMhaCDaXuoLhwmKqAyUQv3L97OvzdVE_85NRyxZEr-EwJsiV9f_OVjkCvGaEL9fIOCET_f2KeI2Z34JNNijWqP1xV4yibasedO04V_gjYIY5hLZBrs5eZGEMu-IJ4dGd7nAB6F315HEKO898k2r1yBqy-ZDHiTYkUXP7rTibFZd-_pG-sYZbhEm7B1F_ZB4-MTDBnATMTTkxWCbo8wFCYIVjsWScDNeuGoRvfJODoADh8eITgS_In6xXFSIqY82FANr59HiZLTwv4ubFiEllB-2ynOyBT-3JoBNBlfo8qIHZ5Ynp-ZE6k6W8Jp077J8_wG_XcJmRIcVg1yBnpv31tVpIUpjXXdN_nnm_uFC6z0oRk1NETj6cexIC6garc1WlBZ0ukxev648-SKGGRjWCtk6QWDmQD7-OrIDYsdBYRVrzuYG8tKbRi27CrOHYpoljT7oXfulrQ5DuIy3Rfj1Fb3aHzll6pxrBfJYsUpH8olZ-PdfbNgYMfYtMmjP53zjyaMPVIBMUuUxqf7GZrtqCJ_5SVv_W6WVqrl9qEebxe3f-c2UkUL_RY59a46nlh6OmYMXHVuLqzHgl-fJBbvIXarD6CpNAnFe6J6O70-XSC3zLNSQFN-WpypBJ4gpVCyDohFrHNiVPHxR677FZoPC-Mmz1isEsjl5Uaqowr4DTrTKwM-jeMbzvnfCkjwWdch9jKDwmDQfcEJ3s-ewwA7u66hCJJkOA1FKzOJga2kKNm_aowdGSTg_M009ciecceuF_aF-S6z5tyGgrxNoZon-RTFwLIebVwu1hd8fx4Os9RlRLjKs4atFjx_SwHkODFhjLRwyT_wtpXGYOqSQc_Z8W780dojG1sI2cUptWIpiCwF8mM3MN3GPm51iKI96OphYP4VkVmBn1zdR8UDgJcg2lpD6ZmMicGc_lJD6op-mo4U55_i1KVYnXwWDbGMBXuHnqNYpaWStY6g8YZfdvAzM39mxb6fMk_NFFQpJCsfCMa67CAgOM7U4reYRj7XbWKaqRuXPoa89TibzvUbXMoMuc2FkvznMk_IXj7--78riQ6OaRDIEtHO11aovF3s13ZyzFh7OQsxAvlPdF2TquG0k-QXla7_ST1VJzQQpYhc7knVo7c3wAk1MeadB43xLcXgSkmY7Bx8iYmrqrWbGF8qUTE33XJCk7a4-v-EdWgPDkuaIk397CAPfD98ZzzPh7jtnLHQ0w5YnWVduFP3YYD9NbQkgrwuOG4QRK6EXVlt7oWCNsMxEsMFtbyEyb76KfqESR4d-w2B7iEJdAcfL5x5U9VsuryTJ1JZqbJZ9LdDi2KG2O_bKJ55i0baCvEtmcZx53kEaaLLCP5oXsYst4W3yvRSvjKT-U2KaSmlOO2rSytuERZMaNguD5Zx2FdSaZTKYYjmTtf1GXmDpOt-YdS_kG4O7FviMzbDqYmpdyIq6sRmv5oPzAQMR19Qe8OPr83DM9mwp3hL3aYinZLBu62XFg-klN_JSDPlDbdHmFpIKW9vmbl4Szjgqz_xRmNziTtdc5kGZ0iJMAU3KymHCP4u1CtDzprCdjv1hvg9ntsUSdKg-mZUgDtY1iC2aPBxfSY3fpsZNNr3XItTejYSu6-0R7pVanIWKg2fw9-R_Ga--aFpPlXWztu10ZDe8i9LMbLyV8aH0w3bJyMqLFLvLk7iCaeajUgkCCKHA9t0_rbiYEGOHHybq0GM5vXOW6w&cid=CAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=6603402376489594000&adk=3218127483&idt=68&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eb64ee99213857f1badcd1838dfcdaf77138c5d0d8b549f99f5c8736c137400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0D 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1573725297936&version=m202306200101&ct=76&x=1&cor=2553908682688325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C1E 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6228230345563&version=m202306200101&ct=76&x=1&cor=14704236044330750000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C1E 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfXGdokb7Ap8tET2aDBy_jDDZg48lOUnt1yZSUOAnDpvi_MOzyvavtHxOnfk6hLgy3hMNbDlRYpp5zZZT7RbFchnichoW7iA10eyer3Y3EFJY5JL6-j7iwC7noCXdfO95TKnDBACpbeB0U&sai=AMfl-YQe4xGZucjGeplotucqzmrCjPP0X2waRy4AJo-Kb7ia1niAZ1GMVpNGY8p2dpTbGBAWVnhptrX8BJHfB2VHv0oZJ1Ub9ERSpz0SidPQMD7tTYXewIOCOsL-Fctp45y-G7slxF7draPdSxSb&sig=Cg0ArKJSzAMErVt0JSqBEAE&cid=CAQSSwBpAlJWtl7FPy1Z9q4G3D0aT0PK0kI1Zfi4z_81PGOUffDvSYpKQ6W5jnFIzYbIqT59UklNBrnNqSJWZf6AxOoIjFs7x-N53cGR1xgB&id=lidar2&mcvt=1002&p=331,632,615,968&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3507171008&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690084919595&rpt=1852&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EB18 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N3kY-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A8A 41 