URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Submission Tags: falconsandbox
Submission: On January 11 via api from US — Scanned from DE

Summary

This website contacted 52 IPs in 11 countries across 31 domains to perform 272 HTTP transactions. The main IP is 2606:4700:3037::6815:1950, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.daisyyohoho.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 13th 2022. Valid for: a year.
This is the only time www.daisyyohoho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 45 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 2a03:2880:f04... 32934 (FACEBOOK)
1 2.18.169.101 16625 (AKAMAI-AS)
2 222.230.178.132 2519 (VECTANT A...)
2 192.0.76.3 2635 (AUTOMATTIC)
7 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 35.244.138.40 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 210.242.155.195 3462 (HINET Dat...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 207.46.146.168 8075 (MICROSOFT...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 183.79.249.124 24572 (YAHOO-JP-...)
7 2a00:1450:400... 15169 (GOOGLE)
3 108.177.15.154 15169 (GOOGLE)
7 15 142.250.185.162 15169 (GOOGLE)
3 7 185.80.39.216 27381 (CASALE-MEDIA)
3 5 185.89.210.180 29990 (ASN-APPNEX)
3 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.75.71.72 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.98 15169 (GOOGLE)
2 54.72.240.102 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 1 2600:9000:211... 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
5 143.204.205.98 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 143.204.215.7 16509 (AMAZON-02)
5 52.210.237.130 16509 (AMAZON-02)
3 65.9.66.115 16509 (AMAZON-02)
272 52
Apex Domain
Subdomains
Transfer
84 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 334
841 KB
47 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
bid.g.doubleclick.net — Cisco Umbrella Rank: 956
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
385 KB
45 daisyyohoho.com
www.daisyyohoho.com
2 MB
21 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
264 KB
18 jivox.com
as.euw1.jivox.com — Cisco Umbrella Rank: 339507
playercdn.jivox.com — Cisco Umbrella Rank: 7299
assets.euw1.jivox.com — Cisco Umbrella Rank: 355542
evs.euw1.jivox.com — Cisco Umbrella Rank: 324384
cdn.euw1.jivox.com — Cisco Umbrella Rank: 999678
596 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
imasdk.googleapis.com — Cisco Umbrella Rank: 477
410 KB
10 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1239
r5---sn-5hneknek.c.2mdn.net — Cisco Umbrella Rank: 595915
r2---sn-5hne6nsk.c.2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
r4---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 459509
7 MB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
5 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
246 KB
6 breaktime.com.tw
a.breaktime.com.tw — Cisco Umbrella Rank: 236019
alliance.breaktime.com.tw — Cisco Umbrella Rank: 254961
catalyst.breaktime.com.tw — Cisco Umbrella Rank: 222369
powerads.breaktime.com.tw — Cisco Umbrella Rank: 276431
33 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
5 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
www.google.de — Cisco Umbrella Rank: 3658
2 KB
5 adhacker.online
power.adhacker.online — Cisco Umbrella Rank: 246151
23 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
221 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
20 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1620
95 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 996
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6509
647 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
r.turn.com — Cisco Umbrella Rank: 4328
869 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3525
pixel.wp.com — Cisco Umbrella Rank: 2942
3 KB
2 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 75831
37 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
89 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1929
63 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 914
442 B
1 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 35488
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
703 B
1 gobytrain.com.tw
www.gobytrain.com.tw
50 KB
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 12310
2 KB
272 31
Domain Requested by
45 pagead2.googlesyndication.com www.daisyyohoho.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
power.adhacker.online
www.googletagservices.com
45 www.daisyyohoho.com 15 redirects www.daisyyohoho.com
33 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
22 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.daisyyohoho.com
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
15 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 csi.gstatic.com imasdk.googleapis.com
7 fonts.googleapis.com www.daisyyohoho.com
googleads.g.doubleclick.net
6 imasdk.googleapis.com googleads.g.doubleclick.net
6 www.googletagservices.com www.googletagmanager.com
googleads.g.doubleclick.net
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
power.adhacker.online
6 www.gstatic.com www.daisyyohoho.com
googleads.g.doubleclick.net
5 evs.euw1.jivox.com as.euw1.jivox.com
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
5 playercdn.jivox.com as.euw1.jivox.com
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 1 redirects www.daisyyohoho.com
googleads.g.doubleclick.net
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 power.adhacker.online a.breaktime.com.tw
www.googletagmanager.com
4 ade.googlesyndication.com www.daisyyohoho.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 www.googletagmanager.com www.daisyyohoho.com
www.googletagmanager.com
3 cdn.euw1.jivox.com as.euw1.jivox.com
www.daisyyohoho.com
3 assets.euw1.jivox.com as.euw1.jivox.com
www.daisyyohoho.com
3 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.daisyyohoho.com
3 gcdn.2mdn.net 3 redirects
3 bid.g.doubleclick.net imasdk.googleapis.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 catalyst.breaktime.com.tw a.breaktime.com.tw
3 use.fontawesome.com www.daisyyohoho.com
use.fontawesome.com
2 ups.analytics.yahoo.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 as.euw1.jivox.com 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
as.euw1.jivox.com
2 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 r4---sn-5hneknee.c.2mdn.net www.daisyyohoho.com
2 r2---sn-5hne6nsk.c.2mdn.net www.daisyyohoho.com
2 r5---sn-5hneknek.c.2mdn.net www.daisyyohoho.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cpt.geniee.jp www.daisyyohoho.com
cpt.geniee.jp
2 connect.facebook.net www.daisyyohoho.com
connect.facebook.net
1 code.createjs.com as.euw1.jivox.com
1 s.ad.smaato.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 powerads.breaktime.com.tw power.adhacker.online
1 s0.2mdn.net googleads.g.doubleclick.net
1 yads.c.yimg.jp cpt.geniee.jp
1 www.google.de www.daisyyohoho.com
1 pixel.wp.com www.daisyyohoho.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gobytrain.com.tw www.daisyyohoho.com
1 alliance.breaktime.com.tw a.breaktime.com.tw
1 stats.wp.com www.daisyyohoho.com
1 d.line-scdn.net www.daisyyohoho.com
1 a.breaktime.com.tw www.daisyyohoho.com
272 60
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-04-13 -
2023-04-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
breaktime.com.tw
R3
2023-01-05 -
2023-04-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-10-20 -
2023-01-18
3 months crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-11 -
2024-01-11
a year crt.sh
*.geniee.jp
GeoTrust RSA CA 2018
2022-03-04 -
2023-04-04
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.gobytrain.com.tw
Go Daddy Secure Certificate Authority - G2
2022-08-31 -
2023-10-02
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
www.google.de
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2022-11-04 -
2023-12-03
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-01-03 -
2023-03-14
2 months crt.sh
*.app.euw1.jivox.com
Amazon
2022-11-16 -
2023-12-15
a year crt.sh
*.jivox.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-13 -
2023-06-13
a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-29 -
2023-05-30
a year crt.sh
euw1.jivox.com
Amazon
2022-11-11 -
2023-12-11
a year crt.sh

This page contains 26 frames:

Primary Page: https://www.daisyyohoho.com/garlic-chicken-soup/
Frame ID: 555E38AD347FBF4A13F56FB026C217B6
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
Frame ID: 1F05B224A8764EF0C3E159B11E33D4A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&adk=3046330955&adf=2044148826&lmt=1673401959&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959242&bpp=3&bdt=856&idt=301&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1161921313003&frm=20&pv=2&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=329
Frame ID: 76DB285FE100C55BC51CAF4E7B7FC7DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Frame ID: 2B2804B59564CF553062564F8641D27A
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Frame ID: 9D003AFE97ED58A2D7DB3259AFEC9747
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Frame ID: CB8C1E057218A8CA11768A8113C4C0C7
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Frame ID: 3D75F978A5143DB0B97F7A1332929104
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Frame ID: 111744C366B16033E61B622C9A397AD6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2D79AA6FB15D34086DC3994562AD942F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2EA2E4C0565F5C13241F3750FA515EC9
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 763801556ABC3283F3BE89DD3624D439
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0D1228412509D6C37C006A134506D679
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DF29110473CEA9FE3D8474F0383CC0A
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4673B2A3836D877A947891A6905078D8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5EE642B762B6958A5B51A91C9C71F5F3
Requests: 3 HTTP requests in this frame

Frame: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7D8D066856770665CD80A4E9AF7D190
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: CC3CCD6E653BF66ACE07807C6CDA5B4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0DCBC29296F00A7521A78475FDCC6EFD
Requests: 2 HTTP requests in this frame

Frame: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBE243D16B75B5BF8B6EBE23544BAC9D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Frame ID: 4ED7F59F721E94BB97028E0C9E40B549
Requests: 5 HTTP requests in this frame

Frame: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: B938F615BC879523225748D5F0C7BEAE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5B5B493657E22511594BA5C22BA5799
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 010FB7EAD35DA25978148929EF5B2A22
Requests: 3 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: 39DF7202EB0389220706F5A8A16B7B8A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0BAA3165CB63C5B0B91F56021315058
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2ED4BE4C16B286CEC52F1689CD9060C0
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

蒜頭雞湯做法 / 阿基師食譜,燉到湯變黃,冬天喝超暖胃!美味的鮮嫩雞肉

Page URL History Show full URLs

  1. https://www.daisyyohoho.com/garlic-chicken-soup HTTP 301
    https://www.daisyyohoho.com/garlic-chicken-soup/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

272
Requests

88 %
HTTPS

61 %
IPv6

31
Domains

60
Subdomains

52
IPs

11
Countries

11791 kB
Transfer

17685 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.daisyyohoho.com/garlic-chicken-soup HTTP 301
    https://www.daisyyohoho.com/garlic-chicken-soup/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.daisyyohoho.com/wp-content/uploads/2017/07/LogoYohoho-01.png HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2017/07/LogoYohoho-01.png.webp
Request Chain 17
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/garlicchicken.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/garlicchicken.jpg.webp
Request Chain 20
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-25.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-25.jpg.webp
Request Chain 22
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-24.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-24.jpg.webp
Request Chain 23
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-26.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-26.jpg.webp
Request Chain 24
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-27.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-27.jpg.webp
Request Chain 25
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-31.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-31.jpg.webp
Request Chain 26
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-33.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-33.jpg.webp
Request Chain 46
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-23.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-23.jpg.webp
Request Chain 47
  • https://www.daisyyohoho.com/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg.webp
Request Chain 48
  • https://www.daisyyohoho.com/wp-content/uploads/2021/06/notify-icon.png HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/06/notify-icon.png.webp
Request Chain 49
  • https://www.daisyyohoho.com/wp-content/uploads/2022/06/%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2022/06/%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png.webp
Request Chain 50
  • https://www.daisyyohoho.com/wp-content/uploads/2018/04/skyscanner1.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/skyscanner1.jpg.webp
Request Chain 51
  • https://www.daisyyohoho.com/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg HTTP 301
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg.webp
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPagZhOVzcz3x3-Afxo7xSo&google_cver=1
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y74WaIBQ1FoCDPkPzAVyhQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPsGXGbII7FMnEWvxYdaAMU&google_cver=1
Request Chain 122
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Request Chain 131
  • https://gcdn.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B7AE199F3E37A460D724FDB43541CBDEACFCFB6D.3C99494E18A0DB66ABECA4321BFD7D03E509C9EF/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D318790046A9DD8DB1FB8801B359C5A736557FC.0137E9D714EB7368119E24C60AA64832B6F0AEF4/key/cms1/cms_redirect/yes/mh/Rm/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknek/ms/onc/mt/1673401591/mv/u/mvi/5/pl/49/file/file.mp4
Request Chain 140
  • https://gcdn.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/903E8A590297C26E04C932B73EA49343A8607F97.2C3C8D74CAF9B4DA054E71C836A133D2743E4D1E/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D289FF4D6F6789E7ACDA7E27324EE69F4067457.3D818F4ED3D49008388BDDE0D8383116EDF1D835/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1673401591/mv/u/mvi/2/pl/49/file/file.mp4
Request Chain 165
  • https://gcdn.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8D557BB43DA80AEC4E63CAD9F44875911572A9E4.44D9C5324F066C1E6111B8FCE7D585A9FC49E577/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/062FFC6926F0CA8878AC0647DFD84F7A5ED22EE2.525E973FDF6647A75AC095DD65B9852C817C0667/key/cms1/cms_redirect/yes/mh/KK/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknee/ms/onc/mt/1673401591/mv/u/mvi/4/pl/49/file/file.mp4
Request Chain 203
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y74WaIBQ1FoCDPkPzAVyhQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEgUI9bAcu9f-pIF3QssbI4&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Request Chain 234
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1&google_push=AavPq0MF88QludzcfZijhl8ZpVU1maPL9bIi0wKqJ5UjXLS3zvrpGFWaLoplIfNkcmyty84DWXWCJ6Vd0TOloBwc3wqMGHE9aVaS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY0MjgwNjYwMzgwMDUyNjg1Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1
Request Chain 235
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 236
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdk9cjtThHngshXZSkuQ5Y&google_cver=1&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhqZby8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhqZby8&google_hm=eS04RHFwVUN0RTJwRUdSN3VEY2NFaWhXcVpqNnplbWFDYn5B
Request Chain 237
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPQ84QS_kNj-PFpPezcjY5c&google_cver=1&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPQ84QS_kNj-PFpPezcjY5c&google_cver=1&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH
Request Chain 238
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOEA9ee4CAfCq6iQQV7PLms&google_cver=1&google_push=AavPq0N01t8qJFIhnSabywbB_y8hcQeS_94vpoMFufZOeuIIylrMyy9bDqorGOVN4Q11XKCnfnUulouwAEMLtRyU_r2Y4WHJAivp HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOEA9ee4CAfCq6iQQV7PLms&google_cver=1&google_push=AavPq0N01t8qJFIhnSabywbB_y8hcQeS_94vpoMFufZOeuIIylrMyy9bDqorGOVN4Q11XKCnfnUulouwAEMLtRyU_r2Y4WHJAivp&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WiozrZNbR5i8ocyPThqGcg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N01t8qJFIhnSabywbB_y8hcQeS_94vpoMFufZOeuIIylrMyy9bDqorGOVN4Q11XKCnfnUulouwAEMLtRyU_r2Y4WHJAivp
Request Chain 239
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELz1JRxPnNmC3kuUlgiALn0&google_cver=1&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc2fZlC_IGN5WJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc2fZlC_IGN5WJ
Request Chain 240
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkAzap4IBBgMoX7vfRG7zE&google_cver=1&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3NmtdPFL9av6xaW28WEdfHUoIbPVhc9A HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkAzap4IBBgMoX7vfRG7zE&google_cver=1&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3NmtdPFL9av6xaW28WEdfHUoIbPVhc9A&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16TTdLZG14RTJ1RWlWV2dPZUhheUcyNmZCWkxNdkdQOH5B&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3NmtdPFL9av6xaW28WEdfHUoIbPVhc9A