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5jk8XsxqEafbypJnZcg0oSIo9OF5jKMp0b_j1BN9IF9f26AtTVtakTOALHdwZIlHbM-J1JajMACf3Phtv9GLRmbm_UboLX4ZJRqEMInfb9zLaehmMbDZwMHUP6NCWkl7Roef3IUWr1X5tQrm3TZpxBCLHhx1CCnZAWT-OoCITs7JZPPA&cry=1&dbm_d=AKAmf-CRoR8UBrJ7XfQ6f7K3lTERaAELBKZ45IrXmcN6ETHDapLxEpMRVg1V4J3r7fVuZKPDbC4aCmd_vql2AB0ZOSLtgfJ1iF-2kejNGm_kSIW6RFYngFUfCoqRiloqr2RI-WP87aleH5m-YBdPO-9ABgjvPGbbowm14ynxR6ph6VE8F9zSmpw2cAKDkNw1RB-SxQnwToseeQdSuMgQMdo41zD_hhxzHC5Vx3WBqqn4IPgVDtMY7FWZObvDpS-7z8T-eJqQtB8-i3WhdIjGxV6DD98jqCnwEnBeHBEYOAi4jz36En5scmuoKif4poy8Uite4yGuVRLvS23Kmo-Jjuv2oALrvh6nxUIqaXObgV9OlpyHiI668EM88AyiL0BdfIT9yVQIqPPGf3U0tZjJxGXUijTBchY_wLXSbcnvo6tYDr8Ka1ZhMTuu17Je0jpSARDsT8QDs44-EDrl21LKORPe0aqOd2C9e_ONNoX9jdz7RolrTzeE65JRife0iPQo0wzGjR7pUFaEF4soLxx9TfteTDNKNGOhT3mxaxJPYfv7UYdw490t3YqXkQwiNVKZua8jgPZE4Ndess4tK3aha6fLci2ErFZWmRRf8RH115NND2LvBUqlX0VWeSSELePVAxgqIST3PCDj6f5Zo0m6-qZtrDiYmtaG_wC4Fm17NqwLhft75l7R9xgGIPSmTvaKSR_Wrj4FK9__WBYy67F5j0_EbOsUkkrMBkAPRSTXoIujCLT5l_gB-N-iKFZrQZBcNCELqH7qmvdwhLcCWFzfhnRBUZOYE3zeEpNVgpAKi61SGkIViQxC7ZypPg5XAmRKu4Irmc3TdwTLZRjhOxd6H5_2qEB820N8boSwpihkkO8ZzVxEhZIOMvUFPx6la9pQRZtYEz1VTohT2B0_5FJp7JR8Dqp36OCz-i2UQBnvTP6La2_2MFmqqBYI8jD9AN6RO7eso5vClwTdvLBln08IzSrCWqpfhxyYxiOVpYmp3IH8M0DqzY-i77SHqwFYHBk59hkLCvQOn4d3yJdDYI9_Ta_KROP5rpUCK0Z6nL8g1C-JFSY_46IoCikfhkGJWBrKgbMgv9EJJz0jC1lu818oEr7tsuX9p106za6BOwWi6CqXCnddsFFKklZp02n4KpM-b0JPVJo1kLhC4wZ89uFJCsGoKbXgt1Cs7aOPJUL6HShXPorEEYyFWIWmr1ad_3nMq2Ugve8QxCVkjarr6wPnfWvLbE9jQulAM0Cr_ibtYWzWkWy7yDYkJ_rxaJS4mHtW2QAYwt8m_p3h5AGBtvvxXK7vdlmkKAef6RNdGbPrBpSnYFnLyOZRcGLfZ96xfgbRqhygh4pGtHxQc6SPrIMJF-JAYvkdnpGc6DqTE-8sBI7TA_cXs5ovmyGu3-BvCMCA8VTrBd7kOASP-m5TTlnz_OPrEuCfXWqd3cWS00W-nvvh4Mh5FXTfIYuWylX8Y-rCOtEwe_TENQI4rRhnRSHHyLrlmS20PptrBL3KZ_JQmHMhaCDaXuoLhwmKqAyUQv3L97OvzdVE_85NRyxZEr-EwJsiV9f_OVjkCvGaEL9fIOCET_f2KeI2Z34JNNijWqP1xV4yibasedO04V_gjYIY5hLZBrs5eZGEMu-IJ4dGd7nAB6F315HEKO898k2r1yBqy-ZDHiTYkUXP7rTibFZd-_pG-sYZbhEm7B1F_ZB4-MTDBnATMTTkxWCbo8wFCYIVjsWScDNeuGoRvfJODoADh8eITgS_In6xXFSIqY82FANr59HiZLTwv4ubFiEllB-2ynOyBT-3JoBNBlfo8qIHZ5Ynp-ZE6k6W8Jp077J8_wG_XcJmRIcVg1yBnpv31tVpIUpjXXdN_nnm_uFC6z0oRk1NETj6cexIC6garc1WlBZ0ukxev648-SKGGRjWCtk6QWDmQD7-OrIDYsdBYRVrzuYG8tKbRi27CrOHYpoljT7oXfulrQ5DuIy3Rfj1Fb3aHzll6pxrBfJYsUpH8olZ-PdfbNgYMfYtMmjP53zjyaMPVIBMUuUxqf7GZrtqCJ_5SVv_W6WVqrl9qEebxe3f-c2UkUL_RY59a46nlh6OmYMXHVuLqzHgl-fJBbvIXarD6CpNAnFe6J6O70-XSC3zLNSQFN-WpypBJ4gpVCyDohFrHNiVPHxR677FZoPC-Mmz1isEsjl5Uaqowr4DTrTKwM-jeMbzvnfCkjwWdch9jKDwmDQfcEJ3s-ewwA7u66hCJJkOA1FKzOJga2kKNm_aowdGSTg_M009ciecceuF_aF-S6z5tyGgrxNoZon-RTFwLIebVwu1hd8fx4Os9RlRLjKs4atFjx_SwHkODFhjLRwyT_wtpXGYOqSQc_Z8W780dojG1sI2cUptWIpiCwF8mM3MN3GPm51iKI96OphYP4VkVmBn1zdR8UDgJcg2lpD6ZmMicGc_lJD6op-mo4U55_i1KVYnXwWDbGMBXuHnqNYpaWStY6g8YZfdvAzM39mxb6fMk_NFFQpJCsfCMa67CAgOM7U4reYRj7XbWKaqRuXPoa89TibzvUbXMoMuc2FkvznMk_IXj7--78riQ6OaRDIEtHO11aovF3s13ZyzFh7OQsxAvlPdF2TquG0k-QXla7_ST1VJzQQpYhc7knVo7c3wAk1MeadB43xLcXgSkmY7Bx8iYmrqrWbGF8qUTE33XJCk7a4-v-EdWgPDkuaIk397CAPfD98ZzzPh7jtnLHQ0w5YnWVduFP3YYD9NbQkgrwuOG4QRK6EXVlt7oWCNsMxEsMFtbyEyb76KfqESR4d-w2B7iEJdAcfL5x5U9VsuryTJ1JZqbJZ9LdDi2KG2O_bKJ55i0baCvEtmcZx53kEaaLLCP5oXsYst4W3yvRSvjKT-U2KaSmlOO2rSytuERZMaNguD5Zx2FdSaZTKYYjmTtf1GXmDpOt-YdS_kG4O7FviMzbDqYmpdyIq6sRmv5oPzAQMR19Qe8OPr83DM9mwp3hL3aYinZLBu62XFg-klN_JSDPlDbdHmFpIKW9vmbl4Szjgqz_xRmNziTtdc5kGZ0iJMAU3KymHCP4u1CtDzprCdjv1hvg9ntsUSdKg-mZUgDtY1iC2aPBxfSY3fpsZNNr3XItTejYSu6-0R7pVanIWKg2fw9-R_Ga--aFpPlXWztu10ZDe8i9LMbLyV8aH0w3bJyMqLFLvLk7iCaeajUgkCCKHA9t0_rbiYEGOHHybq0GM5vXOW6w&cid=CAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.vaacase.com&ds=l&xdt=1&iif=1&cor=6603402376489594000&adk=3218127483&idt=68&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 9A8A 11 KB
4 KB 97ms
31ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1690084921971836&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D
Requested by: Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1af010483279019fc8a0d78ba51e3f841b0bb891f5960f059ad253616dd1a0ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3959
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2825 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 117961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2825 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 19:27:20 GMT