272 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.daisyyohoho.com/garlic-chicken-soup/
Redirect Chain
  • https://www.daisyyohoho.com/garlic-chicken-soup
  • https://www.daisyyohoho.com/garlic-chicken-soup/
139 KB
28 KB
Document
General
Full URL
https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f651b4f2f09d058595086b35779b5a1fbd0f69d47b5de397095a47bd3b39ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
787a039d6d292bc3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 11 Jan 2023 01:52:38 GMT
link
<https://www.daisyyohoho.com/wp-json/>; rel="https://api.w.org/" <https://www.daisyyohoho.com/wp-json/wp/v2/posts/89805>; rel="alternate"; type="application/json" <https://www.daisyyohoho.com/?p=89805>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVEuD0W6fKWKfIXOTg%2BI6Wlj5S2avuerY5vNIw6l%2FV%2FUoRC6zlMe%2B5oQGP7A1EalIdKlFmYlCjDQplgB%2BhptUlaNo6CJmXKtc7rGH%2Bg3Gx6FUsIlxoOvwF1cwXjatDPUlxZ55mCBaVbiioHQ3VMFDxuc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
787a0397181e2bc3-FRA
content-type
text/html; charset=UTF-8
date
Wed, 11 Jan 2023 01:52:37 GMT
location
https://www.daisyyohoho.com/garlic-chicken-soup/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpMQlODdHOiGADBzUTSGqf5IReyfiPDCIJ8z02XAlerCSJ%2FK%2FYwX7y0HSku6SDOtzKAxKlm1par4RAIp2kH%2Bodo%2Fa42VLW%2FjHeNSEkBO5Rj1s%2FDoqUK7TUC8U5yBK%2Fm5Ca1WZKEC1Ls4rpW3M%2FNk9ki9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; preload;
x-cache
MISS
x-redirect-by
WordPress
firebase-app.js
www.gstatic.com/firebasejs/5.9.0/
35 KB
35 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.9.0/firebase-app.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d260679b15aff8c4196b7a7a60eedfd638c1536ad2c297e03309b08e3bad763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:20:48 GMT
x-content-type-options
nosniff
age
477110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35554
x-xss-protection
0
last-modified
Thu, 14 Mar 2019 21:01:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 13:20:48 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.9.0/
33 KB
33 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.9.0/firebase-messaging.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7fdb4d9f444a44d1c1dfe1ade065b7c16e61b8bea231a616b347effa35359c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:20:33 GMT
x-content-type-options
nosniff
age
477125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33821
x-xss-protection
0
last-modified
Thu, 14 Mar 2019 21:01:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 13:20:33 GMT
firebase-script.js
www.daisyyohoho.com/wp-content/plugins/blogimove/fcm/
0
0
Script
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/blogimove/fcm/firebase-script.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uw4co7giEihJ1HH8OqfP7oQTl1w8Hqx1622snm3m7H6bThAGtPr%2FSyQhIB14h1wl9fkPGGpLHv%2BJnWmCRt97lwCqc%2BY2B7cZLtfcOzPcrCmHjE5BiDjxUNpeTnCtiuMpRvs6iUgtKlHgYrHQufV2i%2BD"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
787a03a00ebb9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
www.daisyyohoho.com/wp-includes/css/dist/block-library/
81 KB
12 KB
Stylesheet
General
Full URL
https://www.daisyyohoho.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 06 Apr 2022 01:34:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7339322
etag
W/"624cee18-145db"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9fvgbtXHBtZTULAgNsG9tQJtNUCo5WvfZusYuViwBQ1W%2B4n1lmQyGd6FUGIC0ZQfVTms%2BeEswjSm%2FsDylG744izbyyASMKYq3EJ%2Bm019iV5uybNa0Ff6qnssQc%2FMuvidJxCEkg%2FMPEFV5cAu%2BI4LqTq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ebc9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
blogimove-static-style.css
www.daisyyohoho.com/wp-content/plugins/blogimove/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/blogimove/blogimove-static-style.css?ver=1.1
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cac8d0519195d9dadf4e35d8de44b6a7a11912d994c356616236f3b61172bba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Nov 2022 09:22:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322711
etag
W/"63677cce-7aa"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4CBTGivp8RajR708C5YKgh48urz8gqpCexBsQ%2BkxEvKZXbjZRVZ3SFAUx174g5Ovpew6S9d78u13R51PNJ%2BKUeMVOf1Dbo4DK1DzZptNcZBWiNsRb66oqqy2b9Xf2d9hY5ZcOoa0N%2FGVG5%2F6IQBwYV7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ebd9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
use.fontawesome.com/releases/v5.15.4/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3FPZ2AGCFR882657
age
2229138
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
R70Od2ExEhWFvgIm58T2rTuMMnJlevmKBRkNnrxu6YCHnO90O1I54qxm9Fm2ejeFiEdFroQCmC8=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc7jbxYeoQS18G6xSrxflHoCfG5%2F9pbkbWGMyeEedgQNuWku7cEm%2BNFgTkQqxSV6HP3WFRm155zEXswHTtG1rUmjmaqkG8%2Fz%2BlFtCQOSWSyhbbivsg9pBc0qX6umOliS5UKJx%2BHSuqcDJe%2FEPqMuD6kF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
787a03a02d69bb3b-FRA
v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.2
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GQDYQK7YY3558Y4R
age
2228727
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vrVYGcTem0yvCMvAqz+ld/mw7X4eBlAk9fMd6yzE46OBq3YRjtgN0JUEwOzXTjgiEiVy7LWkIzo=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"a034d3c71bee546f625877d7932917f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtB%2F7XCbwHP7Q%2BJjYg0%2BmhWg3N3QkoBh0jDKBXJeJsTXgBni%2BvmLeXwIKQFcFjx9Rahi4rReHpnCVUmxBGGmI3uhkRsod2z9sPPu%2F3zU%2BksqTpC3tICOCa6lQbRNWDJeR5ZMh4DWFK%2BkE01iUsMAc78T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
787a03a02d6abb3b-FRA
avia-merged-styles-b99c0bbf19d8b8219aa5e461087485bd---63bbb3d915e4a.css
www.daisyyohoho.com/wp-content/uploads/dynamic_avia/
472 KB
72 KB
Stylesheet
General
Full URL
https://www.daisyyohoho.com/wp-content/uploads/dynamic_avia/avia-merged-styles-b99c0bbf19d8b8219aa5e461087485bd---63bbb3d915e4a.css
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6d7bf57fe842f07af5a2057639565928640ac5702e66f8501619e089ad1044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 09 Jan 2023 06:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
124288
etag
W/"63bbb3d9-76144"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9lUfbLMYaIF7bBhEkG9snaOM4NY06Y7cJSrio%2BX7n6ne%2FQb%2FQwdU%2FTjVyLYshtEE6%2Fg2b18NPsJyXccQayc1X2bXTAljD%2Bt4Utba75lX0iXrQRV8OLg6mOQEIYfie64FzOKrLEK9HEKqGtuLEcDF7y3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ebe9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jetpack.css
www.daisyyohoho.com/wp-content/plugins/jetpack/css/
84 KB
17 KB
Stylesheet
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.1
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 01:22:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10736616
etag
W/"62cb7b55-14e9d"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nL6NZQ2IW6WIzg9JxrrGcH4EMwXG5%2F5mKYDEYfVmuoDRmcREAF%2FyCQjfBCU6Sn%2FpquanSI6qKpzCk87dQY%2BaO5a0EO7vEjOPGqmfKozke8RzkoLpnN3As7tOqcGZ4jI1eLJbALBMMF78ne1WlHBJ9SOU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ebf9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.daisyyohoho.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 00:55:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1744735
etag
W/"615cf3e8-15db1"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyUzVUjswkeGAVbzg8yDHsTTiMwlT%2F9kkj52kOO7wk7aJbz1cLFuvwPeZkCwi7J%2BOJOtGCGGDWAxQYskCF2DC2P%2Fj0UlbsF9uTqtFA63oFUZ0kyH3G80jMQAKhMiRxCqBieN%2BnQOaeZQyjpJdBE6oUCH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ec19031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
www.daisyyohoho.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 05 Jun 2021 12:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2142159
etag
W/"60bb6fef-2bd8"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VENtHy4d2SLULfEP251LQc4vPufqj%2FR2ZSNof3cOk5MrT%2FWhPpPlPnFy6nAku1oBmjoIKLgCWtUAJdtarGhSqUII3eU%2B%2Ba7RaWWfRGgITm5SiUG%2FicTp9zlp9AibbQyCW3HLTsfMXkObY6BFpmUHIL6O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ec29031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
blogimove.inline.css
www.daisyyohoho.com/wp-content/plugins/blogimove/
19 KB
5 KB
Stylesheet
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/blogimove/blogimove.inline.css
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de698757553663e448aac16a434e4a4696a16005ea211829f570b8ac1c99ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 07 Jan 2023 08:14:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322712
etag
W/"63b929ce-4ad7"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtvqSbXAfdjbtPxh3dnxfZ9CCDESnvwEgLVMBw4gvJGeteqBMjeER9DTIxKoOki%2BF6WYKtmU1xxh%2BAsQeenmzGEsR61MFtlFHubUxZYpcDq1LWuZhjO6jkX6hhi59ingQ37nu%2BjbyWirdUJWxcS6wYKp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a00ec39031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-99603078-1
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0b81f46aa87b0fb52219df41f92e726a1c38ead6eb3122eb1e283a5279bf3dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45887
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 11 Jan 2023 01:52:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0513762288381539
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7094cc13daf5bf576a6e288c77ed80f21f90fadd8271156126c20ea4fc66e40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49465
x-xss-protection
0
server
cafe
etag
10160718118294550387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:38 GMT
au.js
a.breaktime.com.tw/js/
121 KB
31 KB
Script
General
Full URL
https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
708107634452c8e1aef7cdc480c1b973a65109826112b3bd6d277558363040e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
br
last-modified
Thu, 27 Jan 2022 01:31:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
ZG6lm+kQOw04UUz3QMJetQ==
x-azure-ref-originshield
0hhC+YwAAAABmShj2ROEQTYPZofPTyeBjRlJBMjMxMDUwNDE3MDIzADhhYWRkZDU5LTNlYmMtNDI3MS1hZDExLTBkMzAzZWI0YmNmNA==
etag
0x8D9E134CDDD092A
x-azure-ref
0Zha+YwAAAAAaFv3IcZgmSa63Jgnvcn79RlJBMzFFREdFMDMxMwA4YWFkZGQ1OS0zZWJjLTQyNzEtYWQxMS0wZDMwM2ViNGJjZjQ=
x-cache
TCP_HIT
content-type
text/javascript
x-ms-request-id
cb7004c3-d01e-00a6-515b-25b555000000
cache-control
public, max-age=1800
x-ms-version
2009-09-19
sdk.js
connect.facebook.net/zh_TW/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc0684993fd1bcd1afbe3818f197599c1d53e25fda9e9b1eefd387969fba442c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.daisyyohoho.com/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Jan 2023 01:52:38 GMT
content-md5
KpUP9RPpaZMiwNp1zxSYmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
OcJ/XuQqoapT0oPcFVLPUrf8rZVziOccXMTOIJH3Vu5xgeXzPWHN1Xu2/yWWQL4rWqqS5YIGBN8eQVi56VYRuQ==
x-fb-trip-id
2050070850
x-fb-content-md5
3edd5cdbbd14953599be5d2eb0b6cb24
cross-origin-opener-policy
same-origin-allow-popups
etag
"34546c47028d31dc00791d788c16d1b4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Jan 2023 02:05:03 GMT
LogoYohoho-01.png.webp
www.daisyyohoho.com/webp/wp-content/uploads/2017/07/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2017/07/LogoYohoho-01.png
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2017/07/LogoYohoho-01.png.webp
7 KB
7 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2017/07/LogoYohoho-01.png.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e0bf67417b4052d1e827408bfbb9dcfd1b811fd20149b83b811cfa86401d82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2142158
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6886
last-modified
Sun, 15 May 2022 02:52:07 GMT
server
cloudflare
etag
"62806ad7-1ae6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qo8roH9fBGEaCGXi45DkbY3gP8DOKLFTiK7eezAmlZiE%2BX23EvWEjKllDyGnRLY8C4XNINSYXF8MhQwz%2BbnMuTjRhJAGN%2F6Dd8%2Bxs2tbQFLylfWuGyoSQ4e9efXG4KRtjpvN2M%2FDoq8ANTrHtIgiidR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03a83a239031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffhxNlxT8xJEVkGvDvr4QNZrK3fRl2S%2FQqamv8Y4F3KeXLP0qytx3S6WijEutUG43psxUYS2czz3sUnGCkbjDX87s%2BCkPS8ZV1Hibrb3WPMzaG%2BSVjV738aAGxdNTblmKKAVRxVHxsbPcCyZCchcWBRw"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2017/07/LogoYohoho-01.png.webp
cache-control
max-age=315360000, private
cf-ray
787a03a348049031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
garlicchicken.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/garlicchicken.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/garlicchicken.jpg.webp
133 KB
134 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/garlicchicken.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610fb0782c7e2575c34e540e54932294b4143fbf7ef368027e799ce586a82c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62806388-215ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5TOn5ZMRyCVZMvMcI7Y1C04jWMZrOX1wuP77kQQsrWSkRKJcCBKzukwj%2FnWaYeQSIq1A0ziqA4Ti%2BRuMX94gpqqms2OxHG7JjHLB7OvORgUFKvDr8DfVDvbKiAli6CCXRYOWDRqcZ4M%2B4WjIEdqYKdF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03a9cad29031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136686
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1BIr5L4OH4A6B9lGWYkODSjdR%2FzcwzCmSjmlGeqEDKrccHQp7%2BDbtHUWQvN6rjlZgGo%2Bhh7Q0aSxYP2Kq9l8X%2FiCEi3OAit%2BxCHzJukBlFhZp1hosXjrx6xGaCI1RGRTroBdq5tV%2FeAeTAxlL59BODA"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/garlicchicken.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a4d8999031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.min.js
d.line-scdn.net/r/web/social-plugin/js/thirdparty/
5 KB
2 KB
Script
General
Full URL
https://d.line-scdn.net/r/web/social-plugin/js/thirdparty/loader.min.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.169.101 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-101.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
9f4fff267e575509a2fab753d83a325fdf8bd3d24eb7c21674a588191ec0599e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
date
Wed, 11 Jan 2023 01:52:39 GMT
x-amz-request-id
tx00000204d773f7a6a59a3-0063950e83-10f55a3d-jp2
x-amz-storage-class
STANDARD
content-length
1558
last-modified
Wed, 07 Dec 2022 03:05:32 GMT
server
VOS
x-amz-meta-s3cmd-attrs
md5:8e50c4d0b7f2c69fe4b07b078876770b
etag
"8e50c4d0b7f2c69fe4b07b078876770b"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=93043
accept-ranges
bytes
expires
Thu, 12 Jan 2023 03:43:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
142 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d7d8e63939315ca2ed7fbe3f7844eb9d0613221d291368cd0a1949103bf453a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49239
x-xss-protection
0
server
cafe
etag
9771625250136978139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:39 GMT
gustocasa-25.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-25.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-25.jpg.webp
138 KB
139 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-25.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f650a0228f1304804af405d348961299216c54065321bab351283063c793cd1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:20:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62806383-2292e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CswdHsITCMAxbawPhnWQCR3gDjccwSxrsOx3sOGHbvM0OZUogzLa4fJGZoCe3KUoBgeyUNsPUCi6VxTOJyr7Oc4biY5pwZHOevzG2qxSLqQ7Ek6Bq%2FZSJaL1IeOWEHKNgXHFF1KElDVsPU4cwowibt3y"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03a9fae89031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
141614
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlrgvTwxpECl8zL88FPH5%2F9SQwgoxKrWoXXadSpmceU6PyyU%2BL%2FDhdwc9nrugYoWkbTSsT6IcvIojQg3dI9TGxABMbtOTDnTLUogx5EZGzrBTpP%2F%2FY9AN8RsqQcCJmZP%2BqR1DKuZsL7mgCIE0xyk0x6X"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-25.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528bc9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
wrapper.min.js
cpt.geniee.jp/hb/v1/216995/771/
9 KB
2 KB
Script
General
Full URL
https://cpt.geniee.jp/hb/v1/216995/771/wrapper.min.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
2bb1896521ee1aee3c66ae15726645db752297e0975ef74027994eb83c428f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
last-modified
Wed, 11 Jan 2023 01:04:13 GMT
server
nginx
etag
W/"63be0b0d-2455"
content-type
application/javascript
cache-control
max-age=3600, private
cross-origin-resource-policy
cross-origin
expires
Wed, 11 Jan 2023 02:52:39 GMT
gustocasa-24.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-24.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-24.jpg.webp
153 KB
153 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-24.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1117fdc5952f4e54a862b9180f2b9868e28f72d6ae3891185e852d3c2e94420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:20:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62806356-262b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXcbfsYWtPLLu57fINu%2Bu8V2uyzkkYCaWBu8lEn9YXE3ZWboia%2FNSsQu8KKv%2FnuGui4kixgAKACBXSrBe4EXn5mHbPIpiBJf2zhTFubyTQ%2FaHAPzgHMuqNquPfqT9JMwFA3ajUKmAc3mZqULisi7Id0l"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03a9eade9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
156338
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynY84yslZQorZJz5zUj0CSwg%2F1IcRqKpUkha6qeG67hVeqYbA7cgBo0CQgSmXYiQo74eAN5W3j%2FRD6HMkcDpPnHYeFp20Otg4yButaDNFjycudFTBlYMb2kWNX4x8lMuG6vuKBho3QBbeMRAoihVnXiM"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-24.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528be9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gustocasa-26.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-26.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-26.jpg.webp
171 KB
172 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-26.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab36dbc9e47783d6a1cb932806555de5a8248bca20688ae5ae8e063d63550a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62806376-2ac3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9nOaX8n1DmBNMiVuwUkdKoZIXAAsOwMMuLfS7jzsspP4bW28vyxSCMZS4ClfWP3lnBQeZL%2Bmga2YNPPiNZvPHr%2FrFThGwe5KMR540J2IXxLth9tHCDPUu3Nr7CNyxMNVBMbnkNr15%2BmYZQYrDPEBUiy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03aa3b119031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
175166
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQc6M%2BYRR3obm50QZchQEYPCDG5vBZlmKa1lANkxMiBe2iGPH1F%2Bp6EwHGqOynMKx4ncYO5o3q7q3ngSw1rmMvJmTiVYjFLX24KT9KLoipyw3Jnriar0DcZACQqPEMNwo%2BSneVCQU59ctzcmRpu897lx"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-26.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528bf9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gustocasa-27.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-27.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-27.jpg.webp
158 KB
159 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-27.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d3ed7d9c03a28ef107e4fbcbbc6fc1777cafa403f0d4470d5ddc437c77ccb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:21:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6280638c-27852"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH9EBTSThCrOmiCpdFvwh0n1sFp6JLj54M%2FCbXXx%2BPpapuVoFjx2WjJd2VHjk9rlIS6GMly2%2B0XVmzPgXa9KWMXFVAh%2FWpDeKewE3Ea3oj6p3qnCK9r24dcZyL30vOJbs4obz%2BwuS2llMez7YIMksWPi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03a9fae39031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
161874
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKSNI5gleOwgRzcuZeuusMPP2%2B7IJvQRXWp1rIhJSeOQ3WWwObWSbVch%2F43SWiwae6K58Luon97wprAauD%2BmsynCk1AwZRBiB%2FGs7BauOJYnJcIv1SieKcXhzS7K0kZFuSuJV81lePhfKTuUseGpCkfE"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-27.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528c19031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gustocasa-31.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-31.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-31.jpg.webp
181 KB
182 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-31.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4021aa8689373e259774172ba7c644baf410364dce9fae0a9a49909f1b05a78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:20:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62806368-2d59e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXwxe1nJkjwmo4MktlwnO4Icc524usk9BWt%2FSzrPVeVbnp7lBwX3U8ciXN4GuSWhf439fKzBJf5PGyrWqS8RQkGT0e4TalNP8GwkqC%2Bp%2B39bVZv0BpOZUJiAE6fCbZKKiSZCnlVJkeUMuQCiLIptpr8J"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03aa3b0e9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
185758
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgymPat58aPpAGx68OvtrMKF2PWxu1ycJ%2FN9jUjJAxat1Jcl0eaSpIuWfrKB0MCwKOR81%2BHnoePezd0El%2BAAzRqy92y0ceizY7WRwjwmu7CyQTZEZJnqu6o%2FJwJMAdC2Wlt%2Fs4X4sPg5Ev0rWdkVYo8L"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-31.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528c29031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gustocasa-33.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-33.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-33.jpg.webp
162 KB
163 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-33.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d3c19d4a59cbfed2dc374a1cad5752201337f20bdd2e6d16b140ac60f7f5f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:17:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"628062c7-2884a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cMjE%2BMZuP6Q7Ixxh1dcRBlsK3CvypDyTQBkNhZr%2BGeW6qp9Dph%2FmfC8MoYHFsURx1YucIXAiH%2BgSkQTTP3N84MaLP7U0stsFfliTmjCXz2hUw8Erb%2B30SSXy6OYmgZDFGR4B3JIlZpNWiUBKxZrAuPR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03aa3b0f9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
165962
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jes9LBtQdveOryfi2svFT0zrYPT6wHNCkYmMIgkC3YwkuQ3%2Bhtf0OUspbIBL5FUwMg72DnE0Cr%2BD8KSU8fHL%2BNZ3pCCdaFPaBahtmFIsXmSluh65Zkx7EtcBkEVoN%2F4au%2BWRdoCKdfk5Tawlv%2FjqpIkL"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-33.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a528c49031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
www.daisyyohoho.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.daisyyohoho.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Jan 2023 11:26:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63b6b3d5-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfp0KuWRq%2BqQM%2BGqDuDc1798nxUMjfMRZ2XZfi2luFcLMeFAGrhZMjyfZJ8eqGNdFea18AUj%2FVTWc75eO7oPM6VBMHdcF7wXMOo0C3TeTu8Dg5CCx9llo945HGp7OWlQJi3clICCwmVnAOburSwlOALP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
787a03a15f3e9031-FRA
expires
Fri, 13 Jan 2023 01:52:38 GMT
comment-reply.min.js
www.daisyyohoho.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-includes/js/comment-reply.min.js?ver=5.9.5
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 05:58:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322712
etag
W/"6200b4f7-ba3"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pip5ahpT70iAg69QRtInpyp1RuEQI51RjcMI4xh%2BLPQ7L%2Fc5tB2wQ6TDScbX5zMYcSJLTrMqVY3BLav8ZH5UeGX8rTu14J4%2F%2BdetGBVcJdXtcA3BT30OomVfxTsOzZWVGr9ejt2Fl1W1dQaNvOyZB%2BoY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a16f459031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
www.daisyyohoho.com/wp-content/plugins/q2w3-fixed-widget/js/
23 KB
6 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.2
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2607914525cf6c6fec59c2300aaf27b817acf31117394d1bb6221bd3576499a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 01:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322712
etag
W/"637d758a-5a03"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAPs8Yl8bcq4uqWtziYjQnheAzs5BQsmIYCvUNHQHRMiI2XfRUVw4ziC2yeG0xn5%2FTbe8yjaNvteNYHDHaIRh6d3m14d0PzcHpXN5Qnqlv%2FloLxOJRzAnjHvopiaowzH9U%2FU%2BAtjXHjYq26foBCVmINo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a17f519031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
akismet-frontend.js
www.daisyyohoho.com/wp-content/plugins/akismet/_inc/
10 KB
4 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1667433465
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322713
etag
W/"636303f9-29ed"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdCd%2BLExeRQIE%2FIxgkDMk3jxhBSZ7nLkf7MCQCamWNQeOk5wMLi6wq0fqgPNIioxCSiDrwd5FPj%2BqHa9HyziFFRZlwF6TE7ecayjdsBimjbQpzHJIIGjWnJk6meBW6iSyI4R%2FHA%2BBXjqB9r5WdNalatm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a528c69031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
avia-footer-scripts-58966ccff745f9ae62be8dd96ce27bda---63bbb3d984e37.js
www.daisyyohoho.com/wp-content/uploads/dynamic_avia/
218 KB
62 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-content/uploads/dynamic_avia/avia-footer-scripts-58966ccff745f9ae62be8dd96ce27bda---63bbb3d984e37.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785ed84dc18246f427059405397b7eaa004815650b2a6ce68dfe10d1c59d197f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 09 Jan 2023 06:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
124287
etag
W/"63bbb3d9-36746"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4Zm83yTE%2FCJ9Uz5Et28It3tjUDjXOscy%2BvvS89rWzXGsQLT3Zr1MT3T5IASlBRMNUrKiNbfQFJJ3jyzoWF39XV3GcMyaLnwpX1MDuynkqYTyh1on%2BiAcL0dWDgZ4npWC4Jvs%2BTZSo7%2BzQHUOczFnTQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a1af5c9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
e-202302.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202302.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc
HIT ams
date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 08 Jan 2024 07:38:18 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oregano%7COpen+Sans:400,600%7CFinger+Paint&display=auto
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e937dd960c0dc96cee987a9e21f1f01a6b9106e80d2e9c5db78dd61e5aaa77e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 01:52:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:39 GMT
wp-emoji-release.min.js
www.daisyyohoho.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.daisyyohoho.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 06 Oct 2021 00:55:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
322712
etag
W/"615cf3e8-4705"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJ6Gzvk59fwrkIwPTI2miB5aw%2Fs0jCT6ZkoPIeTtACBGGZlKVgQE4wSaJTLfcXSSFqHLv64oVuCbyY8zpMSPV0lvOLLq4fK%2FGZnyxDU98CfipFqCueuyWlRYoGIyk8zsV8krwR2tipYUm4nd5sgCyGEY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
787a03a528c99031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0513762288381539
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec86f5383d172965e48dc7a61ddf129e28e956b6442b8eeeb19c7a43ecfc0b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119962
x-xss-protection
0
server
cafe
etag
1629854535194666622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/ Frame 1F05
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0513762288381539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 19:48:08 GMT
etag
10353107486223812946
expires
Tue, 24 Jan 2023 19:48:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gl.js
power.adhacker.online/general/
44 KB
13 KB
Script
General
Full URL
https://power.adhacker.online/general/gl.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsRu0w_xIkEsAdeT7FDKXFgiOjeKLSbwNXOoqcb2QAKYGtClmJKf8oL0jjbJtXf2MacXB2zw4h4A-92p4evMLnD
x-goog-storage-class
REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-meta-
last-modified
Tue, 08 Mar 2022 06:49:09 GMT
server
cloudflare
etag
W/"32b3e2f8bc858fef8667539f0d56bb03"
vary
Accept-Encoding
x-goog-generation
1646722149345795
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=S+qufA==, md5=MrPi+LyFj++GZ1OfDVa7Aw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=1200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTDYk1ylMGzDi3F%2FHEROQpaX9ofRtx0osjivL6wXU2cd4k%2B27n2%2F4vkZhsNu11LJW4Rv62VVAwjbvkmU5%2Fcsg78eE96a3VPvZzmsslIPDr76VoIwNrKk72dJPxCw0tvgsR%2BrqcaIW3z45VrZy%2Btw0TuXvZg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
12217
cf-ray
787a03a5995d913d-FRA
expires
Wed, 11 Jan 2023 02:12:40 GMT
/
alliance.breaktime.com.tw/api/check/service/OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4/www.daisyyohoho.com/
129 B
409 B
Fetch
General
Full URL
https://alliance.breaktime.com.tw/api/check/service/OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4/www.daisyyohoho.com/
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.138.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
40.138.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d5f90174be47121a3c746ae751e23d7f6e0f0dd52237c0c81a20598a22cf2c05
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
via
1.1 varnish (Varnish/5.0), 1.1 google
age
0
x-cache
Miss
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129
server
nginx
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-language
zh-hant
vary
Accept, Accept-Language, Cookie
access-control-allow-origin
*
content-type
application/json
x-varnish
703068660
accept-ranges
bytes
x-cache-hits
0
sdk.js
connect.facebook.net/zh_TW/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=b2eda9ae00de92c183442410d5848915
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cdc83d194a4957bd5c24ea0e9e82ea4e7e56c4390d169ea266e234117474739a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.daisyyohoho.com/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Jan 2023 01:52:39 GMT
content-md5
/1gK3pYT9TbTDHXQekj5mg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88574
x-fb-rlafr
0
x-fb-debug
T6J5rUxH7DCi2QzKidOIMEu0H8eJaBbt5Jn8y1CXXlMi7apGiSs7z67ta3dHlYs9wyLFYRdYJ822F2rwyACsIw==
x-fb-content-md5
c5172bf8078fec274150c228220b640e
cross-origin-opener-policy
same-origin-allow-popups
etag
"313c37540aa0cf73f60f9de6f6ecbf1b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jan 2024 01:43:11 GMT
js
www.googletagmanager.com/gtag/
217 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-675FQNN89X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99603078-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2b038a76d94d4a96684075d24b196a8ac389644adbc27946337ad0b2ba17445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78047
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 11 Jan 2023 01:52:39 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99603078-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 11 Jan 2023 01:50:30 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 11 Jan 2023 03:50:30 GMT
entypo-fontello.woff2
www.daisyyohoho.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/
38 KB
39 KB
Font
General
Full URL
https://www.daisyyohoho.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
strict-transport-security
max-age=31536000; preload;
cf-cache-status
REVALIDATED
last-modified
Fri, 23 Dec 2022 05:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a5423e-9934"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X536qxCj7B%2BcvoMmVIjV0JLREK9QRWQWE23GVfyalfT%2F1p2Crt8wX4UEPQQIqZviZTZMRrWDePF43bXx9W%2FshS2A6va2UZCCX1JIixc6OViF2U0Q4VjOQqYh9nLcHSZC7Ide2DWpfSbORaj3fJ8xyELb"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
787a03a588f39031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39220
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2EX83P2G6GP6YVHS
age
1449190
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
x-amz-id-2
eOtV6bn9aJnSDAwk15c2Zvgj/ZkP34SEfJSVJZWK+DEHjJOl78UMq3fHXcB/QRfKU1vz72iG6XA=
last-modified
Wed, 04 Aug 2021 20:43:47 GMT
server
cloudflare
etag
"d824df7eb2e268626a2dd9a6a741ac4e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bb%2BW%2B2SxKGMzzgv97DzbXSTCTIkJQR5d1kHx100yMA%2BG0dFORr2bYrzOKCISteruTJGozL0vRsVMTuUj%2BbngaAFnrgbmFmDOR3J9tqCwlvFNNpxjutrXsvNjAMap9VE%2FyMQp%2BKnTB332SvLvGjLNiJ6h"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
787a03a5b9da9191-FRA
If2IXTPxciS3H4S2oZDVPg.woff2
fonts.gstatic.com/s/oregano/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oregano/v13/If2IXTPxciS3H4S2oZDVPg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oregano%7COpen+Sans:400,600%7CFinger+Paint&display=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1a89febb2897c1c138bfbd55d807120c516f1d65c17a4e393692f4e56fefe13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 11:14:05 GMT
x-content-type-options
nosniff
age
139114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29640
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:03:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 11:14:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oregano%7COpen+Sans:400,600%7CFinger+Paint&display=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.daisyyohoho.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 18:50:24 GMT
x-content-type-options
nosniff
age
111735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 18:50:24 GMT
gustocasa-23.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/01/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/01/gustocasa-23.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-23.jpg.webp
159 KB
160 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-23.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46719fa6a1e5d4daf4e8ff743b0a53c3703c9592deee31b3345527a1cbc71d67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
MISS
last-modified
Sun, 15 May 2022 02:21:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"628063a3-27cbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t35E4qxUjXGxFzQTbZGc5l4VqDUThUGUKNBRd48UzMNtpSC56B%2BjhifCUVH7yAfcDYyP7qvKmdxI0%2B0bfxT%2FE%2Fi8ClOvcvZYLUBZvnZAg3UiTyD7YRCfRUAjvPHdiHtlTK6yjrPwUB3troiDzC4v%2FVCD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03ab5b8d9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
163004
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULAnZeZWFfavVV7QWegO8JZaJtC6UDkHz%2BLb14QlVn1TBSJf5pLb6Az42a7bJOi%2FfcyCxm6C5oWhfluxgTUypsGjkvEWFyEWnTPqH3T%2F7yZIbwfBPAvo9ZEFq8FcObtUcsUr%2BWsC14WiAjbyOfD531dD"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/01/gustocasa-23.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a5e91d9031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
DaisyInfo-e1545660228640.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2016/07/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg.webp
134 KB
134 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49a9674c391229b89469f41d2f087546bf61d57594166b73ce0064a7136669c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329625
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136706
last-modified
Sun, 15 May 2022 00:40:39 GMT
server
cloudflare
etag
"62804c07-21602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7w8qe0QxgpCzIThtidc7IxMEzjQOhQPaRzZhX9v2lvbax79nnzeo7MfRor4yvtTRd7yaolwXjs1j1P%2B%2FS38WoFgUSs5PJwWReVTfW3PVJtOh1t8TyEjC2nbcLnMFgTY2IBMvaQX82ayrSgSPZE%2BXHxk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03abbbb49031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV0Pf%2FRJKwJ9PuiOy3ZbuwfWVm%2BjOS6MwAWa8DWUEBjGaMapgjIGulyIaxde90BDpIZr73P4LGa1C8W3qlG9731uHfLLVsWzQVj%2Bhtx%2BOvliy1sziSFwW%2FdzNbWLr3RIcpTk%2FhnJryI%2BdprFxGE4k0KR"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2016/07/DaisyInfo-e1545660228640.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a689619031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
notify-icon.png.webp
www.daisyyohoho.com/webp/wp-content/uploads/2021/06/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2021/06/notify-icon.png
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2021/06/notify-icon.png.webp
4 KB
5 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/06/notify-icon.png.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c32f8594fce5f46ea5717bd077b1eafa996a51a510d34f5252e9621c0ebcbfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4400
last-modified
Sun, 15 May 2022 02:46:41 GMT
server
cloudflare
etag
"62806991-1130"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt%2FSGjXnvA0KI76EyEkRMOMwdP1dFpgHMn3SXkL%2Fmmrpig0QPNpiZzMi6itZwR0LgdHJep3b%2FPxfkSdG%2B%2BDovx0SCicrEkL%2BiOWg2dLMHb9zLMzbT89o%2B%2BFjMaOMec4ER0RFQgdgDe7KM%2F0pMVu3vmN2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03abbbba9031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkg%2FI8FG%2F9rabsnZYcwia0Km%2BgDxsCFnUy%2Fumq2%2Bd6UBQhXZt7jYbzAfQVfMOBssbiysJXgUTpofTfe%2FcNXl1pqY%2BbTQHrwF%2F%2BNF6z0SNp1pE9gEUeB4sYiB0zefQqvIyuTJj%2BDray0xQcdm0Ur6kAJf"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2021/06/notify-icon.png.webp
cache-control
max-age=315360000, private
cf-ray
787a03a699629031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png.webp
www.daisyyohoho.com/webp/wp-content/uploads/2022/06/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2022/06/%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2022/06/%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png.webp
11 KB
11 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2022/06/%E6%88%AA%E5%9C%96-2022-06-27-08.51.51.png.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a685e465b5d942658f45adfadd3c125008e85bc9c46f6695b872a098c01a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
311041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11194
last-modified
Mon, 27 Jun 2022 19:10:05 GMT
server
cloudflare
etag
"62ba008d-2bba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CERAVRZunoaVRR52v7PFzW6Y6tiD6UoGGU3Qz%2BDgYrgEcEQeC%2FxpNjxfKl2XTMVUJJcCv5JRaYK0Z46Sp2PMy%2FFEIvTEp2OLa1F1jJ%2F1SepyMp6uyHZWXUF2bkpPdRgGYUEAxvOXoCTyEzM9CG1wYCc8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03ab9ba49031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8hOgMq9eFYjxmY8P5ro7v1nESCRMT%2FwbwqbeIGwqHb%2F7zUaDvVod1xhlWP5ci7IGCrkCN%2F96xa0l4mgyoPYuN39XKOE6iG7Bq%2FCjKBafmgyLJX8ai%2BJjH17Ky13MueKxbl4zIN9fEdIz8%2BWiJj6pB0U"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2022/06/截圖-2022-06-27-08.51.51.png.webp
cache-control
max-age=315360000, private
cf-ray
787a03a699639031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
skyscanner1.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2018/04/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2018/04/skyscanner1.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/skyscanner1.jpg.webp
15 KB
16 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/skyscanner1.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d85640ed19bf877a704d275804e8608d52e9201417e41ca3042abca7e48564f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124280
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15612
last-modified
Sun, 15 May 2022 00:51:06 GMT
server
cloudflare
etag
"62804e7a-3cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BksA04rJfYHfUjl4cNihwwcJpOQiWNFstZ1A%2BUUT4xCOO%2FfVml%2F4%2BvaE%2FR%2FPKR30WpnSRM%2BPKEzYN%2BGxiywjX5iSEXIffiEQbpWQFxcPog5Q%2FnN5VpYH%2F%2FKswyqnVlD4Kqfg5aWAb6lNV7mxVMdx8iS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03abbbb59031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh4GQt2ezDgYEM0BwTRT%2Fu%2BKjvEa6ODaes7TYDryCR28jKzSmEPAMFFcU8dCkevrXTvoWnmjzzMCiJM8QD8P%2FE2fPMLcblk2gmpvU19%2F90mgrnK52bMNmYLS0PYOBdGqAm017XCjCH%2FpNIWbqTmz3yN7"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/skyscanner1.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a699649031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
hotelscombined-side-bar.jpg.webp
www.daisyyohoho.com/webp/wp-content/uploads/2018/04/
Redirect Chain
  • https://www.daisyyohoho.com/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg
  • https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg.webp
19 KB
20 KB
Image
General
Full URL
https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg.webp
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Server
2606:4700:3037::6815:1950 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0db89aef1fbc88cfb405acfcb99f3919bcf39d335e9f1acaea7a9a924766d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/garlic-chicken-soup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
641999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19722
last-modified
Sun, 15 May 2022 00:50:53 GMT
server
cloudflare
etag
"62804e6d-4d0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey3A%2FwRRWRj4W5fEw%2BtxrNYbEmBTN6JNpMidmw4uSw8cBCGOr%2FiQXbyHMTr4B3B5d6n4yApgOSLsi95b%2B8Xmn5ETD5rX0FUsKDNNaus%2F1EAeKX4eX3eFi4yJ1TQtMgdJge6Hw44%2FikNJAxu9CZw9PzMk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
787a03ababb29031-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BNEftnx42pQQ%2BT9r6HSFWI6NSfysaoVmOGr2b7ksnD8dIubuzQIMgOIL3LTT6FdHIzzlw6lNgLPxgyB2dZMyiW7%2BLdGzn1dlTPDhBKdIKJ0c7Hos7ffqk5vm7lkkRH6fYYKWgkZszP6pBUOKkqw%2F44g"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.daisyyohoho.com/webp/wp-content/uploads/2018/04/hotelscombined-side-bar.jpg.webp
cache-control
max-age=315360000, private
cf-ray
787a03a699659031-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
180x280.gif
www.gobytrain.com.tw/Blogger/
50 KB
50 KB
Image
General
Full URL
https://www.gobytrain.com.tw/Blogger/180x280.gif
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.242.155.195 Neihu District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
mail.gofederal.com.tw
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa8c946cb3e5676f2c208b9543ade0b4bef217805746342961eecad5964d2cd2
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://sp.booking.com/index.html?aid=2257594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
last-modified
Tue, 22 Mar 2016 05:05:33 GMT
server
Microsoft-IIS/10.0
etag
"16afb076f883d11:0"
x-powered-by
ASP.NET
x-frame-options
ALLOW-FROM https://sp.booking.com/index.html?aid=2257594
content-type
image/gif
accept-ranges
bytes
content-length
51019
collect
region1.google-analytics.com/g/
0
350 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-675FQNN89X&gtm=2oe190&_p=2013717530&cid=809618810.1673401959&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673401959&sct=1&seg=0&dl=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&dt=%E8%92%9C%E9%A0%AD%E9%9B%9E%E6%B9%AF%E5%81%9A%E6%B3%95%20%2F%20%E9%98%BF%E5%9F%BA%E5%B8%AB%E9%A3%9F%E8%AD%9C%EF%BC%8C%E7%87%89%E5%88%B0%E6%B9%AF%E8%AE%8A%E9%BB%83%EF%BC%8C%E5%86%AC%E5%A4%A9%E5%96%9D%E8%B6%85%E6%9A%96%E8%83%83%EF%BC%81%E7%BE%8E%E5%91%B3%E7%9A%84%E9%AE%AE%E5%AB%A9%E9%9B%9E%E8%82%89&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-675FQNN89X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.daisyyohoho.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2013717530&t=pageview&_s=1&dl=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&ul=en-us&de=UTF-8&dt=%E8%92%9C%E9%A0%AD%E9%9B%9E%E6%B9%AF%E5%81%9A%E6%B3%95%20%2F%20%E9%98%BF%E5%9F%BA%E5%B8%AB%E9%A3%9F%E8%AD%9C%EF%BC%8C%E7%87%89%E5%88%B0%E6%B9%AF%E8%AE%8A%E9%BB%83%EF%BC%8C%E5%86%AC%E5%A4%A9%E5%96%9D%E8%B6%85%E6%9A%96%E8%83%83%EF%BC%81%E7%BE%8E%E5%91%B3%E7%9A%84%E9%AE%AE%E5%AB%A9%E9%9B%9E%E8%82%89&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1813107990&gjid=1318387562&cid=809618810.1673401959&tid=UA-99603078-1&_gid=319225897.1673401959&_r=1&gtm=2ou190&z=490987649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.daisyyohoho.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.daisyyohoho.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
397 B
703 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.daisyyohoho.com&callback=_gfp_s_&client=ca-pub-0513762288381539&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3074209502ee3d9b4a1e1df40857995e865f0b6e6d38fcbdf2982ecc52159800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&tn=HEADER&id=header&cls=all_colors%20header_color%20light_bg_color%20%20av_header_top%20av_logo_left%20av_main_nav_header%20av_menu_right%20av_custom%20av_header_sticky%20av_header_shrinking%20av_header_stretch_disabled%20av_mobile_menu_tablet%20av_header_searchicon%20av_header_unstick_top%20av_bottom_nav_disabled%20%20av_alternate_logo_active%20av_header_border_disabled&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 76DB
242 KB
57 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&adk=3046330955&adf=2044148826&lmt=1673401959&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959242&bpp=3&bdt=856&idt=301&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1161921313003&frm=20&pv=2&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae43c598938e35e9110ec0864a4e602e41041594fa364343bb9a8d1631778ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
58356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Wed, 11 Jan 2023 01:52:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99603078-1&cid=809618810.1673401959&jid=1813107990&gjid=1318387562&_gid=319225897.1673401959&_u=YADAAUAAAAAAACAAI~&z=1053916984
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.daisyyohoho.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 11 Jan 2023 01:52:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.daisyyohoho.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.1&blog=129432118&post=89805&tz=8&srv=www.daisyyohoho.com&host=www.daisyyohoho.com&ref=&fcp=2328&rand=0.6932691814670782
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:39 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 2B28
71 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c903f39a3bbc7bc61b7072554fef65730f908201bc55b2d39a65c2152844bfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
23227
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:39 GMT
expires
Wed, 11 Jan 2023 01:52:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D00
72 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a74f21f2af9a33d4fa151a40717e410cbc73f8dcefed9b0bc1401ecdfb80db8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
23205
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Wed, 11 Jan 2023 01:52:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB8C
71 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e2e396f0365ebac168a7d2f947ec53e460e1deffa440dde0438773cce04a99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
23174
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Wed, 11 Jan 2023 01:52:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99603078-1&cid=809618810.1673401959&jid=1813107990&_u=YADAAUAAAAAAACAAI~&z=1498951250
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99603078-1&cid=809618810.1673401959&jid=1813107990&_u=YADAAUAAAAAAACAAI~&z=1498951250
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GTM-NBFBX4V.js
power.adhacker.online/ps/excl/
72 B
612 B
Script
General
Full URL
https://power.adhacker.online/ps/excl/GTM-NBFBX4V.js
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtx3d2_xucIDLq4WxRY6KKJT2UiNunTkBkQS5bYy3YUH1tcEfVEB_GNzy0ErXHw5EQRtMQm_8dSGajzI-ucjZsNX-lVAqq5
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Jan 2023 13:00:03 GMT
server
cloudflare
etag
W/"61a138921c394460a1d0c39b02131b7e"
vary
Accept-Encoding
x-goog-hash
crc32c=KZhPgg==, md5=YaE4khw5RGCh0MObAhMbfg==
x-goog-generation
1637240402986710
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1kCKS1Uy%2BMEJUq9tBkSG8%2B1ZG%2BhMyuYuncV4DI8SyYUpjT1qikdZSLuW8bxvrRU4us00SSnZAjVti0ysMsJ0dIsn9Q88xVwKXfB6BV%2Fgl20Vg1vlRY82kAPoWUN0yPjEDHlMkg7UJTW5fugNPOdK%2F40k28%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
72
cf-ray
787a03a84b36913d-FRA
expires
Wed, 11 Jan 2023 02:52:40 GMT
gtm.js
www.googletagmanager.com/
117 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBFBX4V
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd1e60b7df3ff6d7e4b6c1af3c71a8f6c28ba582286791ca14746924912cfb2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44230
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 01:25:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Jan 2023 01:52:39 GMT
gtm.js
www.googletagmanager.com/
228 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N4B8VGB
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26bc552510d894ef4dc3184b6fe93abcdb931f09319034d9a5ed7d39bcdaa491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57927
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 01:25:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 Jan 2023 01:52:39 GMT
cat_trid
catalyst.breaktime.com.tw/v1/
83 B
580 B
Fetch
General
Full URL
https://catalyst.breaktime.com.tw/v1/cat_trid
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
988f4ffe9da8f33bc22c6668f1a3ac2e486c80eb752fce5df501959224554dcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 01:52:40 GMT
Server
nginx/1.13.12
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.daisyyohoho.com
Cache-Control
s-maxage=0, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
83
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D75
15 KB
7 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5167bd14eb7624ba5762ff8ea95c05ba443e9a782b984d7e752fde27492dc41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
6659
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Wed, 11 Jan 2023 01:52:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pmp_ads_cfg.js
power.adhacker.online/pmp/
107 B
948 B
Script
General
Full URL
https://power.adhacker.online/pmp/pmp_ads_cfg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBFBX4V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
703
x-guploader-uploadid
ADPycdvNPxxm2sl3yJCST8bXb5jq5lQiTucnd92biXmt13oUahfyhjyc1K2A49WGq_ixsjo_bbbr_QA6S81dVC-PeBT7itdPfsAS
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 May 2022 10:18:21 GMT
server
cloudflare
etag
W/"fdd79f0570565c33347a76493d27dec5"
vary
Accept-Encoding
x-goog-hash
crc32c=v6ttTg==, md5=/defBXBWXDM0enZJPSfexQ==
x-goog-generation
1652869101996357
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AykCfNdOEBF5LbHUENcWEyo7DUfWTL98OPLzV45jTYhL%2FfBN3HauzVWNtvqwAljIcB5BI4FeXUnEluzR9Nu1zkuQfb9yQIz2UxXUWw4TEa%2F0Q73EWZPkkOHnxZ5s5zMkSnAMjwZtKGcAT9RP67dsfohON0E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
107
cf-ray
787a03a88b6c913d-FRA
expires
Wed, 11 Jan 2023 02:52:39 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBFBX4V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04b6f5ec2f0f37052769275119ae272d64894bdb06ccbea463d20bb134a6cf44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27763
x-xss-protection
0
server
sffe
etag
"1448 / 782 of 1000 / last-modified: 1673392045"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Jan 2023 01:52:39 GMT
pmp_ads.js
power.adhacker.online/pmp/
63 B
938 B
Script
General
Full URL
https://power.adhacker.online/pmp/pmp_ads.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBFBX4V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1988
x-guploader-uploadid
ADPycduUpfmVEEPYJYxm2-vB_lctGn0EEz6zXSe_pLXsyl8RuWCHCF895hFLXuRcwnGoTXdee3rJA0Q9R-a_YJ6F06M478imtU18
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 May 2022 10:18:21 GMT
server
cloudflare
etag
W/"90e3755e0f60542fe1ef74ba1639e239"
vary
Accept-Encoding
x-goog-hash
crc32c=ySZKkQ==, md5=kON1Xg9gVC/h73S6FjniOQ==
x-goog-generation
1652869101997911
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gxp7kQrGzdQ%2BlTZMnNIIW4ksy4vPRv6a6YSr7iZC%2FIbAPtawtKS%2Bcb%2BQU4anfvjHgt%2BOnzpgMsLnhOxc9bKBnWI%2Bf%2BOf0NTOHaHMyB1DdnxAvY%2BWLWxIrXzyZFnsS8L%2FMLqPnHz0KRLA1xMaPOnkrcx%2FLRc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
63
cf-ray
787a03a8bb139125-FRA
expires
Wed, 11 Jan 2023 02:52:39 GMT
pubads_impl_2023010501.js
securepubads.g.doubleclick.net/gpt/
384 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 11:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132895
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Jan 2024 11:51:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
154 B
730 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.daisyyohoho.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e88723e14945a8eb059bfa3c7201cc849b45ff414b6aef581fd62a91a8d8505d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Wed, 11 Jan 2023 01:52:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 2B28
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 22:39:04 GMT
css
fonts.googleapis.com/ Frame 2B28
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:02:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame 2B28
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 16:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:23:11 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame 2B28
390 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375bab585cf2a387b8061143ca2f4b310c6f68511daacdc1d45cdeac8005db45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 22:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134996
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 22:23:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 2B28
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
yads-async.js
yads.c.yimg.jp/js/
0
0
Script
General
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216995/771/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