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame 9A8A
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

135ms
86ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: HTTP/1.1
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: b8b73425604242082421c07184cdf91779b4b2140f1121d89cac9555db4110b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 54011700012322104444994012394030
Connection: close
Content-Length: 1336
Expires: Sun, 23 Jul 2023 05:02:02 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 23 Jul 2023 04:02:02 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 23 Jul 2023 05:02:02 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2825 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQtlDOqa8ZIbzG5r3-gaGp7ygBgAAAAA4AeAEAg&bg=!u7iluOzNAAZsPphkTD47ADkAdvg8Wlo4bVrFSqsrh8UrOJXMUQxjG0xezWFJc9slXMgwU4GgXFvbY8gqfOTK_1nR29BkAR7omZECAAAAclIAAAAIaAEHmQO1E_LDt_HW-AMnMwl4Kf87hGbj9CY2o-9wHFtPLsThHVpAeaBxz40UqW3kxEHiUtg_sHEho9pjB4aNEtdL8b2DePtT0eS8Lj-Eiz5ItkaboOw8etwGtZnhgd3JttWTP31CaO4fqbGSRwIUUKBgCdtLtVflLTkoCb_cG4lBNpMulrd_nUTc1441eHYCYg29sfDhWF3nA1oBr7g8ytA9s0fQ0t2fgCXs95FVOuCA0MIQn5ahAhqKTWDsuBeGo8LB_7eMZ7-yhjnS9uDFafV6nfhhTTdukWSjHIhrYJ8VuRmFq8Q4iO-izxfmQMc3P1BFMBvRSZkC9MPHGHoylkxQV1duPP8aDtseF9jrclD687zy4BjCPSOTT0YirSlCjQ2dhbKx8L4m8lnx7lJwvA-D6LHcOztFgA-82W8-jj6AkWJPACamw2GGnroa3q2qEIVUXPKCMET-DsBnkLHdJYDwglgh3VkQwkwyWyfRkaXVPV3GFOw_XazPugg3jqsuKOiQk-43FZ8jZMePNpv1LCECau1mKD4ry7VwfjVvV4IFBeESTvC64YBEp2Dh30yXnJuZONc46DIz7LOqFJbIRT3lxaz7PXJ9YtB1u9WvosNeTEoIHr0qXnmdmEpvOZnzAQ3j0p4NSgYRUCIVeccyLpUCGe4xZm0lecq1F9dsrIuuloU6Nq31KZ1naIyo28-qSUEZmCa21f3J9zc1dJtdd8XBcQ-ZwZBNmPe_pUVfbVdCszV7Uo_f0jAqfdjmTaiD02eWt_hGHmaaSVbIZ7vjyaEYUaTMeqmaccEv9No3OjERSydHm2CUoyXP7RQ3hGa-P2Wnty7SrDrUQ862prBO6A5sLVcIHi_0BSVyT-LuGLUGNHku0aaX4ABpK37vgiZbLpNEakLYadwdhNWV0RADeInjPIwBlW8PvaSksj4Tj-_z87NZtC_bUgKwIE7fAt5H12f1oVwxHJ0q80JTSyLm85-j5wY-o9Vo7T5c9HfAgP82-wQnFP31tRHFV0nHDUwqVrUM2valWffFQ6eDe4cutOoor4wPXdpmZCjDu97fi-4Nvfu5Btq3qNv4cQ5Q0xFAjJt9v8qTJ1NQuC6Vm3oVSunXaUBuMPlOg7qKqr9wI0NUBQ4O_Co6bAvRKiErLXO-24z7e2wk7CK39yaGVvc5dunN4P26AvcVdED4NS7TJIMSuDiABho6jcA1e--yTpuXyLwF6Sn0DxALiPdc1iGvlQ6pQ2V0BqglNj1U1IQ6W383yYWvQ1lw63fDIg

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5006 930 B
931 B 105ms
21ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 23 Jul 2023 04:02:02 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 30 Jul 2023 04:02:02 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame EE11 0
498 B 198ms
105ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Sun, 23 Jul 2023 04:02:03 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA13:9E5C_91EFC182:01BB_64BCA63A_100EE35C:25BD2

GET
H2

200

htlp Show response
futalis.de/ Frame CF0D
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=54011700012322104444994012394030&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989

350 B
401 B

109ms
26ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 23 Jul 2023 04:02:02 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9A8A 2 KB
2 KB 207ms
91ms Script
text/html 3.9.91.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=54011700012322104444994012394030&nw=1
Requested by: Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.91.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-91-156.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a355121bd0e033f114e37840f12112a529db107d8d737f19068ae76947de2279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:03 GMT
last-modified: Sun, 23 Jul 2023 04:02:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 23 Jul 2023 04:03:03 GMT

GET
H2

200

activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923 Show response
8019191.fls.doubleclick.net/ Frame 9EC1
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923?

391 B
323 B

69ms
68ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923?