gnshbrequest-v2.16.2.js
cpt.geniee.jp/hb/v1/lib/
97 KB
35 KB
Script
General
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v2.16.2.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/216995/771/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
7f2ca409ccc7a7fdf7dd155ae62b4c42236c221ec31d517b3cda14d903fda69d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
last-modified
Fri, 23 Dec 2022 11:11:03 GMT
server
nginx
etag
W/"63a58cc7-185c1"
content-type
application/javascript
cache-control
max-age=86400, private
cross-origin-resource-policy
cross-origin
expires
Thu, 12 Jan 2023 01:52:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 9D00
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 22:39:04 GMT
css
fonts.googleapis.com/ Frame 9D00
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:04:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame 9D00
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 16:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:23:11 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame 9D00
390 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375bab585cf2a387b8061143ca2f4b310c6f68511daacdc1d45cdeac8005db45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 22:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134996
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 22:23:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 9D00
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
csi
csi.gstatic.com/ Frame 2B28
0
318 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lcr0bk6n&c=4069794016590&slotId=2034897008295&qqid=CMnU-oq0vvwCFSyFgwcdYFkMyQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B28
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
119268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B28
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
454225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B28
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZjSVZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMByAObBKoE_AFP0PnnmzFXZKlR1Irli5EATW6pCbT_3M5vncB5NS6N3bDmmoWmlK_M6R3uRog0FRHf8b28Q0HDXJP2zAtvhSx7eDeBHCciCmaSTPLTC16rS1xzSWHV2kXPbYN3vhumMfK2zeUEoE62qOR2b4zxJC1lVPKfYcJr1maDNmGkOnr82zm_mVaXDO8z90cF-GaW4Mm3pKwlPFqultZd3xYhEN7xkxUu7TwEZQay-BxfnFMyiBNCXsRsEDSqe58owc2tDDuYhHazjt10Un39lIw26uoAkPcEl7IF_loOpwdtvDsH4uJhpK3ejrUJfzCVXywOrxAgpN83XP0jjmBDX2bABKSI95iuBOAEA5AGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE72h0hHIE8D0z-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1673401960183&ai=CZjSVZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMByAObBKoE_AFP0PnnmzFXZKlR1Irli5EATW6pCbT_3M5vncB5NS6N3bDmmoWmlK_M6R3uRog0FRHf8b28Q0HDXJP2zAtvhSx7eDeBHCciCmaSTPLTC16rS1xzSWHV2kXPbYN3vhumMfK2zeUEoE62qOR2b4zxJC1lVPKfYcJr1maDNmGkOnr82zm_mVaXDO8z90cF-GaW4Mm3pKwlPFqultZd3xYhEN7xkxUu7TwEZQay-BxfnFMyiBNCXsRsEDSqe58owc2tDDuYhHazjt10Un39lIw26uoAkPcEl7IF_loOpwdtvDsH4uJhpK3ejrUJfzCVXywOrxAgpN83XP0jjmBDX2bABKSI95iuBOAEA5AGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE72h0hHIE8D0z-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2B28
30 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-An3fbmBrJ9630hs6QFJsPuKmIB4jN4BRlSjhRA_ZtmMnAzne--99ydgI3liCmezqzTh5L7xQJvs1kasXqzGpL6purgUA&cry=1&dbm_d=AKAmf-AxR3TYgNLH1ZxwGYWNQmayFKPMM2Pt9M4ypYlyUfFWPXdr8DU-RJ_wFF_LUWHlGiSWc5o_7VaejashUTbtziKzESScgOZ4C_n7uoxzQVYML1nCUxjbA20X6YF5Ce7GYDOxvimO_YSm1FpD3OTNsXXkY23Cwzb8WWS_StAuKL7PsduXBShm1eXin6nZB0Rn9IzanMQO3mpZSe0N3DhA3gvr84Gaz1D4-Xn0BgJoNHIbeVtXVgNas3wKX7wwIjrXO2l43ejAbTDu24UjfCJr_IOhw8UpMGg1Z2F-3GPwgP_2it-Ffk0Gn9hs6kshye6HwMgT26iRaVJTBVpg7S6KGBfisONz878s5aNEIdp5Oi-O9Mzq-4TFjv5RxuVww4cnSSZewOObBKMF8h5_9lkD6XmaRD5rdm5_6KCFJW-skK_y3b2w6aeMfcPYqWTm4AX17NoAZz8rVBNqPeoWrg6Mx9CMRYjAnpReEtwb_bgSy7FMRE7DEdpAwz7gWzv935KkMm9-oz3NN2lekSLYQqQ0Qr8-XDZ15Dvl4gTfWPnrVdfj1UTstqsrDZn1PS2WD6zr1sOizkTi0LnhjdNOCgT24rlk71hjyibJUi8DrtWCQXKBPnKfZAtXlhx_-YSmZBknc89JyZXY5O6qeHK-khV_nEatxRYEXO0U_7U4Vorl3TJqyrY-Umsn7i7ZEuTSrXVsIWUOhHXu2TAced4HIf45nHlmjZH-VPw6StKqVrOTRp1eDuOVLH1PIG-qm-cusz8ix2QuAWydg5HMr6cp2Qc09gMz14HO188fFDc7Mp5qw7CvzGT5J4gsF-1Pce32n_2ktW2E14VqNN7oznZdm8rYV2iSrVAPLsuQJLHRbj__yWj6mAfOOZ5sAXB_WZlG8Vm6I2-wclovBhusR5jW8GD6ZL3-eJdbTr5tAiEgsb5nUfzcyz5NElqOipMazBzgd5vreaEXJdDZhyRRzseXXweFGXS5zs0ZjTBgS2ii3CHgFIE-fh8rVXMQZDqgw3MhYIPsh7Bn2csNul2ZuhXKcOYx2rR-fWHNt9pz-duVbwwCwXrr41hbs-JsrW4sc816TDqMr0Y4QUiuImfJOG_twIGe9eDS4h2zT-HBRPWQrtIz0zIxYBjKVLR5SRd2jTOi1cqnvucZGeiZ90MmhJLCnpt5z_wv_hNJB6PBI5fVsoZXT7FW6MyKoVAlbHr_KKOk269mJ4cpTfFxQYOJ2ey9a8-R9ReQh1DgMpuo831H8mWJgc_XZONANs5ITt25U-Ej-0u-S0ewQqNzAGSNnbCq3O6gB53931_OwLQspfUcbzhvvugjy6UvnhkcSitHxrNfTQtCWF4cpFTsNPypjid1dUr5fCoPobf-BcQdqacFOG6w8TWEcRK2QUAIHdtmTNGLOLVRfKTklikHW3IhLmcWa2jg_iZnma7_Ozi4hBfeJQhE4S3VyhVQPcPPwTZQtF95sJOlafNblGb3pEieKN9EvWU89Uo7OpNNxFt9aWtnr147TeqjBNBRRZYRqy8ngvOBY-hb2kLRud6oKoCNiK9wXVHaVsL4AvNhw5r9-n-L3GqZDCqSf9z1gk1FxPwlXqQsm9WoQOHrxYonOopFXuYjVACJlt_zphQm0S5DKrpiO9TtUwLjASeImPAbs_SrzAdrdK0H-nvgZPNr6Gj3oxkLY0ReIPWgm640TUY8-sPrK9ZxwtRvAKVtI46W3K4OSOFMLVShPVXp3-Ki5foHx2j3oHRhxle6cxIIKIQbRudu0g1nyscuwIrwQ6FIdoN2jo9p0qeQqMokvVve884EWDDqFhCPujuSagUwRK_yxe-UIztZ3s6AqkIxLbQa3wgO3s0fI5cTBD--cOHLF1Kw0GfmwdZKOzEvL80nN95cvnTC3Ag8IFcJ9o1kscKApIzxRnkCfy10_yTKo7sKHN6GAxvYMCGt7qf7nNr04jLzOU5Wq8BxsaERZGh2CLC2d6M7L66TxREIiqmOxxuOxMTFTkfkzrLW8oVO1vJY6npCJ1cTdkkNYv4waMbRn-3dEpGZ0c5rvXSUrzsIhH41SJHteU0pbr-Jgw2yHLPJv7n7nZxXKm0156T-ymqiqh-qBWANfoOEd4gCi6piMbnA6xD_7I1bqPtubpM04wWsNw1JcCl8j6p4xOayxVkkP83XgBOTem9JMprkxsPxOgU56VVMu5WbPmIhL6jEZHxIZjJDZGflhXNade1zpoh_njW13nr6x6e48_dgZgCikRjSI-dR9jVg1OYfMcJV88KfLmT14Fr7fcfmho_9foEah73nr9F5vqYoehTaB8omxx_EN7r7-2OIMokbFPqMB2DHTBSBFbOZFyCIZ4YaND9D6-YpMurJZ7-4BPTnVaSAcleZhni_zms-XwxA4Sf5ZcpHPxhpBCfy03PDSeDx321S14V3mwY2IMSs_DKvHGucBIbZHAeOB-yYyk89mXep9F8XZdPqDWIUucmk6L2v2KmR4uPDuj5gzRNOUtvolT15SB0Slo2GeU_i2ulsVHYxVHi34E3hOAT4CI3aXeTpO9InixRQ1fu2DRsN744htZ3NCeC7K1miXe1f_A2_3e9qIqZMBxwRqvtddT-HIEzVcoXvZPzugSsJN0dNQjeZI2KVhQCqAjxPtQY5bXFbcG37fZJD5VybptmwKg4CUQFNPbhDCFff80WqJ0b-vFkrprA_kCQ2i6v62Xh5vBmS7HXCMV103EJQwYai7EnfPoi1kCduzBhW0vi2JIxQCkuB7CwON6r6JaqkPCL9A1MU-9HmdZ_kOtfbbuNQsg3uL9X_5vyF9_Vcaxdn6LkfkhFak4Mo-qmamDA29LtA7W_22XZEQIrmCvNsiQG4bM6JbdkUwqKRSsO8fL00WP9iEQ31Sj5JP8CMrdATZrKeg_lO5-VRaypMsRo21ditP6mHU4DUjpB5j0bOXadFjzNay-nhZKU8oDMGIO8Ze1jMer2uTRJWwRcQomdxKuiwDMLiezJnjRmx3lBtHdYgD646LkL1sL40l3W8ow1ekpsY6l0SbJmcfx3Vt9cnxnlYa1jM3_U6ndNZFYdFdVVOHMs8yfxwCNmSTT4bDxuo0DSaxhBmHas6RQVyuXcoBPGkuwUQ86_6bQdJ1KeS2Ows3zEDlbDL7kwvtlZpW_sVJA29xAPRwu6oy95FFpskaNQXUfWqWVPs51F-L3rNnvt_BQruO90_wYOJuqEiSPn_ISkF1L-Vj6-uJPhkvCJ8ziF9x4vudS1hKBWIDGikvvCfTZdKBfvLFbjh2lnNzlsqEghZSBxanCaGuvdIaG_Rm5qmz5ZuU_FG_SrwIDUWNmgtN21k7UqixaTVoIEkxL4fQKJwc_xgGpZ6Uu1U6jsbAoam7ZFSEjZQ_OjWTYbEm6Xflwb4UvlsA3E0aNsXCkn2wAMwdaRCrERVSVwVj2bi90tGZ8UuXWJOV_PR2jS5tuFcHO_RSDKPT6M_YvmxILwynoGY-2qGpxX-841e2ZN95A9eep6v0T2oi_afLOkSEMrbeX7Nd9GUooCmvVV84oZo-z4PwEbLG1y5AySwu15lkPD-HQ7A02ytpxtNjZqy6unlFR_GvBvWppAzG7lb6ONku0rg-YzsEgEIkE5CnRCk0mtUlbNpHcFBRF27Q7eK_DEEES1--IbQegiDetTM&cid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
cafe /
Resource Hash
c2c370289dcbd2b6fed53933a7e342ce3f1201c1393020e6ad3f69ec86407636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16198
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2B28
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzirnZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMBqgT5AU_Q-eebMVdkqVHUiuWLkQBNbqkJtP_czm-dwHk1Lo3dsOaahaaUr8zpHe5GiDQVEd_xvbxDQcNck_bMC2-FLHt4N4EcJyIKZpJM8tMLXqtLXHNJYdXaRc9tg3e-G6Yx8rbN5QSgTrao5HZvjPEkLWVU8p9hwmvWZoM2YaQ6evzbOb-ZVpcM7zP3RwX4ZpbgybekrCU8Wq6W1l3fFiEQ3vGTFS7tPARlBrL4HF-cUzKIE0JexGwQNKp7nyjBza0MY5kegyAcm-bNngDfQ8uIXYXkfoHgIq-JyozEJGcfMS76Vso52VcpdSBRKCLqnnk_mOCN8y_BK8bFr8AEpIj3mK4E4AQDiAWxisv9R5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDzqxMYmPn-3AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMDUxMzc2MjI4ODM4MTUzORgA&sigh=MaDCdbMxmNI&uach_m=[UACH]&cid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 11 Jan 2023 01:52:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D75
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAdCDol_BE7lKz22TB06uOHXnURH_axVR2RLhpOsq8kO85z0j5uO2fIrHhU4iFMs9p_bDsPXKY9tjr0QSHk4gbWDZsb5-Qm7Y2Q-R6pgN3658mFPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D75
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12013401495894662312&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3D75
76 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 3D75
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
19165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 20:33:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 3D75
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
l
www.google.com/ads/measurement/ Frame 3D75
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSSBgvdmOMEXvSlRMHI6ZjfprJFkCTJMEb9uYJqqP07wQ9khW9_C3TDB7c3-n2l-1-EXnc66DeGJhutk20vtTZtvy0bg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D75
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 01:52:40 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a610f00e7b57d9f36954b8da1d5f4dc439cb10cf2d9486d0cd5a33a93ad84552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52352
x-xss-protection
0
server
cafe
etag
14615381313608321161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:40 GMT
truncated
/ Frame 2B28
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d3ded0bec7cdcb03de8134cfee3ef80a49ba441eb32bcd26a0ab15394814116

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame CB8C
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 22:39:04 GMT
css
fonts.googleapis.com/ Frame CB8C
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:02:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame CB8C
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 16:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 16:23:11 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/ Frame CB8C
390 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
375bab585cf2a387b8061143ca2f4b310c6f68511daacdc1d45cdeac8005db45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 22:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134996
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 11:40:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 22:23:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame CB8C
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1117
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Wed, 11 Jan 2023 01:52:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 9D00
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lcr0bk8d&c=946615467453&slotId=473307733726.5&qqid=CL3xgIu0vvwCFRfIdwodoL0Ifg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D00
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
119268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D00
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
454225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D00
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cp-45Zxa-Y_2hLJeQ3wOg-6LwB47z5YduybTx7owR8C4QASD-_IwmYJXikIKgB8gBBakC3XyitBACsj6oAwHIA5sEqgSCAk_QgD-0HHA4Vb2ysq84_CuwuuDhfv8ofVGAtZuj_fRe7qbgGxwyGc4tG9StYTdRCM48D65qIz5lhXWiT4PFdmU-E5NaZp9vFG_qm4Kt2yvoGjNwzWlZ7naH9rLxyXKhhTeV3bkwlMsvabvMdJn8ES3jGW5UfTgbNZ-8dJSxu1fqEsj43inoNl_tZQ0bZ7LTwxYaOSgjS5Eitrm0Y-Yc7a-H0nae09WxnGeS30M78Ktt1rk2OydWRNdeos8Lywq64SwD7bdlT7oRoRCGldWQB8QnxY7ic1QiWDyDGCaXjWtj1kdwt6hN5Is1qnrHYheaBP4w9UoIPApqqj7txNOX-zpYDcAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1673401960242&ai=Cp-45Zxa-Y_2hLJeQ3wOg-6LwB47z5YduybTx7owR8C4QASD-_IwmYJXikIKgB8gBBakC3XyitBACsj6oAwHIA5sEqgSCAk_QgD-0HHA4Vb2ysq84_CuwuuDhfv8ofVGAtZuj_fRe7qbgGxwyGc4tG9StYTdRCM48D65qIz5lhXWiT4PFdmU-E5NaZp9vFG_qm4Kt2yvoGjNwzWlZ7naH9rLxyXKhhTeV3bkwlMsvabvMdJn8ES3jGW5UfTgbNZ-8dJSxu1fqEsj43inoNl_tZQ0bZ7LTwxYaOSgjS5Eitrm0Y-Yc7a-H0nae09WxnGeS30M78Ktt1rk2OydWRNdeos8Lywq64SwD7bdlT7oRoRCGldWQB8QnxY7ic1QiWDyDGCaXjWtj1kdwt6hN5Is1qnrHYheaBP4w9UoIPApqqj7txNOX-zpYDcAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 9D00
29 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CB3ZG473xKrdIQ7k9k_Wn9ccE64loME_WDNR34MTnnN7Bxpc4BKXmXB082ygW9IoyOgFQsTSGa-MlkaOiIWlrfLXEnGA&cry=1&dbm_d=AKAmf-C1zGSw368_GVMlKG0xKhdlyJNbms0D4AyoiRNUdPE1nG5Bdjenn-pSFOTJwaJDZhT73c8TRmUJrxCzxQLiLZPSJy2t5IDDlII0AhSRGAdcMDqGK4DDJwljZLU_rFwg24I1nYDrzARHmZcMKdMt9UHecItLQocnW28c_-mr-zQh2t5UTXxPk6Tw6oRGANUJdDeJ-BXq4cmZae1TSxF-_bFAxbDohcu_H6khYztdU2ZYz1S9xnbkE1Z69kIrLpbPKmk400DCPtKSQtsfLWG4_suBArRgQSuiCTdPIbe4b6JzYoVvJuUxP5foWhXtqznnU082cxBNSF5lsG37-EBOScfvxIGKRPJ7SB9cAK2vCqPDAgfSY5dTtQ8fZN3iKu4eRpkP-Y0n2ls5_e7DwnwwG8_BamHaBJEisovn1CT_FAvOwGip1APOmzkpOTJXCFq2pVP1HvJBpj1iJwoCQsXq23Evg7KKoiNBMcSbCaNJlwlbz9kBpCw1knczaF_foi3cOJJ0lLmW6Xb9peRxzMtZd2fduvskUikYxT6DrURJ1aL1fkXI-12IW0eBcY5wjdOQSbc5i3CeNaBiB3C-uwqH3ClUtHDpyGQ2rpzM0cNQ2PHpumaEyBnRPJshYtQ5D7t5cL_XQSzYHAbjI8YuqWmTOWCl-Nhl2n21-G7BJa9g0NU0DlP0ecFAIPHjQLcrC3vzU2SEPTWWQp8ayJ-BHypFX1ONquspuwSBA9Xy3RzemyQhlrvV0Vn8eS7ZqbUiXXqN44vq-Wk91ifsPynMKrzQx3Zcmj-NipC6idv0M20S-4Daloc7Gpyq_FjroLQEFmTUOaqIGkPnY4kjDOchTd2iXcKtlQQ68i0YvleKVBcpjVkUjRTYoit6vbJuysrZtT2SsYk43zRWNGyyxz6YXDQ9YlBjVNjMecypbbXGvbAXyRferjNWXJi4Qz5weP0tRYxZkVs-HX0s1KU4JSQEwKq7I5GR_R4SuSY_zp9bw4oJaplChLS0HGerJ1HVyQAqdfFBgkHuXs3NbwH5XKj30UBNPeQ-t-ByZqEEcheZTx7dk3vKR40ChE9ENzpjS6eIh19xU5jRPF4fZoAsRS46WGeI4Q7fkob5lxvhOtn_64Vjb9RdXrBT7IufnMl3duy_jscIf7JnvHQ_-LLXPATD5sSZVqlZQr_paKrRiyvlXgHd0X-5SE_hDNCT_P8qb61uV1sRlmSI7Ja0RGPY59PBGHbiN6oFYoLSXJ2P9SYGLa1fqg-iP7f-gtkQqp35KhiLDsoigOgHJ7avYiPPLM7-jh2ZAbsuZwCePmUPwjyg2sajRtsiBrnhAvC5V4w5d2gTgV9nttTiRXx3LYDo9W3F6SZYHL878PahV7Vf6l79vG2__IJ4_Hhx5AD0S2BVA3KDeAnRSsSSMaKTUOtOua7uvvp6f527SRYrDw78ByY4Alf7KRFYLTuHEm_efqjII0k-pbFgYwxQOsyB3WWvVFf_Tc5S_UVm5oq-F5fEo_XFkWpNdJzs35YvkdaVUGUHthinqJ8X46gdFAa_D4oYBrNMAg7pvYQb9rXcxzIfJGXSU-z5a-Hnq1wgEuYCDb2tH0980mHd1hxed3ia9XV1at2AlYZQ9skRPKvPwveoDZBt712AvBAjcOixXgf13_TPk_P6nQfQ3E73R9AtLDoOHSZi_a-jXZA-qxx5ZAvJgGBuHA4IqxFd-768CHF3drjgOqw5lEltEF_-q9nCiWlGlMN-V7vEEeExIreZk_XhX4XC8onovTlU2ywYlxvOX22CTrkHkPxaOU4RqeTauaDON7iiWacZy2t9684_5tRZJsCEfYuPvRMTq2Qzoa24-VX54di7Qv19tn8TcIXCa8HAtTN6eoqGGkPj02XMcY8W8mPe1s3gFNjokJklfn-UAN4Dv6SO7PeohJc702FRwwhityzIe2rzEJYULv18biXVK8Jc5fJU8gVVu9Wfe51oKgWML5hbq65ZN-PP4yQGPMELZ6Doq-xaALmnAEKNTNAVhZ8L7YEczkYj_8ypvC4NZnvXBBBKRQliwZlOA9rBJLWwUEgkVUc_yZRNz_4vuo2FvOIqmWMQOLGjyMGEaF0i6RdpnK9FO24rxGImXYapMu375L8zkwdZYXUHDnYRkLB0S0DyYXa4rtoSDyeWYkSACH6C0ECRuR5Hj6RX3JW-hJmw72aD8d_vaZ7lO-4m4JLMioskMl4Zgyj-xi4trZKT_WMMd3WsahKU65I1-QNQLqSfH7XvHSgv8is_0_SXfkLLqup8aESpmAUn6uBiVytSH6G0gPSkle3bB37Q9KDr5eg3QQrv5X9elR1Lc033wKjKqCTJtZEq_mZgVu_wXxM8z0vECn_ylL0bSMk1pfx0ZtM-rgbCCXzdDzWW6LyCYM5EqU6PGUCsWuwsR1BCMR2nRpuZ7P_TavRMaSGCl-bfQYzzzzsWVGy9kBzzZiVjXV7sD0V_xaRw2USY6QLstdVG12QZoLw-z2iEYPwbcwXBKhludcPF58LYSUkszn8iTnQ20Ve0up3JmiD_20lSYpGbkrG4qg-sJN_XgTG7OwxwzCqUEKGdcHHiIr5J_IPLFov29lIB1oCVel6nI4IkSQpcVKnjdjeP9Cps_t-OXUpDQK7xVSWSpCgqQXdRnNf-jBJ7nJ2VhemJCL3tKSvelBbrEcSOG71GXsctQEO40Ea6dnYI5WX0KNFNMllAG-_Insk3m3Dd4VrTtua-ScBMsPbQxJ2psunqFwUpcsWDQBmpb_uYOQiDkKejirVbs96H5fSVrhSkqLPNC3JqN_KdP7ZoLulyYneq8ba0VwMKQzPjurGT6Vi18f0bFVE9W2v6TscfANp1yyY2eEJS4sf_00_O7xiulavqP3caOmCk3Z770r2ksgdhHUJY7ZNoyrLL18C8kD3nWGaHivPoGUhfpkzKHZh-siRAU_dAIlDng7-Xji5mJ07F5QitXp6hYkN3ULPy9xZioTUUk4Danba5anexhGWLkki_21K4dRQ6-VS6wDZy7qw0E5iOothDmf40UXv8jLdX7Vm-sGPjpoLHpf3bKz5bpaXBh1YJA0rzWNzMPW13YjJDtPbHFj5Z-KTbx2Pu5PVZCDkBe9xhm4vYDMOHvwgn7AxrxJLVXoRLsncLb054Li16VnbqBvAjk1YlwrXmA5T3so8LsQfaqBfwFTNf1TYeee0OZIPvglu1fxFmmAHyg2E7nRkcorVZaWk2GStgFicYccSzsyZonAERjn2wKdh0EyXYAmFKvfE-wdHevf66Cskh3VGiAi-2tUWc8UqswGIwmnJOb7IqPf7jroU0s1-yqSFNlC200OfwznO0SUDELVDCAjraBBfPq6tvFYE2B3JGx9BstCXn5Xiefrm7Ns87naWxDPwKjWfiRHUJn6w_dE3e3mJVmWO_3mBPD4q4DSIQg4tcxpZJCzL8iPWZaQ4aucXgFYBc8qyJvRb-mDGVk4Ax8Furt-xafmgJhyHnH3zIE2n9fobE2d5aVLsXHopk_4UZ3GfmCMCps1UJib5y3i4Go3VHCg6zZfjIXst33zKS_qqd4u7fI0wj-qOMddqKjFOBHVe4j_nGRcZbH-KgFfjnJOv-0pCMCyRP9ufFC62AW55zKNBD238Kng2EdIs880MpkIwZQNlTuGS9&cid=CAQSGwDq26N9D8TiCgm-tesNQBaTWrVmL5Jeu_kKrhgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
cafe /
Resource Hash
fda37ba2e31fb2dc81e427d724105c2a3785f109d553137b12e54df2bc5e8ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15875
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9D00
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6n34Zxa-Y_2hLJeQ3wOg-6LwB47z5YduybTx7owR8C4QASD-_IwmYJXikIKgB8gBBakC3XyitBACsj6oAwGqBP8BT9CAP7QccDhVvbKyrzj8K7C64OF-_yh9UYC1m6P99F7upuAbHDIZzi0b1K1hN1EIzjwPrmojPmWFdaJPg8V2ZT4Tk1pmn28Ub-qbgq3bK-gaM3DNaVnudof2svHJcqGFN5XduTCUyy9pu8x0mfwRLeMZblR9OBs1n7x0lLG7V-oSyPjeKeg2X-1lDRtnstPDFho5KCNLkSK2ubRj5hztr4fSdp7T1bGcZ5LfQzvwq23WuTY7J1ZE116izwvLCrrhLAPtt2UXu4tUgxTTRw_kOWwKc4DE0VbRufSIjOAd6QD1TdO9gVVQIKje82CiPrQcSYVHPZi0ykOGJnASNtw0wASkiPeYrgTgBAOIBbGKy_1HkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEO3vDBiwgv_cAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBO9odIRyBPA9M_hA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0wNTEzNzYyMjg4MzgxNTM5GAA&sigh=liob8lvyOmw&uach_m=[UACH]&cid=CAQSGwDq26N9D8TiCgm-tesNQBaTWrVmL5Jeu_kKrhgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=9963240149&adk=1465925453&adf=2475735409&pi=t.ma~as.9963240149&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959295&bpp=8&bdt=908&idt=405&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=1489&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NCKpomCwho&p=https%3A//www.daisyyohoho.com&dtd=413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9D00
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab02c043a24ad1cd6d31b619f509cc3188ab340d248cfa4cada5ca27500559e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 1117
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPagZhOVzcz3x3-Afxo7xSo&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPagZhOVzcz3x3-Afxo7xSo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPagZhOVzcz3x3-Afxo7xSo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1117
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y74WaIBQ1FoCDPkPzAVyhQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1117
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPsGXGbII7FMnEWvxYdaAMU&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsGXGbII7FMnEWvxYdaAMU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:40 GMT
AN-X-Request-Uuid
fdf1d2b9-90ba-4c35-9176-98c297f4a34a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsGXGbII7FMnEWvxYdaAMU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1117
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNGg1AIQkMPVAhjX3r7LATAB&v=APEucNXCxIQp7c4EcqrKXSO0LrsJVDUZ0gRvVLEVBPNHWGW6KAJFaKKEuxPMo-mOYGCkF0ZObc2i-nbB0dzfd-dHqdQJb9SzRIqQ6SHbx_9Y6b8qvxpjSDuChcMuF95rxKmuPBfjoBP-rLqcBUNf71IDAT9-J_CZjnoVAsRzvbB07j7zYaCl0d0
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 11 Jan 2023 01:52:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ea2c37c8-44c2-40ab-9d65-6105ac1a54ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D75
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9889620097787&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D75
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9889620097787&version=m202209210101&ct=76&x=1&cor=12013401495894663000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3D75
68 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d242c3508886d21c567593e72cd4ccacf43bc7c2064a74c201b700b8237c6b61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/ Frame 2D79
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 22:48:50 GMT
etag
10353107486223812946
expires
Tue, 24 Jan 2023 22:48:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/ Frame 2EA2
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 22:48:50 GMT
etag
10353107486223812946
expires
Tue, 24 Jan 2023 22:48:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 9D00
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 10:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 10:02:17 GMT
file.mp4
r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9D00
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D318790046A9DD8DB1FB8801B359C5A736557FC.0137E9D714EB7368119E24C60AA64832B6F0AEF4/key/cms1/cms_redirect/yes/mh/Rm/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknek/ms/onc/mt/1673401591/mv/u/mvi/5/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
HTTP/1.1
Server
2a00:1450:400e:16::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 01:52:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231083
Last-Modified
Wed, 21 Dec 2022 13:43:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 11 Jan 2023 01:52:40 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D318790046A9DD8DB1FB8801B359C5A736557FC.0137E9D714EB7368119E24C60AA64832B6F0AEF4/key/cms1/cms_redirect/yes/mh/Rm/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknek/ms/onc/mt/1673401591/mv/u/mvi/5/pl/49/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB8C
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lcr0bkaj&c=5577698863985&slotId=2788849431992.5&qqid=CKPugYu0vvwCFUj-dwodF28CzQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB8C
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
119268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB8C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
454225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB8C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZygAZxa-Y-OeLcj83wOX3onoDI7z5Ydukbbx7owR8C4QASD-_IwmYJXikIKgB8gBBakC9JgKwM4Csj6oAwHIA5sEqgT8AU_Q6F_NEv1hrvopWPn5kcMyZI9O4kQqmEIUP1L-acCmi1hgBJSwqRTStGTbeV-L4V_XazMtL5HOAigpuYgOK4AVTqiBbslAX7TpH8TEzZ5puKlfPtLwdkqZnPQanD9lr_HBacIJv4H5cTatT1C3j7eK_HvCfoNd5TbycTcMZ_zi4fnXt1bM1FNfH0NHGYWfFVt5iNcSWmyE6r3J2mAh_XFmVFgwpLJ4MGy6oUJ14eJWxCpvC6Qb4l-zKvLg3M5qr2EgHp1DoGF-m1HIonShUR7qBKMNarqauSMSTsKH5eM-UIrzenI13moTVfWPFptxNROWvDIfwmWKP4romMAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1673401960381&ai=CZygAZxa-Y-OeLcj83wOX3onoDI7z5Ydukbbx7owR8C4QASD-_IwmYJXikIKgB8gBBakC9JgKwM4Csj6oAwHIA5sEqgT8AU_Q6F_NEv1hrvopWPn5kcMyZI9O4kQqmEIUP1L-acCmi1hgBJSwqRTStGTbeV-L4V_XazMtL5HOAigpuYgOK4AVTqiBbslAX7TpH8TEzZ5puKlfPtLwdkqZnPQanD9lr_HBacIJv4H5cTatT1C3j7eK_HvCfoNd5TbycTcMZ_zi4fnXt1bM1FNfH0NHGYWfFVt5iNcSWmyE6r3J2mAh_XFmVFgwpLJ4MGy6oUJ14eJWxCpvC6Qb4l-zKvLg3M5qr2EgHp1DoGF-m1HIonShUR7qBKMNarqauSMSTsKH5eM-UIrzenI13moTVfWPFptxNROWvDIfwmWKP4romMAEpIj3mK4E4AQDkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATvaHSEcgTwPTP4QPQEwDYEwqIFALYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame CB8C
30 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CfN2vc4ZdGxtxkACzbHYfQbGT-0OifVKotmyZkU2YAiMBLMIIucVlF7blKbAm5hurgXnjgzRVAkuqNgKRcBEdEfFnNGQ&cry=1&dbm_d=AKAmf-AUWHONpoMY79xhoQKUGZqz2yWBLWXmksSTSgjIR4y_QCYMLWD8ekPNaAlNLND1tCDCaRPhKZOWkQtaa-A5StlyjKmDKp-W8OTwQH2Jec_vqol225pe21CfKcUb3qrWEF23wRJTmCS4H9HqY2QCsl-bS3GzW3dKxJChQ-44eby5-RZ1lncfpiNQjj6eiGAfr4JMynY-W6gD8SyNDL4U-gX5dXxJtdhbTNjc9RasrG8SlOx7OfLEOaZHueT9wmhIv0yCGK-VcqT-4847xJXeE5IOSUfZvX-rk8S_3I8H5BVifuGFdvtX0QN9SX02d6dVhDyMh4XRO9EbMDQVbmfao6DSx-Vg5AelUEUdObO9BouoMz2V8KewmR7Bb8GY-s6OeF9hsF8hvBwy1QITGjpEQ8QyNnZkL-Bnhmwhpo2xjQh8-YbjXFVG4fZLHHbO6-BaJ6nM2ahxmTnYB8EyPVuLvzsYr74w_Z1iJHptYsIDLEl2e_lMhNFuPod1uMecd4zWbKxtqzpB9TqOhuFYH0LUB2DI00-lPYpm3X_5NePGpJb3oSKRf6JhaqiTw6AE72k4CN1vZ1ao65b_uweJP_Bq7fQj3J0DuF2gXbTRK2TDOrCgP-AZ7zeHoer0eGsFVQuj00ZX3nPjW1Q9ogk2FLk7uZtFUPYF8RxOQZpZI-xmGMnc-meHn8eK1iZoq-10MeQjMgHnyJ6-adVLP0ryqOxQAnRZu10oMoxDOP7yWD5nBJ0QORIUzP5DhYeQXYH4PceG96BPnmi6vdJtB35GKp7wJyA8QgfkE8RLMxd1SJLy2mmS92FN6J4gVXKRoMPBbaEhVhGHyw2RpAaLsQHYlQcRkGVixTsmfOShBPYvMwhcLVjshCE5gjRBMrhOma-6Dy-AbgGgCEmMPx-0_looML0xxEwBcKI4_GmTHXeLL6NegiFafC5eo_dYHO6PkmCGRv1tGy9H0BozJVnLBuLTxM-YSWjy7aP03Fpsg-M4by15Vu6ImmSPNRRELpgpoYGYIQKGxggPUKTg_6pl5mSqCVzhrCnHiEGV1aOoHJGq_OOQh4gdePMJMTG7thNHHMKMbkGo-OalH6df22GkcvLoeGjiyaOtfpV9SAiQgNKMd9U3Nj5jldJPnai_o6xLL7LVgz2RQpH5Y35-vtkCSNr8omWFWWtj6e-f_jq0FS9JO5_LraxGo4HHy2TnMYc60L3R4rBfemcO8Aeufck0XCOYh5uA6cFruY-eXPNjFIpCBkog2P583c_10-vyJ5jHsyCjbAaxzunQovLkvEZLJmBsRD24aIEZxmOMiev5KYk0QinCJ-UFxq85hFHITsGPdZ9CDWSfDizYeG_Oi2xIHjk6-OGoCN1UZ8qGQOAa6JTsu0RDZmSJwtTbP3-tW6HyTGh4MqpRAP7P_mtG_COP_Z4CSzb10q2bQb7MOEJQUZ-0_DEZGyrlzQAJ-sRGRw2Y9-gXT_7W1pYnUC7z6uHkA9BFsz4r0DVhlbhog0fD2nI3NahIG3Ln4et-GRI92uUHd4dM32yvsqp9G0jcjQMhc8PmANNxvtE9BRw3qus4DWFTPC-V--YWrU6inlKbzJAsMwZ9R-F6sFzrN8sG46mibKuf5c4HswYKSSANpV0tRlKUi0VuQqJrr-F_XTPyAw0GpcctboU6Yey8SZ5dmv4Fo6xXSKGWEvdlkFAKSd-jP9EowV4T0x-O3ZJ0yXeyzkEdoaCv3FcvgGNxfrL-zXc3dRjtRABd8xhpuq-ai-ayP8MSIsnBNKoilMV_sFcB3ySWyJDseJn6Aa0Ml6LwE2MkjpNU54Jj6K9XEqjsT4c2lo0jiYpifsb0Tt5ajEB9tOid68XTgFFAYwlu9oypmcNraCr0oljs_h3H31OE_T8GXvlO0DZaA7RUR5vk-jx-Zr2H2HF2VzxdOPK1miNXEC0mHM8XlbUOXk5CjhKGb9PnSLn9liBsrFNhLF-VyHReRWyu8RKmBbdja4Y6ceRh6wFrHOX-upUhdL9X-5ztCOa_Ec0hM2r7DpkztWvjhz9WzMj8dfYG52xO-zighryA9f7S0EmE5sWKxba9d1CjzhcZRuzHbMEATN95vgGRngfxh6cpLTLD6FzOnJtd1Nbev_2Wh4OCV7EIUOJvSGTkAUWZcmCXueEXk94MBAlWrWS0XivmxoVAG0O2b_e5ahgfrjJJty1C6GrBRIiyuakImWBTwNU0o6WfBepqFSFEy6BTwvm7FQY9Pga5Yzd0e0PtO0vziOat966KUlEtCtwcMmyLA38OoY2QOgzIaG_DtOhw6H_zm62zhyzNp8TFdgmLuM3s6reOrz1l-oLETo6i4IyFqJuxW3k-Bc8DCkrTmhlCEVcpm37mCNd65_DA1yjjdhthShdKPyV-b0jIaHjgHD-a6wvmRooJKLMOfj0us0DiE7Eitp5K8uOpzlp-zDjiNAYDxrZPvxMrRvLvdpSq-WhStRaZlCrH3ZQhxVjnhlqRRZrOhcWU9xlOxNfC8fFAjxXKohBoU60cSc9pa6WSm2gKxPjRQsIZ8nAwsXVWVhtwz5JtTKkZggJY3nmJYO5MwfjfeJG4PmRV6qaJoznNf7egy1G8Z3_QvlFDpzV0ZRMoBp0qDrzPeoVnqo_2H44M8_k8WElccvFs7tNuCZtc2kz94K2kSZiYipsk63WYM4a4Zmpno9YHKGU2RaYgVIGLDBh2p2zMroY20ySpqxUyN_WMIYN2W3fB3Qc99h9ITMrTDDu_OuqZpKGXqOym_1PvRcf2RXnrdQeZ0qIO33jRjltJa2wPExQn69_McqOH5tRBcTH-G0xef9SzQDFiFNG0b-XOecxtxeKACaHAOZZ7ERx0T2hdamovjfN04nZTQgm_DnqF-HgItfLrbpgTSHO5tYI3q7kDNRJ6Gy0R1ElJlNqowCX3wH4SPLYRtv0JEDJjJKhPpbrIWWjvhj8HdVMtqNAdbpbfNAbyL3_7xUewp0EjIbY3FHs-aC528NTfH7K7NRA44tzsYtHhoM15Rzbn38xGRUkTC5qLUx-DyX4PhjN1mnCsjI-N39ZSbgWDFzBeo2WBiVqwfkfkuZzy1tY9WhdVV04XiiVdAIARi66YD6n9tIClHlwWxZtunE9KeD8-NXJGrrrff-MT_bndAmPn71K_IsWxiI_gAAJPZzTrv7B-OyYn5aIu973NpH-T7YOlsdd5NWQuOMg1Mm-NrP-pkEXEqP40Abx8FFdBHK5gDxUKxMvzG58spb16i-5LRj2teNY5hMm43X3T05MK0-nzAn_oMooHg46IL5NkyndSGemZLoeUFxTgk0DZxS6Uv8Q-KHW9i0Z7cNMbBGc2HgWe-kBBpcQBHVK7ZHsF31eCt3Vs7bFvwLnVWfGOCkQJLtexSJ2Kq5DfWPJBQvAvOPdwVjN_1C8QlgisP1VgEpqbychNQoCkfLUc9y_DHrnzDYN2PWhVFVzcYptApB8HNsIR7J8sUD-eOUIJx70t6pIAY1vcaUh6CFHcauK6ZFCUA2BkBcxHk4oeahvAtPTbihDK7jFwFkcrqMxaswdUri2vjwanrSLcK1Ix-zX3TbQ0ozvP9CauSLcxqjzGddHyB9IQBQieCbAHOezZcWV6yKBJKVOK2aD_r99DPOwWsZYo44w&cid=CAQSGwDq26N9TuUbEKWSxPK6HpTQNjp9syvNKG_RPBgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
cafe /
Resource Hash
517903192a6b3a90c46b06a5e7615b5a4e477c03ac78af7e32e1df894152e24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16194
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB8C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGMGwZxa-Y-OeLcj83wOX3onoDI7z5Ydukbbx7owR8C4QASD-_IwmYJXikIKgB8gBBakC9JgKwM4Csj6oAwGqBPkBT9DoX80S_WGu-ilY-fmRwzJkj07iRCqYQhQ_Uv5pwKaLWGAElLCpFNK0ZNt5X4vhX9drMy0vkc4CKCm5iA4rgBVOqIFuyUBftOkfxMTNnmm4qV8-0vB2Spmc9BqcP2Wv8cFpwgm_gflxNq1PULePt4r8e8J-g13lNvJxNwxn_OLh-de3VszUU18fQ0cZhZ8VW3mI1xJabITqvcnaYCH9cWZUWDCksngwbLqhQnXh4lbEKm8LpBviX7Mq8uDczmr3YLrrDtHm8-F4rINticPmm56NJnr6EO0poXFtyCTvyibkIW4O-5IeQz1NQjqk7OG907-QKoIUgMHwwASkiPeYrgTgBAOIBbGKy_1HkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeg1tbHA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEI6xDhiQ9f7cAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBO9odIRyBPA9M_hA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0wNTEzNzYyMjg4MzgxNTM5GAA&sigh=MCY-ZDHJyqI&uach_m=[UACH]&cid=CAQSGwDq26N9TuUbEKWSxPK6HpTQNjp9syvNKG_RPBgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=1047152939&adk=2060117168&adf=3608860179&pi=t.ma~as.1047152939&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959303&bpp=12&bdt=917&idt=415&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=3827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eChc8UkpyO&p=https%3A//www.daisyyohoho.com&dtd=417
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame CB8C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b11e7207a9d3388f75af88c644f1c35cb0ff31e95c7308387aee62fd38f4d811