Requested by

Host: www.vaacase.com
URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

b28b8e142df847d3f6af50a8638e49d6ab31089cd85c73abed6ed4e639ed45a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:03 GMT
expires: Sun, 23 Jul 2023 04:02:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 04:02:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame B6D2 7 KB
2 KB 76ms
25ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f508d5a9ac&subid=&uid=46d133f14a1b1131&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwtr_Oaa8ZLyoO9eAx_APt56x6AKm5b2gab2TnKfJD_AuEAEg6OyXlAFgleKQgqAHyAEJqQKxDkeLwqmyPqgDAcgDmwSqBLIBT9B0pVgo1mdJcu4BnqwmlSvmmgqKeC4nreN216tPfij9PkR-aMFq96ZMDBLgROY3e96ZRGlrNuOFg4IubBSgzXnmrddpshIGY8pr8WpCh7ClGKJ7P-YU1EUnB1vHtxHCQ6Pp-yyHFuQRegUime5jYmJ7M63Inw2rEA4bihbZ3vQEngfl4ekBwA52st1zfCIjnnAmUy3_nzlx1aVPO_Zf0wHE_dgJPvtLfBlyciN4tm-zasAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26num%3D1%26cid%3DCAQSKQBpAlJWvTbOCsfUNQlADq-2dq8UnDQfxVSHhKMby1inf8ae7gQ6q1rKGAE%26sig%3DAOD64_1RaWLzrvXooco8FA1jg_aBXVO6Qw%26client%3Dca-pub-8798765870329885%26dbm_c%3DAKAmf-ANQ3mlo5lCPaYAokEpO12dtBQsKgmxSXR5R9pi-Eerw_EsNtHsI_CSbYBJpzv7ZsHS-pDC_zqaH971_OT-KXufkJoEHT3AGcsUI9a6GQCIhs1N88nOGXZ_SHekulG_URfPABNaj6h9t19pkaez5_kc0X0Ufd_YNnDvJRpjjbd1GS4tfXw%26cry%3D1%26dbm_d%3DAKAmf-A-LIB4Z22VMhSMs8gHSw0-0J5Ik4ZIacc3fZC5_xs3Ad2m_yu0wuU7zUeOZsHlYPIzZ8fT_gluA1WIsJ6sOq83VNUE3TUN5N5tbbRn4iFs1MiPO0kdUoe91YOO3kAyINTPU8J5BbSmRRHuzx4wb-ZaXrBVJ-qwDXmZuzRTkePcO-Th5FvYhGhWXPE_lM0M6LJeSkkPHhVoMYtjUI8adbQ5RDsG68Yx1v6foKtu4WHgPhj4tOXneoyBbAFWzes5ukHJHK4_8O8WwnDOLg1aAstm9FBunl45hS_EAS_rOzS11NM_Ch6H3JCkz6u7qvOD_HmLkSkVBPPcFH8a_3KXLS6mUaH7U0XKOs7yYqUfWDS-AB2wPL-Rw9BXePb-5m-UDei2A4ZlYNNCq2Lspu5x_04G5u1OlGLgfmlrk3kkQ4hEVRl89xpYm9KFgrw-LqNOAkI_xfgfpOFBT5ZrVpJ-ijlKfC9QutRtKdD0Hy2s3CROGTlM-ss%26adurl%3D&documentReferer=https%3A%2F%2F9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D5&ancestorOrigins=https%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com%2Chttps%3A%2F%2Fwww.vaacase.com&random=4915312970730&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: b5427f0400125f06cf312fb693acaf48da280055bc026139cb7953b09a79f09e

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2103
Content-Type: text/html; charset=utf-8
Date: Sun, 23 Jul 2023 04:02:02 GMT
Expires: Sun, 23 Jul 2023 05:02:02 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 9A8A
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
514 B

169ms
92ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

HTTP/1.1

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA13:9E5C_91EFC182:01BB_64BCA63B_100EE360:25BD2
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=54011700012322104444994012394030&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 23 Jul 2023 04:02:02 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E7F0 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Sun, 23 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A8A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4185a6c4003b4115bbf2fb6e0afdda6124378af11d95520948dad647fc0eab97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELtF9Ny-zEoS4gqGhpw9kVQ&google_cver=1&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241Rmy1xSs-sVGIvw

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241Rmy1xSs-sVGIvw

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFVN71KWLW-WXxN-FqJNXNWwg6HelNlBHT6KvxrmnOGumjgU2_6XVLqBBxI0GnHXBBBfqgoe6rxnbCs3241Rmy1xSs-sVGIvw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 23 Jul 2023 04:02:02 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame E7F0 43 B
363 B 143ms
34ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEANBwVNFApTljCcKGWkDVsQ&google_cver=1&google_push=AaAOQGFQU1o-hOfAd6w7idKEbzC8EwIP_rIUn4goC3jrkdGlmYjMu9hh3sYXaw8QTLXWJ9iGQZq4XLmnrY44lf96u6shC--Fcrzw

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193672
expires: Sun, 23 Jul 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E7F0 43 B
236 B 94ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEL2KKIRJSwuighp78oIM_d4&google_cver=1&google_push=AaAOQGE0HYYMssXGR9nyGsCoud76wr6yE4iEXr8--tAlJoPLGFudFNPuwUTsZoYnTTKDjF-_HcUOULXEEVKEo0obU8dq8xyWcsKCog
Requested by: Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7F0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mXFXfkKwT0-DU_MbGuCJ9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mXFXfkKwT0-DU_MbGuCJ9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFu9GG0Id6UfmDDrwM2Xo54jmg4b1OgmRbDh1sHSwkAbX6GnrTs48vQI1kPLOYPp7A65BSGFRkLeW8NkQmCLRTEBNHNIwrAtQ

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mXFXfkKwT0-DU_MbGuCJ9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFu9GG0Id6UfmDDrwM2Xo54jmg4b1OgmRbDh1sHSwkAbX6GnrTs48vQI1kPLOYPp7A65BSGFRkLeW8NkQmCLRTEBNHNIwrAtQ
date: Sun, 23 Jul 2023 04:02:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7F0
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHMvI-RQX2BdisaSCxLUk0I&google_cver=1&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHRaqvpqYiwQ-YJ7mYi

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHRaqvpqYiwQ-YJ7mYi

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHTOuPCdSvikQfG6M3laesODn9CjZ9MovzSbYG1U7nP56nzhU_Hq-8dv5Jb2eMIWTWsU2QRd0lnEFHRaqvpqYiwQ-YJ7mYi
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7F0
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGBNeg-KNq8YVWTAOI1VwRk&google_cver=1&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyu...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGBNeg-KNq8YVWTAOI1VwRk&google_cver=1&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GckamqGSRUilxH1C_vHEWA&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2...