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2B28
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 10:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 10:02:17 GMT
file.mp4
r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2B28
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D289FF4D6F6789E7ACDA7E27324EE69F4067457.3D818F4ED3D49008388BDDE0D8383116EDF1D835/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1673401591/mv/u/mvi/2/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
HTTP/1.1
Server
2a00:1450:400e:5::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 01:52:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2225789
Last-Modified
Wed, 21 Dec 2022 13:59:38 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 11 Jan 2023 01:52:40 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D289FF4D6F6789E7ACDA7E27324EE69F4067457.3D818F4ED3D49008388BDDE0D8383116EDF1D835/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1673401591/mv/u/mvi/2/pl/49/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2B28
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lcr0bk6x&c=4069794016590&slotId=2034897008295&qqid=CMnU-oq0vvwCFSyFgwcdYFkMyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.m0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 3D75
28 KB
28 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:41:10 GMT
x-content-type-options
nosniff
age
25890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28948
x-xss-protection
0
server
cafe
etag
12554467027428251666
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:41:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/ Frame 3D75
8 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:41:10 GMT
x-content-type-options
nosniff
age
25890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8124
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:41:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3D75
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEJ_B-QK3dLs0gpZFMD9MO99yBXOcRPgjdcEtMtoNjPo1zjVDG2c7O0RFz0UxsMB3UBxdHjsw4dQZ3XdfxRmQj57B3wgz4CqEDsuroUPrlY4XnfGtkwMJw65drPy0btGcHy39XzJ49U4vzz7yIV1s_uX80GN8g-fuI6ELsbZ8bRvNqW5xYW55rQu2ydHbCx6OVR4RiGPHKVnCl4IR4s65VLDVsK9wuxbms0nx1nQ55K7KXdwaxJbS5c9HCLkvcMESCNT5SSOIqi9aDwVSSUz_zHg6AXXxJIyYS6Ll_TTo1muER9O2SP3cbRwd3d-jlxybIRMOPpkbn3LSYs5SohS9t1g8TzmJa3wrpb6RE9tNB9EOGATN8Op4GXE47UUiIpu5kM8qoCiuIIbME7VXj1RXg9BlX_RjlsMIHtm37XV2aUJbS9A0ZUs3UlbaUcxD17beRlodV-Nnzg5hCgaLZcSgdde7wQexYEhkoNJuLCQYGX_aIs6XO_0E2kIy93pbc5oY71try2Tvt2xc3gfwU78dZOqixEvVSs2Yhv_uYvzoi2oHTHF0Z_V90aGZiXPw4S4xl14l3n2reZvKBOKpzuhmq5TQhDPsqjrwTduqLWwvgcY0LZ6ahw7JP082JVajucDAff-TT_s-K73rk7tmesxHJYfb6L_og8BIhXyU7ZLpxJhrcFdjwF_VgrNP5nU537HAQTPd3u5nN6sNVSKvPAcdcBqRh4C49daHYtKfV62pGbIJ7pKD6wuIVxNibQpCe8uAFqdBDeQmq4S9JHBZ_-bhxWZ1dOihoGx3fijKfrkVEG4YN93RpI2FuK3aKZOABvQRrECs9Cyb_EvTTZszGh0tKFRrWI119YOT3wUWYVYP_zluBGZqyhoaEFfLregT34YshRaY7D8Oyis7R_jRbO6QzLWq2khLC3KOGzfeucXVrato6a0N1RhmtwmTtb5szn9q8Y6XFql6kV3Xo2h0671u7N_pcac-Yb6IjzY3NsPxauAG9lB8jPKdYhDop2WOsne8LyhM-XKB0796a1T2ylDbW6E6HTd5wLDDJpca-OfA_sBgulvW1utL5WDSj52ROIMnqm7ugC5w1RIIxCgXHcf6yX3bzgSfJnF9kDJOqY84FwLSISIwES9YqW4Nu-ka_gAxi1DPqo5s5dqv0pLjArZ_y6mzRR0JPb6vhmcfxXgpJ_ORdeK0xPWY8bshQ-Vd5EWU&sai=AMfl-YQ4nMrZSaMIXq0-xSOaswpBp69ni5NXit9LQK7xjDy5qiw0dUWJf7IMd4g_BWZPWAdjge7IHsZbdBPEf37cykg199HCVtIAm4dsIe8Fjftcaf3vlE7a82GPHTMoX-2gzPJSgcDQoO3BFvFj0RQFJzSOTHcbYSV1enXNLkDctMrp7s99GDjAdqQejBwNnCEBrMyH9ryiKOrp_wQF_g6HylyxGmrPx4m_GkKvpyX2oPoBMeEg5KXqWX_X5ZdkJkuOXYDk9NfdltGWh-sgAB7ahsA&sig=Cg0ArKJSzFLLGh8vEes9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230109.17287&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 11 Jan 2023 01:52:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3D75
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 16:15:08 GMT
12417608758743224062
s0.2mdn.net/simgad/ Frame 3D75
122 KB
123 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/12417608758743224062
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=600&slotname=9676299680&adk=3038930478&adf=3334655243&pi=t.ma~as.9676299680&w=290&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=290x600&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959459&bpp=1&bdt=1072&idt=272&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&prev_fmts=0x0%2C821x280%2C821x280%2C821x280&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3128&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=BSfgjxDxbF&p=https%3A//www.daisyyohoho.com&dtd=276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717a2d98e2cf83ac66db4e4a3843ac5f21b682d1183b797625a64700ee519bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 05:28:06 GMT
x-content-type-options
nosniff
age
73474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125005
x-xss-protection
0
last-modified
Wed, 25 May 2022 20:31:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jan 2024 05:28:06 GMT
css2
fonts.googleapis.com/ Frame 2D79
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:08:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D79
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:07:48 GMT
x-content-type-options
nosniff
age
27892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Jan 2024 18:07:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2D79
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:12:12 GMT
x-content-type-options
nosniff
age
20428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Jan 2024 20:12:12 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/ Frame 2D79
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:59:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
24816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8191
x-xss-protection
0
server
cafe
etag
7335088802737092762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:59:04 GMT
css
fonts.googleapis.com/ Frame 2EA2
4 KB
621 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:02:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 2EA2
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:44:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25685
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:44:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2EA2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Czeu5Zxa-Y9j2JNiKrATmpICID53cx_ttxOujx8kQv-EeEAEg_vyMJmCV4pCCoAegAaDA-Z0DyAEJqQL0mArAzgKyPqgDAcgDywSqBOsBT9BAFTnRbIznUylWBeltgJSi0tZgBLuwO-OIvXVWiavyZrkbpWFtIFFuvllr-qzp4Kz9v-io7PLubJ4-6_tDla5CsNlqbNNd647Da7TYjKM6O70bUdE_ysJTK8pAFFa1Kmu_XttzsugtRNvgCVBWU9SC2ntI8cjDywcowih_ksuxxcYxVhHqytkTa_PWbG6Z2yNLSH3hrMgqNqMsr-vJ3WenmPIzbxpyEnk1pG5NrYABvEMMJgnpcWBW2qV6rETSDRVVZmDnp0o0VTKIeRXi68Jgl0B1sNv56SVoT-iETPVyJPXv4jZbNs81FMAE3JSjwpkEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8i_hmKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCovAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMDUxMzc2MjI4ODM4MTUzORgA&sigh=FWZuZZCDl1g&uach_m=[UACH]&cid=CAQSGwDq26N9mOVVfyzLEyMPfT9jkPn2_PtiXabWDRgBIBM&template_id=484
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 2EA2
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 22:39:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 2EA2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
19165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 20:33:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 2EA2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EA2
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 01:52:40 GMT
1507d5c23d710c2e70b81f354fbf7065.js
www.gstatic.com/mysidia/ Frame 2EA2
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 12:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 20:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 10 Apr 2023 12:22:20 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/8412430915636472622/ Frame 2EA2
41 KB
41 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8412430915636472622/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df39ea7353fb9f15866361bf8fc51fd391637fd23aabfed76eb97762c7dc8680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 23:07:17 GMT
x-content-type-options
nosniff
age
269123
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41910
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 14:33:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 07 Jan 2024 23:07:17 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8938558491994829516/ Frame 2EA2
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8938558491994829516/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be611e9fa69d7565e64e93e5545e1d9a680dda0cff4ab7fb41fe4565e3d4474f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 07:22:45 GMT
x-content-type-options
nosniff
age
325795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 10:02:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 07 Jan 2024 07:22:45 GMT
config
powerads.breaktime.com.tw/v1/bt/
232 B
459 B
Fetch
General
Full URL
https://powerads.breaktime.com.tw/v1/bt/config?domain=www.daisyyohoho.com&pid=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4&device=desktop
Requested by
Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.75.71.72 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41c6622647cc1bb0c11c31d24447f4424d5c809b208d57a4fd67b5992034be46
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.daisyyohoho.com
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
content-length
232
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7638
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 03:42:27 GMT
expires
Tue, 09 Jan 2024 03:42:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0D12
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 03:42:27 GMT
expires
Tue, 09 Jan 2024 03:42:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame CB8C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 10:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 10:02:17 GMT
file.mp4
r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CB8C
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/062FFC6926F0CA8878AC0647DFD84F7A5ED22EE2.525E973FDF6647A75AC095DD65B9852C817C0667/key/cms1/cms_redirect/yes/mh/KK/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknee/ms/onc/mt/1673401591/mv/u/mvi/4/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
HTTP/1.1
Server
2a00:1450:400e:8::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 01:52:40 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2239729
Last-Modified
Wed, 21 Dec 2022 13:53:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 11 Jan 2023 01:52:40 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/062FFC6926F0CA8878AC0647DFD84F7A5ED22EE2.525E973FDF6647A75AC095DD65B9852C817C0667/key/cms1/cms_redirect/yes/mh/KK/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknee/ms/onc/mt/1673401591/mv/u/mvi/4/pl/49/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3D75
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d28579226291bcc75381cc69fc59b7c88631b56cf6ee2ca63041a7cabe72a81a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3DF2
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
351408
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Jan 2023 00:15:52 GMT
expires
Sun, 07 Jan 2024 00:15:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2EA2
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13fef5261e3eb60af4bc574b2a3d350c8755336ef8d093b51cdc932cadb264c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 3D75
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEJ_B-QK3dLs0gpZFMD9MO99yBXOcRPgjdcEtMtoNjPo1zjVDG2c7O0RFz0UxsMB3UBxdHjsw4dQZ3XdfxRmQj57B3wgz4CqEDsuroUPrlY4XnfGtkwMJw65drPy0btGcHy39XzJ49U4vzz7yIV1s_uX80GN8g-fuI6ELsbZ8bRvNqW5xYW55rQu2ydHbCx6OVR4RiGPHKVnCl4IR4s65VLDVsK9wuxbms0nx1nQ55K7KXdwaxJbS5c9HCLkvcMESCNT5SSOIqi9aDwVSSUz_zHg6AXXxJIyYS6Ll_TTo1muER9O2SP3cbRwd3d-jlxybIRMOPpkbn3LSYs5SohS9t1g8TzmJa3wrpb6RE9tNB9EOGATN8Op4GXE47UUiIpu5kM8qoCiuIIbME7VXj1RXg9BlX_RjlsMIHtm37XV2aUJbS9A0ZUs3UlbaUcxD17beRlodV-Nnzg5hCgaLZcSgdde7wQexYEhkoNJuLCQYGX_aIs6XO_0E2kIy93pbc5oY71try2Tvt2xc3gfwU78dZOqixEvVSs2Yhv_uYvzoi2oHTHF0Z_V90aGZiXPw4S4xl14l3n2reZvKBOKpzuhmq5TQhDPsqjrwTduqLWwvgcY0LZ6ahw7JP082JVajucDAff-TT_s-K73rk7tmesxHJYfb6L_og8BIhXyU7ZLpxJhrcFdjwF_VgrNP5nU537HAQTPd3u5nN6sNVSKvPAcdcBqRh4C49daHYtKfV62pGbIJ7pKD6wuIVxNibQpCe8uAFqdBDeQmq4S9JHBZ_-bhxWZ1dOihoGx3fijKfrkVEG4YN93RpI2FuK3aKZOABvQRrECs9Cyb_EvTTZszGh0tKFRrWI119YOT3wUWYVYP_zluBGZqyhoaEFfLregT34YshRaY7D8Oyis7R_jRbO6QzLWq2khLC3KOGzfeucXVrato6a0N1RhmtwmTtb5szn9q8Y6XFql6kV3Xo2h0671u7N_pcac-Yb6IjzY3NsPxauAG9lB8jPKdYhDop2WOsne8LyhM-XKB0796a1T2ylDbW6E6HTd5wLDDJpca-OfA_sBgulvW1utL5WDSj52ROIMnqm7ugC5w1RIIxCgXHcf6yX3bzgSfJnF9kDJOqY84FwLSISIwES9YqW4Nu-ka_gAxi1DPqo5s5dqv0pLjArZ_y6mzRR0JPb6vhmcfxXgpJ_ORdeK0xPWY8bshQ-Vd5EWU&sai=AMfl-YQ4nMrZSaMIXq0-xSOaswpBp69ni5NXit9LQK7xjDy5qiw0dUWJf7IMd4g_BWZPWAdjge7IHsZbdBPEf37cykg199HCVtIAm4dsIe8Fjftcaf3vlE7a82GPHTMoX-2gzPJSgcDQoO3BFvFj0RQFJzSOTHcbYSV1enXNLkDctMrp7s99GDjAdqQejBwNnCEBrMyH9ryiKOrp_wQF_g6HylyxGmrPx4m_GkKvpyX2oPoBMeEg5KXqWX_X5ZdkJkuOXYDk9NfdltGWh-sgAB7ahsA&sig=Cg0ArKJSzFLLGh8vEes9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&vt=11&dtpt=148&dett=2&cstd=0&cisv=r20230109.17287&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjvunuTMVEYsM2lquw-27Ys-t8cV7cYyXFCWUCiba51iO3dSQP_mfnGcKETnpsi8-wCnLvwtDbuw8cLuDMyqPvZ_W8tg&cry=1&dbm_d=AKAmf-CBkXEc5usikVLRsZ6mgJ3lFIUwweHnmS6tiN3LtOhwmOHAwiJjBzNBWHq9DqngWjkOfu-BnItMC2T-bmSW2cEgPRVpbgqfXNR-BSuANVC5ImbYXm7I-KwsiBSvWyhBLwtKVTAahQ_FyqURGmlDFH6fuIjDPM0bKOubsaRaY4oKenwAA-eQkZScy2EfElykbBF-B7h5ndkg9JT45CTjtiDxzgdyIJVuhcB7mzv0NVmT7-gtBsBa9fv-Y3PvrQDvVriNVatF6sdfFwKwwgqn5ODdM3gr711mrTHRpEJQfcQNr-N0-qSOg0-A3UCNvisnLvVQWmH_YXCyap3Tus5oXWNkih9oIqIyQfJNzeRq0fTQ_N5jFz511qulg_Th_TmHJH2PDpaiQgdYIIXggqQuweMpIKLU-M9IzWTpb8tdffT_xxav1Rk-G7NLz-Z29cVcf_ikrOPfAt1L4HTl8TABfD5Y7fbi_r8kDxsKKaZT06nuE38L22v777BpcaOX6MMAWr5JdTdsemJI4E1L-7kIgGy7zgynXM0tkpZiig00ti2Wi_-sesaleRIwKAvB3lMPOayj-uEqsYtBueoXL9FUUxJhqk_8pINKjFucyhn_0nCbNHEKsUsMIpz1x8XddtoP-PCDMi6R8z4Gbxn9wqJBEG_9CT9n0aGZ7KZjNd0bfXz8C300iERSv5KMT4M-sR3m1vAsqX4e1hdOq6cSTIgalvNk3ILuT8HuBupyKRFkK5CtzyeUMT5g72Mhnx88XDu5LW5ABoPY9T7U7uF1Y-0WqYBPSZWPW09VKHnEUjQJ5FbNTi4IipzdkLnd-p1hBl-5KB5peW5twWpCTEe-mV19cqrQesgDW8kp2w1Tc_-4Ro55vbzuL7Ybyoavrwqf2Ymbdww9uC_ZSeLgtD0o-btnQAY59hb4D7nZ4bibGk9Yi8w3UcBv11yUnOgL4bGk11B86ZkrBw4g4mjwnS3ExpAT0lAoDqStLSbU1BVX0E3mCg_67_PcGZHU8obuQWz0pMv14hh9Vv9S6MbXxzixUrQR3YgFTFiZQv55g5z7DYVpD9bgBWEOJSMpRq4DUe1JbwdtqFabMH7vZCIcODMunIT4GeEBq5IuERG2V8r8WhSKvCljCSJHfywPmdAll9JHHCVWSJc3reXJYWOnk9tIfh-11b4J1c3bdqCun3Yd06aOwzUJP6FiDf7u6xAuqcc6sWkmb12eNUpsdbiwFBa8syh75BbkaDTqOG7BJh47qsZCCJWRGx7WfZBhJpsb5WHvpP8EM4j8eC5aTgRkugmVn8bYK6rpzLANkscLzLBb-UMsMsxGJ49aTtLzO65oWgU_C0USa6YTThY-OQlRKRhHvYH1ow_XLMJIUMB0WTe3hS-SA-MnijIKhYa2J_UufboQlezoRHJFRzi_aJMvS6arXQAY6uqLh7ukRG2RitqFqONt-gbm3uQnMPeEwj8Pkv8fXqOndfyCH2CXacuC4xJXvqEiwI-a6f01rUbaVv_qCMyrZEJT2U0QXJtFalBj2AhpiRVAOZUbfPvfV54jz21-6yeCFULf0ElT_7QgsmP0RwIDPhT1m6mDTpGr8t-cUj3jkJxr9_SNZL-7RzHD6MHpUSaeOqXyUVVud7eR0f58-Iv9onVIm3ja5Eogel9DbsPSn7UXb-ftc8XQl18mzMOXHsunUNADZtfvkEOT06kib3P2WZzm3u17tdABg1G9uStQK-YIxBalJgCVfxXfNoi4fE5lfootwG0JMxiI7DB3f7R_ubvOxdJsvzL0PVZUByftuBFS1ySkvZGVGrCGTp9WowrON7_OtjWbUcksT56JSEHmmhQCjXgcid-Q9miNBWMiEAVxfKrrat3nVhA_8yaEwsGo0lqcWUxFI6Xvc1Dbl4BiXwpWdKKz-bIL0YWc9-wqCYFBovjIafOQ1F7PHdS9vrrTfrkATEn_-c-VXmNkyY0vLuc4hkoJmxKkYsKFdL-Eb8eblsAIa0Ri6ZbsVJa5eqVr_kIRuQoy-wBiM6EBH5UfMr5_WnUzXiU7r3ZkBiJ5kf6Olxu0MO_iG85l8fIdQ3L7e68cVGLv-9vjq0kCJpYW-VOiyAykRq7zoaF-bwQM13NQsMIe88JHmjNglOQwP8TnYCRGy7SJdzeX5KuRch4GupkHO3ulZKIYIF2wpuFqkMntOC8CcMGrPjht63nwfntljcDPKyrD3qsDoRGoNpVgFfGNHmbffbeU0wrCgFcmktgyjrz9DY7RfjTdb-IfnCnKuUS-2ZSSh1-_pJ2xCDP0fLBP3iJmmfTiybiTD-FP8vHpwn7oauevKZ0ZoZyqfCYUoW0xYn1DaKAdCmuWVzcwFXjuX9q_jE8HEfKGjDHtPJPYapckgpjiIUdaEKzo9YwWLpLjbl7OBtix7gJnvFdPw3-dL-r2E4oYiZ3kA0EYq04JYqID53T4vltrUFE7ckDTbxFnPVyeEZKLknCNHilloxAcHQj2_wC8AO4p80vFcg7F8hGyqFqqv2f1oqegdseooTwwD4Y8BaPNbXyVLEFKwHwfeKoV3mAuTeJGUZVsp-k_J6Ux2njNCUuzIfHTRWSN0A8nZCdiStrFNd4ZD9YGF_SoZl8fjQWBk2QJEoO6bzUoPhuKJ3HrpOSW-0G24D-gmoPdNMZTihi3feqQ19KnzI_VXPmjWbg2Vl7qUbk_EnkwJ9uJslWu5FejsnNUeVH4cIUHSFazgsgF7W-TzXl7NWex8i-17stYYInPCs9H9dqvhPLkH-O5ZxoDI0qkB4uv8QvFOer5kEbuKCyW0w2lo6vKeppthS07G1J5VYQHotf3XwLxSqDejpM99vGYV9n9q57B3UR6xl3q4eU7eBbNMacB4bRjqNjaPYntHAFN5ArX97CWX4GLV6Xs3_DSc3DPfGIjONGnXXxeK49yf9M99yP6FSfKCDi3RCxrcEv4Q4FWcLwG4PvF_uz9DS-PQTe6GVIOzUwrTUi9egdThGZ8DtMwUg9GpM6ckHRb_-kxZ8yy2Agom7Awb51p7Gdfw9Q0jtAtxoCI0yawNVkBfjj2v4RDV5QgJtDonjzMVQNcpBddFpXPfc_kH_mTQkjyQiB5_T5EcPJnRHFjQd9g_UcxRTiJRwBh5EWU1bN3XXwTCSjHLCCXLX9y5zJFDUqV28J7AVJgZ-i_gwtz5yp5JzDMt5g19JYW_l_7nAUHNjSi-ILkN-s1ZLdjK0ur8vhnzW6msAtpKXbrypywUHkd-CN-fqkKlYoO5EFb6xa6R9-mMTR3eOmGJbVrdLeZgqrprNhcJbp5K09u1PnA_thW8mavEA46rvKQk7NOGK2fjqA7yg1IPOxp4C9qNpl036e2IBFaBajdxwaS0CHnCjQGmUnMskdNxrwLJOi7BA0PHM0KL8WbnqU-fkxu&cid=CAQSPwDq26N9JK5UhrzQ8e42dvekEsI1chVE6_Y6HvAnWxAumWLGBaSw5gdCTIW5cCWeUQMpbY499p78NTTGBwGNZxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=12013401495894663000&adk=2228999115&idt=64&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 11 Jan 2023 01:52:40 GMT
file.mp4
r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9D00
2 MB
2 MB
Media
General
Full URL
https://r5---sn-5hneknek.c.2mdn.net/videoplayback/id/e883c688bdcc9636/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D318790046A9DD8DB1FB8801B359C5A736557FC.0137E9D714EB7368119E24C60AA64832B6F0AEF4/key/cms1/cms_redirect/yes/mh/Rm/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknek/ms/onc/mt/1673401591/mv/u/mvi/5/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:16::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
927b7f3d509ad875c625836a864987899c71d6f7e7b81e2d01b3322226bb42dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 11 Jan 2023 01:52:40 GMT
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2231082/2231083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2231083
last-modified
Wed, 21 Dec 2022 13:43:35 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
file.mp4
r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2B28
2 MB
2 MB
Media
General
Full URL
https://r2---sn-5hne6nsk.c.2mdn.net/videoplayback/id/763ed7c83f7c3c38/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D289FF4D6F6789E7ACDA7E27324EE69F4067457.3D818F4ED3D49008388BDDE0D8383116EDF1D835/key/cms1/cms_redirect/yes/mh/aU/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hne6nsk/ms/onc/mt/1673401591/mv/u/mvi/2/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:5::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1cf8ba0f4631a85188ec997a93dad46d37d03750f5a04cf288282a6f41678a21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 11 Jan 2023 01:52:40 GMT
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2225788/2225789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2225789
last-modified
Wed, 21 Dec 2022 13:59:38 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
css
fonts.googleapis.com/ Frame 4673
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 00:07:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 Jan 2023 01:52:40 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 4673
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:44:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25685
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:44:35 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame 4673
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 22:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 22:39:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 4673
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
19165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 20:33:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame 4673
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4673
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 01:52:40 GMT
1507d5c23d710c2e70b81f354fbf7065.js
www.gstatic.com/mysidia/ Frame 4673
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1507d5c23d710c2e70b81f354fbf7065.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 12:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 20:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 10 Apr 2023 12:22:20 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 5EE6
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 03:42:27 GMT
expires
Tue, 09 Jan 2024 03:42:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 7638
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 20:04:33 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 0D12
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 20:04:33 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.daisyyohoho.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=797670582497272&correlator=3726738965955106&eid=31071517%2C31070233&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&iu_parts=424536528%3A22841190702%2C1533848-1_daisyyohoho_inpage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=9&adks=2169949607&sfv=1-0-40&prev_scp=cpt%3Dtrue%26cptver%3D2.16.2%26slotdiv%3D1533848_daisyyohoho_inpage%26mini_cpt_type%3Ddirect&eri=1&cust_params=geniee_pv%3Dda0780c1-79c2-4b77-a2ec-9509d660d057%26cpt_type%3Ddefault%26refresh_tool%3Dgoogle&ppid=da0780c1-79c2-4b77-a2ec-9509d660d057&sc=1&cookie=ID%3D9554b6abf29871f2-220fb55538db004f%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw&gpic=UID%3D00000ba0daecd9c8%3AT%3D1673401959%3ART%3D1673401959%3AS%3DALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg&abxe=1&dt=1673401960717&lmt=1673401960&dlt=1673401958386&idt=1732&adxs=196&adys=3517&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&frm=20&vis=1&psz=820x0&msz=820x0&fws=4&ohw=820&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f96e8c5673f6b4985309afc495f9c3e90ca5408b852a7c9412f8eaa6fe00d6ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9459
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.daisyyohoho.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A7D8
6 KB
3 KB
Document
General
Full URL
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Thu, 11 Jan 2024 01:52:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 3DF2
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 16:30:25 GMT
file.mp4
r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CB8C
2 MB
2 MB
Media
General
Full URL
https://r4---sn-5hneknee.c.2mdn.net/videoplayback/id/b9849012e45368e2/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1704937960/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/062FFC6926F0CA8878AC0647DFD84F7A5ED22EE2.525E973FDF6647A75AC095DD65B9852C817C0667/key/cms1/cms_redirect/yes/mh/KK/mip/2001:ac8:20:3a00:1012:5c8c:590a:4569/mm/42/mn/sn-5hneknee/ms/onc/mt/1673401591/mv/u/mvi/4/pl/49/file/file.mp4
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:8::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
dc501df06db006a5be5c42f9c89ff233375874be0e179844afb892e95f727ea6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 11 Jan 2023 01:52:40 GMT
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2239728/2239729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2239729
last-modified
Wed, 21 Dec 2022 13:53:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame CC3C
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 16:30:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0DCB
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
65
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:51:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 5EE6
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 20:04:33 GMT
dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 2B28
42 B
494 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D36%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673401960946;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2B28
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZjSVZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMByAObBKoE_AFP0PnnmzFXZKlR1Irli5EATW6pCbT_3M5vncB5NS6N3bDmmoWmlK_M6R3uRog0FRHf8b28Q0HDXJP2zAtvhSx7eDeBHCciCmaSTPLTC16rS1xzSWHV2kXPbYN3vhumMfK2zeUEoE62qOR2b4zxJC1lVPKfYcJr1maDNmGkOnr82zm_mVaXDO8z90cF-GaW4Mm3pKwlPFqultZd3xYhEN7xkxUu7TwEZQay-BxfnFMyiBNCXsRsEDSqe58owc2tDDuYhHazjt10Un39lIw26uoAkPcEl7IF_loOpwdtvDsH4uJhpK3ejrUJfzCVXywOrxAgpN83XP0jjmBDX2bABKSI95iuBOAEA5AGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE72h0hHIE8D0z-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U7sABJeOrXs&label=part2viewed&ad_mt=36&acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D36%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673401960946
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2B28
0
27 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNie6dWncVkakeAzxYzHQib0E7RU9dMJW8m98SYm0rREyvZjZqjD5bjYQZ3Qa0TPCWTsTMEBjzGRKeykoCTJwLKIppOLg2svkV_1dJmjNIiUzaX19ZRlxAXVE-xSe-Ms0aXi6z9yZXzVjB7pD3XmNLiA_gl2Kcx5FQPJq2o5mKQhp6d0rH_chno6Pa7BzFSvGpDR1xWgDNCZjuzCBqg9RJC0_Vv5HOJ5hn3fHGkMPiQZHCw834Uc6B7h7bAf3QN5XP9pmnYV-WzMthzA9M7FJS8E-7lPBK6DARHiZGfh0OgPuehIozWMXhOJkvgO8mBRChszOkc_Xig15ANp-VWDhnEfgP7NTLZW-6toVSJhoOG5JsKht6ek2-17bCWvgfpWJrIK4fFmT2Qz51f9_eW1VxvYwwSOWlOdhtqZHqPbrf6QVgSRwY7DFm95D5N-tqepA-cPKaZiZEsVo7L6RXaXmPjXt7Hf1FiLpv1dQC3xDEcsbq2MPCoz19WJicKEglUdp7nWWqJ5Qt9WBz6-Hvp3PKYz_ajTUzOWHBzdzuPBjMHstgpM6fMZFBRR23l2v9Yko2AaLhs7y44cUQcn055KtljrvAgs0S6b9j8VEE_mWrJDt9wc_0Rt3_tuBs1shqcD_U9fUmMHz09DVVpQMAf0tGB6lR9yjIBxP5eAJuARd9sfxDv1RPmrFS1gEYtGZWP6X9UDLcZZV1X9gejogsg27cH6lG6BUKA9706JOffx51_0GOpVDTQ6WP1TdbfXbROb070G4YIakMCDY_tVnt5OuXl5gwHSNDppox7TtAJlHpBtgnYwW9Q8OT5WvloCw_SBSWqfw_mtf5czKxeu0UhIxVNQwQ6IRuryjgEQxzAU3VRMYc8PN59fj_By2ckmK37ES1uh2CmnP9SNWdyX8rdjcFpHS4PCqzR_qfkhiqP60L34VvP8cyu2nFL5HB1FLB3flf3srciGA1NTUBDs7EB3z70fLQoj53NFq_3Cl8spn-lEDKCSCiygsG8v60pqObs4Mzf2R4Xb2zS7Gn3WMZDO-2ub0IPXN0WhCaiH4rP9WdYJb5pRgjpeaslXRl8QSqUa4rm9_986yz5PhEbB_NFOpxXs-qZ4PiDiBBtL-NUAvU_bjsbJWmDevIBvTnwhQ8pYwK_CkAcmU95kmciOKCiTRTVg&sai=AMfl-YTRm8cGTIlR6UNPNVPzPkLn1E_4173FtBZAZ2NYrpAWeCBBFDFCRcF70o7kQrfjaJPL05btrU5N0egbd51HOtjxbJaJHsB9DZV-fw13Y_oo_9IRXhmD9-MpRHUV-F5MgdH1pxjrr3Azf6jVRbW7WgBud1z1FdBMcmfpIvAxlm6wiTiVyjvLWyYleQ&sig=Cg0ArKJSzIXYeEA5BBb3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2B28
0
16 B
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQtNzy4gMYmPn-3AEgATAB&v=APEucNWLYQMJqXmjdBUAQ0QyYNuuHPPsMIJ2Jp_iTAqDk_cW660zCFl2A7cbfuBe0PVAvMRaOwHma9zOxrZzFzTQFaTslDgQCQ
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B28
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 2B28
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D36%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673401960946;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B28
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUkGOCCJoi1KhCNUSWPJiBZng_ak9Rjx8FTJP7HqfLsGuyDzn9WR8KGBQDdPxaIdVGTA_PbmYhIkrLcBo0eWh4RpumPQw_YxSsRkmrz-JQDBayXUxbocLQssw3&sai=AMfl-YSQ12U7zcoN6HA0-ME3d6v6DctmMaDypI_9BPOFLK_zjG9b6WXcJorod-0GfZ8vMTqjsra0l2Yxqxg2Mnw&sig=Cg0ArKJSzAYqGI9dVoZmEAE&cid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM&id=lidarv&acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D36%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1673401960946&avm=1
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2B28
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZjSVZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMByAObBKoE_AFP0PnnmzFXZKlR1Irli5EATW6pCbT_3M5vncB5NS6N3bDmmoWmlK_M6R3uRog0FRHf8b28Q0HDXJP2zAtvhSx7eDeBHCciCmaSTPLTC16rS1xzSWHV2kXPbYN3vhumMfK2zeUEoE62qOR2b4zxJC1lVPKfYcJr1maDNmGkOnr82zm_mVaXDO8z90cF-GaW4Mm3pKwlPFqultZd3xYhEN7xkxUu7TwEZQay-BxfnFMyiBNCXsRsEDSqe58owc2tDDuYhHazjt10Un39lIw26uoAkPcEl7IF_loOpwdtvDsH4uJhpK3ejrUJfzCVXywOrxAgpN83XP0jjmBDX2bABKSI95iuBOAEA5AGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE72h0hHIE8D0z-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U7sABJeOrXs&label=vast_creativeview&ad_mt=36&acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D14976%26vmtime%3D36%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1673401960946
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2B28
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lcr0bkcr&c=4069794016590&slotId=2034897008295&qqid=CMnU-oq0vvwCFSyFgwcdYFkMyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=992&mt=video%2Fmp4&vs=640x360&dm=15000&ple=1&umsem=0&event_name=first_play&asset_bytes=188914&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.11k~videopreviewstarted.11m
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
footprint
catalyst.breaktime.com.tw/v1/
55 B
360 B
Fetch
General
Full URL
https://catalyst.breaktime.com.tw/v1/footprint
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
24516b0f22fc3aff2ef7b9a75f4ff20d5e96e0eaef35e222b6e6035c648966c2