170 B
188 B

33ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GckamqGSRUilxH1C_vHEWA&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyuw3TEnMig

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GckamqGSRUilxH1C_vHEWA&google_push=AaAOQGFsrO-pgkHQ4zN0elQouEuRQ1LQc1sQk3J7nhOiB8Vv6yjRafCF4ImOlJ1QYRLgaPIvGRkAByKtawdBnz2_4Oqxyuw3TEnMig
access-control-allow-origin: *
date: Sun, 23 Jul 2023 04:02:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7F0
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFs3P6oJZ...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFs...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ca5fd692-8e72-4511-8821-2669f8119396&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ca5fd692-8e72-4511-8821-2669f8119396&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ca5fd692-8e72-4511-8821-2669f8119396&%%GOOGLE_PUSH_PAIR%%
date: Sun, 23 Jul 2023 04:02:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E7F0 0
12 B 29ms
28ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQKKIVyPwTqusiorWObsoVZ6gS1KNimixs4iBEqgcU7f9wjQqxRQAqMjPrkDGNpggYh9_KUw

Requested by

Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame B6D2 5 KB
1 KB 86ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jul 2023 04:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jul 2023 03:00:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jul 2023 04:02:03 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B6D2 16 KB
16 KB 82ms
29ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 282532c91a87abc671114a9b9c6acd7fe605c48b8e617b3611e6629604d25036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B6D2 16 KB
16 KB 81ms
29ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 28a020f6931f65aa8125b8810ef8a48f8042d703af23b34dff89eda4c7863dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16231
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B6D2 13 KB
13 KB 86ms
28ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f15bf76fea9a963d2b74f24d8821698e50ba4df4dcfd6d4d2c74307c0bbf7c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12998
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5006 117 KB
45 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d1339a417d6d54a573cff11378e8ea4564518d6fc782ab857f640e4a7be0884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45546
x-xss-protection: 0
last-modified: Sun, 23 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jul 2023 04:02:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6DF2 0
0 58ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307190101&jk=750915275053410&bg=!ODulO2_NAAZsPphkTD47ADkAdvg8WourMPTX0feyntnJrGcxHkmklfsi8sgFyuV49YaJ2OfFOiGJQwElO7NcVS10c53YNVcXciACAAAAZ1IAAAASaAEHCgAaJnfe6CwL_TL4o7Trrgj4zuUmQDO2QdkLNIGZA2WNayh7mhvj-bo7dzqmG7xCODuB6zrTvSCCXqIvaf4u_2Q3lSv9ctLOjVbAGzHRETM3yCYjDZaCHK1bgyJHw0PF5Xw2fN2y0BiE6GakV12ynDmHv_pX-sUpFxcNc76b2AGjv0b-YqN_Q6DNsUqpWUU9eR7MQ-nSCLq0UnEIXJcu7wn3nXw50XSf77N429vSyZ6sr7pfnIVEl-fWgXBgEb3dOJgOGOqQ306039ulKOVjiwOE6J5aLSQbvA31Yvau5nsycndF67rxZr3X-f6fTDjZuby2FEGbToXAKstrFCg_EqQkAv-vwXllhWfBDC9Tj0Z9H6DG2-6ffMyRPj84IjquSL5tU3ZQDfb_5DEDFzs4w2QF4H6GYBlSzgISJbsKqC07hqYw_yL9aVlpnn1OZvKUWq9BflaKI8gDhqhL5Dn56bqs1Kb9D_Wr2h_Rh7U2K75pJLmU7nhA5jeJ9KOWndvPG0_3SDUzHHsA4VV_Dlff6tVgQXUDxd3NMDfuq5ub_8lgqUR0-3V98F0rBFtKqBnVeHKS5eM-M7QMufuDSpzw4jBhBUf05ifwksP0LtB3sWGsyJBPQdAAj1NLD1FXjDQHwJSEzTxJbePj_Nb9D9wtWdp0zyPtxCjOYcPNO_lEgSnlnLfwBNFK6IfXRtOQ0tu_y3Vj8S37AGBkJMHIh6DhVQDNoUkFfNxL_jGz9MWKYYoSHePVt9FYKiR96f4gYKTbJ1WRUws3hHHttp1J7wn-EsvrbUF7v9mPTnuKnTk89QR7MeNXpxZXHzzU0WRRNQAOBLnnyRaMKe3NBGREBz1GSojTc0AkQhiz7_eZNP3d1iaFtBQc_GSg7CNjYcef1D8D3m6nG2u3wd4dRXIx2NxSjTGY6chIuvrfHB9j3VSVOxiam6hNfDpMuFe1zMl715Bj68gQHQ1qGXPK6PBC6WhCowpdgIydzSlo2IksWws8-xOpEhVz1J8f8EoKrND8N7HJB3ImRR3WnXUhPjaRdDHdciPzEKyZ2jw4eOEy51SQuI1AnLc_UGBqCFtOpCMJE-JBV-k5ZyE_OlfSProrjugDxDD6fglvnsjAdXnk020YWzU3ijHcmbNP9YC-xaMS-Ou2C3jvUankYvKajsLKl8MVS9FiMcgf3LOw_BXUYaJU31GCniY8eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5006 260 KB
87 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d964dd51958f3cbd263b9d5318ba9346a52564763a5384cafd551f5424b705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jul 2023 04:02:03 GMT

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame B6D2 0
150 B 85ms
26ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=54011700012322104444994012394030&a=9e7b2b74&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=54011700012322104444994012394030&a=62957d5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 04:02:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B6D2 14 KB
15 KB 81ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:18:56 GMT
x-content-type-options: nosniff
age: 6187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:18:56 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B6D2 15 KB
15 KB 86ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 18:50:39 GMT
x-content-type-options: nosniff
age: 465084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 18:50:39 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9A8A 85 KB
31 KB 111ms
23ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=54011700012322104444994012394030&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:11:27 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 60637
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: U8a9Jxw6VN5mAnI2SaP3rHkQANPGC-ruC6SJr3du671kh00QlpkfFA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 9A8A 85 B
438 B 110ms
22ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1690085223&Signature=OUVbFRc0WL5p3Uxjjr-3WhPa5PNabj2wk4lF3KipZJ9g~EQ0hFg0b7kjlQA7ELrhyOVG1Wx1JupW99eHJl59d956X74ROaobhhHC28m-Aq~BspHcacRd8l0Z-xHTjLilB7Lcq1SY~qmWCdTVFdO8E6r47wmwxdVXcvPYOHYqdg~dxPUqza4Z57XMIxEb7KLnBT~lmzV~cnUflZHYdfVMgkF0KhTnPVldmKU0axAiIJhb3i9oedrzAHaSk~iOxg6EfD2qlQgGAS0--LiG05KcswJ1uG4~Yhi0BvBZzBxsxmibEDKgCkoYkaaYYof2VZzs23b~wgcf-CDP1I4VNVBcYg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
URL: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 22 Jul 2023 04:52:18 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 83386
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: jfK5mS5ZcKwInwnHDXv4dOPtjzV6jC_39TcXjxblLoTJKQ3qNrpZfA==

GET
H2 200 dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923
adservice.google.com/ddm/fls/z/ Frame 9EC1 42 B
401 B 135ms
61ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CN_45vv4o4ADFcFdwgods5wP1A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2120112695843.923?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame CF0D 5 KB
5 KB 24ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2908174989
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 04:02:03 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9A8A 16 B
209 B 122ms
120ms Fetch
application/json 13.41.82.34

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.82.34 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 23 Jul 2023 04:02:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 481ms
373ms Preflight 13.41.82.34

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.82.34 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 23 Jul 2023 04:02:04 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A8A 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2988571541040&version=m202306200101&ct=77&x=1&cor=6603402376489594000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jul 2023 04:02:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Domain: static.intentarget.com
URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vaacase.com/	1970-01-20 13:28:26	Name: xxxsskguid1158 Value: 6c59d540-b2bd-d73f-a8e2-c08159713330
www.vaacase.com/	1970-01-20 13:28:26	Name: lastlocation1158 Value: https%3A//www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09%3Ffbclid%3DIwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk
.vaacase.com/	1970-01-20 23:04:04	Name: _ga_VCEDQQD6JV Value: GS1.1.1690084919.1.0.1690084919.0.0.0
.vaacase.com/	1970-01-20 23:04:04	Name: _ga Value: GA1.2.968454278.1690084919
.vaacase.com/	1970-01-20 13:29:31	Name: _gid Value: GA1.2.1327547083.1690084919
.vaacase.com/	1970-01-20 13:28:04	Name: _gat_gtag_UA_87942765_23 Value: 1
.dable.io/	1970-01-20 13:46:33	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 13:46:33	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 13:46:33	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 13:46:33	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 13:46:33	Name: _kko_ck_match Value: 1
.www.vaacase.com/	1970-01-20 23:04:04	Name: dable_uid Value: undefined
.doubleclick.net/	1970-01-20 22:49:40	Name: IDE Value: AHWqTUlh61R0_Ulpq56OiGA19owHc2noTnANxWQsliQbajXebHh6e_r6E2EfbHfUpMU
.vaacase.com/	1970-01-20 22:49:40	Name: __gads Value: ID=637b66ec7ba30167:T=1690084919:RT=1690084919:S=ALNI_MZYA8J4ggYzhga1DFuA2kJXY2TteQ
.vaacase.com/	1970-01-20 22:49:40	Name: __gpi Value: UID=00000c429a7174f9:T=1690084919:RT=1690084919:S=ALNI_MZ6aYlOwf1wYrq_sXOzJ8KE_zGTPQ
.www.vaacase.com/	1970-01-20 14:11:16	Name: _im_vid Value: 01H60EJJHSHJRGFSBPCKXMXKXX
.doubleclick.net/	1970-01-20 17:47:16	Name: APC Value: Aa3gxNqlKqCmBMJMzFvX_V6yLU5l7F40iJs5xeNwm4kskqo_ZcuLMQ
.casalemedia.com/	1970-01-20 22:13:40	Name: CMID Value: ZLymNxfQx2jj-fyEupISQAAA
.casalemedia.com/	1970-01-20 15:37:40	Name: CMPS Value: 2121
.casalemedia.com/	1970-01-20 15:37:40	Name: CMPRO Value: 2121
.adnxs.com/	1970-01-20 15:37:40	Name: uuid2 Value: 6516174498108365086
.adnxs.com/	1970-01-20 15:37:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il^ereG!!]tbPl1M>e)ZlrFUfJ+tGXxp)AdQ/9IG@k`BC70b>9?FEKFt@HaaS7bX=hhW3If)y3KL9D3I?+p5b'$J
.spotxchange.com/	1970-01-20 14:08:24	Name: audience Value: ac944ae5-290d-11ee-9896-1ef5e1e50306
.redintelligence.net/	1970-01-20 15:37:40	Name: 8lcfmzhxc8d6_uid Value: 86aef2438d0c2416
.mathtag.com/	1970-01-20 14:11:16	Name: mt_mop Value: 4:1690084923
.office-partner.de/	1970-01-20 23:04:04	Name: source Value: {"webgains_webgains":{"timestamp":1690084923047,"clickCookie":false}}
.retailads.net/	1970-01-20 14:11:16	Name: ppb2172 Value: 2908174989
.pubmatic.com/	1970-01-20 13:29:31	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 22:13:40	Name: KADUSERCOOKIE Value: 9971577E-42B0-4F4F-8353-F31B1AE089F7
.360yield.com/	1970-01-20 15:37:40	Name: tuuid Value: 19c91a9a-a192-4548-a5c4-7d42fef1c458
.360yield.com/	1970-01-20 15:37:40	Name: tuuid_lu Value: 1690084923
.bidswitch.net/	1970-01-20 22:13:40	Name: tuuid Value: ca5fd692-8e72-4511-8821-2669f8119396
.bidswitch.net/	1970-01-20 22:13:40	Name: c Value: 1690084923
.bidswitch.net/	1970-01-20 22:13:40	Name: tuuid_lu Value: 1690084923
.futalis.de/	1970-01-20 14:54:28	Name: raSIDb Value: 2908174989

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.vaacase.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	warning	URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk Message: Mixed Content: The page at 'https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk' was loaded over HTTPS, but requested an insecure element 'http://store.vaacase.com/uploads/2023-07-20/95F223E0062Ew658h370.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk Message: Mixed Content: The page at 'https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk' was loaded over HTTPS, but requested an insecure element 'http://store.vaacase.com/uploads/2023-07-20/CB8DFA9879F6w1200h628.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk Message: Mixed Content: The page at 'https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk' was loaded over HTTPS, but requested an insecure element 'http://store.vaacase.com/uploads/2023-07-14/74844B661570w1200h628.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk Message: Mixed Content: The page at 'https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk' was loaded over HTTPS, but requested an insecure element 'http://store.vaacase.com/uploads/2023-07-21/947AFF8B9912w1252h654.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://www.vaacase.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
security	warning	URL: https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk Message: Mixed Content: The page at 'https://www.vaacase.com/doc_azVEaktEcXRFVDhkaExQSXNLdklXdz09?fbclid=IwAR1HIwlKw3igpMWr3_CmIta3U9XTIDBDYcxT740C3xch4XOVw8iz6pS9elk' was loaded over HTTPS, but requested an insecure element 'http://pic.logkb.com/ad0113/2023-07-22/1ECC8F5B03A1w800h800.Jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://yaya0506.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://dwjhgx.com/gmifr_lei.html(Line 10) Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.
rendering	warning	URL: https://static.intentarget.com/track/kangleigm/js/trkyjs.js Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

75c73e1ff77c6c2320e39d3373a9ec47.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
882e29e5bb2a78e91cbf67db70258eeb.safeframe.googlesyndication.com
9203e07bcc15dc14188353da22a2c836.safeframe.googlesyndication.com
93b6bfb8447d490d5985ead90bc50175.safeframe.googlesyndication.com
ad.sitemaji.com
ads.yap.yahoo.com
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.dable.io
api.webgains.io
audiencedata.im-apps.net
bd754bc3980d6db5e2bf01aeb8d58a9d.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.pathtosuccess.global
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
count.vaacase.com
count.xxxssk.com
dis.criteo.com
dmp.im-apps.net
dsum-sec.casalemedia.com
dwjhgx.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900030.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
js.akusehat.info
l.logly.co.jp
match.360yield.com
medialead.de
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
pic.logkb.com
popup.vaacase.com
pv.medialead.de
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.yimg.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssl.sitemaji.com
static.dable.io
static.intentarget.com
store.vaacase.com
sync.logly.co.jp
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
twstat.vaacase.com
twtpstat.zhentoo.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.scupio.net
www.vaacase.com
x.bidswitch.net
yaya0506.com
static.intentarget.com
104.75.89.75
119.28.134.92
119.28.16.172
13.41.82.34
130.211.44.5
136.243.149.243
138.201.63.116
142.250.186.66
145.239.193.130
172.217.18.6
178.250.7.11
18.159.220.108
18.66.147.41
185.29.132.241
185.80.39.216
185.86.138.153
185.89.210.122
185.94.180.125
198.47.127.19
2001:4860:4802:34::36
23.56.202.187
2600:1901:0:e207::
2600:9000:2127:3800:19:8ca6:3640:93a1
2606:4700:3031::6815:304d
2606:4700:3031::ac43:91b8
2606:4700:3035::ac43:91e7
2606:4700:3035::ac43:b5bb
2606:4700::6811:180e
2606:4700:e2::ac40:8313
2606:4700:e4::ac40:af16
2a00:1288:80:807::1
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a02:26f0:1700:6::17d5:a18f
2a02:26f0:480:25::1726:6212
2a06:98c1:3121::3
2a0b:4d07:101::1
3.114.159.208
3.75.62.37
3.9.91.156
35.186.215.140
35.186.253.211
35.244.159.8
43.201.176.23
49.12.16.151
51.89.9.254
52.192.246.101
54.171.31.19
60.199.208.47
65.9.95.15
69.173.144.138
87.248.100.137
94.23.99.218
95.100.64.43
95.101.149.233
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00e668b79eb6dacf1a5656861df768928491931f00e8d5ff7c99751553050c05
06ce36654840dd406850ad3e56eeab99b9a333f0216707d5d78b7ac828415dcf
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
074374bb2697a9cc96b9fa9af73e28f40d8e858150b55810e1f85027a5f79673
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca97ba63a756b341df17b81955d1f204671561c6751aec5455f06e4d2ac7f2b
0d1339a417d6d54a573cff11378e8ea4564518d6fc782ab857f640e4a7be0884
0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7
0e465b4415e09cc34545fff418c5363012633b1cc82ab28c160a6c1b831293a1
0e5dadff75979305810165f460898d4395bab3f78ae29a3e51ffbd7c41f5e663
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14955b82b802c4c4d7b497174f47ccb877457de9afca4be74b45352bb3355b5a
195e6636d3f6dce1239d1ee3a5b5d3833baa50b3248934f29a60618f5d9fb35a
1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b
1af010483279019fc8a0d78ba51e3f841b0bb891f5960f059ad253616dd1a0ec
1d518d4a321c9861b70b31796f8b089e46ed48c3baad85ca67c0d5ca09ab784d
1f9c931b987c409515d39cc15b60dcc8b18386ef0f1ca5a527d5a42041053e91
2078042977d7be81ee63b84342c86fbfc90b72694c365b68350f16bf244f8fa8
22fb9bf6887f066af5c6caf7dc608a861ec090bd2c0b2dd9c49c372414a8807e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
282532c91a87abc671114a9b9c6acd7fe605c48b8e617b3611e6629604d25036
28a020f6931f65aa8125b8810ef8a48f8042d703af23b34dff89eda4c7863dcf
29fe6fc82f259ecf615a417451af93f396add41424dda6a24fc8203650900d0a
2c0447d59eb586eb830021df70ba7525185d76ad5ae58c260470f48767ca1b6a
2cc9489c54b1b02303de7008f4ea63a4cf72c06a9f587075570557319a4d3018
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3374a9454563c0bf3bc15aea87b321fdccc2f4f73feccfeccd1adda2644b97aa
377617a04febfaa3218890f1f999fc5e2a97aad01c3c755c976a79ee0038a1c0
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3932d1a4891db7fdd419eb96fcb45f66bf969b24c275f1d119897690fe52edf7
39390e7853cdfea3fc0df2b6467c37782429388fc5c2bc23b238c25746eac267
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e420457af331960d3b55fd10174de6e95af24516c0ef3b2339990946216b20
4185a6c4003b4115bbf2fb6e0afdda6124378af11d95520948dad647fc0eab97
41a8c16bff7d2ff0bf18149d440e4d63cbad9379663aa0aa424a4cbf162d031e
42bb4183c387f22419586cf2e066eefe11d33edd5ea77e42e5e7a7124b7e02ec
43ea1e7b40f3b77d82b804076987e89f0d9c06d08266a85cb16b60d5ded39f2d
44317b0ce661040de1e7c770893c3cae07aab0a9729e96c60b98f75dba5dd10b
45a2bd9137a4bddbc128e8b2274f1143c7360deaf2c5a04ddff567797189c167
45d70c2af5e738b341189f613dff2fb93d11be36454aceda53fcb2d2b6c6398c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b1bf842593c18749fd88f8617b7cee2088ec2f4a2c584c95b392631cf50e7aa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50672bee095db1c417d3649f7588f97953ccecee62b31a87ff1d93e15bb0b362
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
5379480d135a7a28a233ef0fea3d218fcbe2b86c79630c8f364780299fe3b218
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fdfac049fcabd73da1e1545f5cdaf17bb5d821f6c404e578c375618ec44708
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b88e65d285c8cb27d1955a9dd9b3e82cde51d77366b095b32b6c5c59a26c2e
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
571c3bd08552f27c075dd1e166c27e45c71150279d505fab18cba54982fb7c95
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d
5b2d07f444380914a71b578ca63ac48f88bacbd0af29333166862fad6a62f255
5b84f1090fcbb288d38b5ef17a69450a2aa986530ee8d4dda8f7bfb1e3a77da0
5d964dd51958f3cbd263b9d5318ba9346a52564763a5384cafd551f5424b705a
5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64902ec21be8580587f7940d93357cad631a498df0b36351477da22c8e6fcf61
64d934e0a30071a0906e350152d351a8a2c38e580acd636af986a0bbf0dcec4c
6573c20f0befd10c153b003a232c9492ff88e8366818f783d9977f253b919831
6653607e0b602b82817826e816ad773787a72cd46e92983b39a35d4bb2399968
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
699be0a25a9d30c2c23a2fa2c10be85a2c4f89df298fb23d3c8da054f960705f
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a3e5516719a62582f9e5e21da717d74398e393bf933fcd1255952bda384c8bf
6a3eeed12943e0b360fffcc3777e1815599e6ea2f973c84f521748c34ad52021
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d488d8ff810bd5b791ec0951f0f8f784bd6c3918817a4ec83a6650289e16e54
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
6fc01ec89c96a4b02bd67bd792aa64566308494bc15d41e17785de44ffac8578
73c7a66057f287faff38cfbfd112751a16f86b1718af818c56548cff1c8986b6
786a29a52b58063fd54055a1312cfff3ce175a5f9e9625ee0ef885d2299cf7df
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f22749d0475765b0ba3d2e17cfc9689eabf02e8a7f678a9a979138e9d9d19e8
80b848f004f51331148fe4cfa5170c08bd26b2fd05c5fd42859b83de7ffff8e2
80bf194c9c096d688e0ae860100ebee9a1bb0a2a74bfb3dcaf5d06b9052ee4d7
83eb567af88d56072761e7425f0c09c0e210247d26129e16f7dd4ed35ae2243b
84dbca43fb07cae9e813ab91bcca06ff15f2626b59e812678381fb851d8fe2ac
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
873480c6d7eed9561c4523f717b3d7b278f4b6e39bbfa0336a8c93e2d27c765f
88188519fe77336fb1c2efaa1c64e4e060133a3cbec7faa83e16e6543fa0a41c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96e18d08fbf647109d011e9a7eb4f1ee50a1a2223920ed30e28624f44a31540b
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e
994032c5666f4116f40104a03c983c0542b5c1a20c2c984a689574c14eb10b69
9a10a619ad45b680d50c999823a953b5bbc326cb6029572b243db24231bd2f5e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9eb64ee99213857f1badcd1838dfcdaf77138c5d0d8b549f99f5c8736c137400
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a355121bd0e033f114e37840f12112a529db107d8d737f19068ae76947de2279
a436e46e9fb251c84c7017f09cf38241162e5db8d0c8ad09919467847c1551f3
a69dbbd0476cba32959e54255f7d7e4e23d1766fdb6df4920fef66ce2e0e1f8a
a79c2f154599886f44bc9a76f334aee4f9fcb8777cd4babf19fe185f05e038c1
a857be6c72c3a0b032e7732d196ac05f142ba5cb791d5d13322603ad9cbc1ef6
ab8c319906017da1cb00e067c12bafdd129fba0402376e4aabd157c4c7e6b1fb
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b28b8e142df847d3f6af50a8638e49d6ab31089cd85c73abed6ed4e639ed45a5
b3876dabc43d987605647bb3ec0567bbe75f6b4e2cb633e5a0245fb5197a67c0
b5427f0400125f06cf312fb693acaf48da280055bc026139cb7953b09a79f09e
b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c
b72b3fabcc4e2dcade89583297e57384901ed3f243c73f24adbafa48a5e9efb5
b83695577891190375f9376f9913bee539c3744fee84dc1d255ac062955c5392
b8b73425604242082421c07184cdf91779b4b2140f1121d89cac9555db4110b5
bab35bf11651ee57cd5c59f3bcca21f404fbbbad89f8b6e52fc62963f1524219
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c11c1d9edeb45bc33a3a17f4cac705fbd3973ea9ea9aa1d5b1241036e81145b9
c2b5803d0cdeb7f2165c836c4de8d4ec1ec30af32162b1be00d9f44b62be956e
c2db2ccde872f276511e672967f10776d4a16d76cc0110abaa70bd42ac21d65e
c92ed5476c6196bf32c85c584484c67eed2a82f61d258eee9a49adc6c5ac56e7
c950bdb3171907dd6adc02a07023992f892095f78f251750ebbb01ff386282ac
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
caa352024d28f4ba75cc21bf8858e4ed2387ffa1b3752a2c2b11e69cbe4151ca
d02ef699cd854ceb16484b620a937ab3ef34373d5425ddcdbe6b69b30ec52fed
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d6357245903b0f4b73e17a6c77a2be4f56c7afe851a8588c9f1530152f9cd2b7
d67229d226b829b35c7112defb9c1253c02764fd278073e6798f3af96798c951
db4f2a831f9e3b341e65e11d4f0fef87ebec4a743e3dac8b1ac586e2fee2f9f7
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf
db759d3b121ec1d8da4794e0451bc582fe3f93ee99abb820e14088e089bdcee6
db8aaa44123a21774674b4cb601a75ac18aa53d3360c3fef3b3c63c08d083888
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
ddaa19925b4e5eed5a75ab9850135e279cba231cff456e5e0d03fa9027d05255
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0775ae0e617cde4743d77560d8cff339896bdbb2ab8a3e78afc1c13dddc7fde
e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e588cc8f14fd37d945b2dac564d72eb3ea54a6c312889ed7c6a5653f958f0d70
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15bf76fea9a963d2b74f24d8821698e50ba4df4dcfd6d4d2c74307c0bbf7c10
f1dae407d996ce9f8b25d5fbd18932e8a9282af677882efa24646e4bb715c502
f2aafc24d21d1e1eb885bd5be0b1223889bac93b19da5fbe294bc947f215bfff
f2b9926619b3499fdbda8697a7f949a42669db5a041fdc3489e974610bfffc70
f955766f06fce1108931798e0fba37cabbe2b290de268412ea68ff453adb0408
fb5dadbbd762b6840163f0488c4f93b8863da903a1cacfc8f03bb8058cb312e4
fbde0efeb7e1a635b921636162cd5ce5ffb31aaf6deb88258e9679577dbb757f

www.vaacase.com Open in urlscan Pro 2606:4700:3035::ac43:b5bb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

284 Requests

92 %HTTPS

41 %IPv6

50 Domains

79 Subdomains

60 IPs

12 Countries

7044 kBTransfer

11696 kBSize

35 Cookies

8 Outgoing links

Redirected requests

284 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.vaacase.com Open in urlscan Pro
2606:4700:3035::ac43:b5bb Public Scan

Screenshot
Live screenshot

Full Image

284
Requests

92 %
HTTPS

41 %
IPv6

50
Domains

79
Subdomains

60
IPs

12
Countries

7044 kB
Transfer

11696 kB
Size

35
Cookies

284 HTTP transactions
5 data transactions