Request headers

Referer
https://www.daisyyohoho.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 11 Jan 2023 01:52:41 GMT
Server
nginx/1.13.12
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.daisyyohoho.com
Cache-Control
s-maxage=0, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
55
footprint
catalyst.breaktime.com.tw/v1/ Frame
0
0
Preflight
General
Full URL
https://catalyst.breaktime.com.tw/v1/footprint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.daisyyohoho.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://www.daisyyohoho.com
Allow
OPTIONS, POST
Cache-Control
s-maxage=0, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Wed, 11 Jan 2023 01:52:41 GMT
Server
nginx/1.13.12
Vary
Origin
container.html
2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBE2
6 KB
3 KB
Document
General
Full URL
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js?cb=31071517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:40 GMT
expires
Thu, 11 Jan 2024 01:52:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0DCB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:41 GMT
expires
Wed, 11 Jan 2023 01:52:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4ED7
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CBE2
76 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE2
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaE2OnjAyOXzkTB9d_mRoXkuR5DNcJ5FcrWfj6xVmkABlOa36ceBxxKuRnoPV2lUDG6pZMh-TfCKtV7ZkdEliFeqstegsDFwxHC5MNVGHgEOf-ayE
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE2
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3223242062219173077&x=1&ct=77
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unit_renderer.php
as.euw1.jivox.com/unit/ Frame CBE2
100 KB
27 KB
Script
General
Full URL
https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.240.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-240-102.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5eaa7ae6fb8ca45ea23ee68ca4718276199cb8aecaffe34a1d833c6ee50d3c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
26968
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame CBE2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
19166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 20:33:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/ Frame CBE2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
25788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7538
x-xss-protection
0
server
cafe
etag
18140588555649875417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:42:53 GMT
l
www.google.com/ads/measurement/ Frame CBE2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlEh6LyqD_FdP8ZGAzPLVgchhT6yQqTJLcdvPpDnt35afa-FHa1eItjpd3nof0sn_tMsAqsBESTMzFTz230Y0ZEDK_0w
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBE2
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48956
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673267917225388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 01:52:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 4ED7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4ED7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y74WaIBQ1FoCDPkPzAVyhQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISfbweUdHVt_BPrVlPPJp0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4ED7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEgUI9bAcu9f-pIF3QssbI4&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEgUI9bAcu9f-pIF3QssbI4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Jan 2023 01:52:41 GMT
AN-X-Request-Uuid
dcf6ba1b-89f1-421b-b0b3-6a540a46f017
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEgUI9bAcu9f-pIF3QssbI4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ED7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOrU4NMBMAE&v=APEucNWhgX2tS4qzNiuKt-vzosSBM5PyO-VxIjsBIin2irCVHpYEfADwR4k7ENvBQokXUbME7AyrckK5SVu16ZS6AvGxSA_xii4cz539dpDmSK2MdkCRBjlyXYOIKLmFTQfcUnhRK4U3rtQwC3K9dfOLsOb7KiCz3weAwSiJGm8MPMu4cAzjS3U
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 11 Jan 2023 01:52:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.28; 217.64.151.28; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
08ae4930-81b7-4870-8626-5e20017f75b0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyOTczODc3MjUwOTEzNDg3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
142 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f02bc212452001a63c090352611088cceb3405f90b4c7d8e9cefaef6da31c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49242
x-xss-protection
0
server
cafe
etag
9229097636959622242
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Jan 2023 01:52:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE2
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9160128502802&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE2
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9160128502802&version=m202209210101&ct=77&x=1&cor=3223242062219173000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CBE2
28 KB
17 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-ZSez_J8LQbLR6PkYc0vsj_q4oBiUr_WkKltSPz0OmWZcZeEI_zGnLXbwQUoVDVW-RaIAfKNbQAX0DKVJFyDz9vSqmxGn6OmhuXFuOa8fxDKT-ocjevFiFloiu5y01fUk94_5hi6CSoz8c3Td5Puu76No6RhCrqJM5E1mgMtN2sAuBws&cry=1&dbm_d=AKAmf-BrrFJ19vp4elZ3PL2DoGl5a8m0KxtR9Bw64AQeTE6XMSgWQzUcgbEB_kS5JfKLyHHbeFxw7dukI0QDG_-NOjORBF-MiljU8iPRJnE9XYc2RGx7DNe45eZFbH116gjMN2K1q36RdWWprqnpLw8qAa-VbYfDVJJfGpFiwUa1dljT6LKOQdYiyDAeiYpefZvLVFCtjrEGNYKkvYeOwb8VJe-Tog5njNH0TPPDjXzz-CvlciZadQf0rqZtrfMuG1x3Vf2jY8If1Tp5bklL3PA7YOqvj9NvtLZFZGvTRvrRxmXxFMV7uU1Rp3kUVTMM__bMBX_pq9re4xhgSMpJ7VAC4QNNIFh83-cx1zzTspYleoprbAaPEahXQpMI8JPcD3vrXYo2kXmoRRlSwwfTRIcBftaiJVF2dTNjcYpJ_n93GtwVMxA9GIQgjSS83p49mWrUzmJlIZpUgyv7QGehUMTpp0fHyBP8fTBMZXeMXL9ADkIPodjmq2TpxUK7x3wZeQnub3g4VpBOq3qD61H0Gj362KCvFqXz3i4iTqQGi9sLMCzcdWy2vai5mkLibnbuDHZtPu_UHcBzYbtGs1KDK19PA_bsiB_NRnJnz7mW7VwEkX_HfCN9rsOlmOEGC616_0jkGad6_VubIui5oJe6xsKHpAsUKvthL7cYEYFEgsjIQ7-BoHP2zo7b0WY0kFnsvk-kDTgnTHxiuK1pFFjFewiL69-mFJePyBRSYg3_Skrbv1Os6Oambu8MmRx21i6NtEX3I6nnL5PEw8uOfrAoDL5b-1mXr9q6LQiQG-y5yJyESBpR-c93xLx_MOaFoSunqage4sQigoSP4RIpiGKwAT-GjXt0w9hD6DxEX_Glh7jD5_X9cm4e2ZHKu2LGb4rmoPSYMORYI8NEIY6pWumIBJwaWj2qTdPBQaJw6XVrmTuvpyF_EeI1VfmlEzI8c3O5tfp89v7c0kkWMFEaEU6d8F1EirIcqdUnDHcNHZYI9ylDZJnK-u63phavCS8A5hANjfUmWwJLMk6pehuvAzYBw9S85OP5DIwTGHfX8-jZ6QB1JxPUU31hHB-KAvSDAkEHeyiMt7CQKjantbIKTpZu--1R7lJr7wLvBeyr0VrD8hVpBri6vCrHjHJTgG7RRm61RBTadqVdCZU38hjz3jDRgDc3J7CLchuL6gDqjm52eMKImeorH0cf6k2V8NAWEoq9Qxp6vTwKgrj9OPz_pB9dCInnGuR5TgVTuyaL1yVeoIfLu0KY8k1txYO-O-W67v8cL2VaOKZylqsXl0HP_LyeHyaX18xwDq1te6ERiWYT4fpGp0MKDdQXUFS6mZ31xdu4qYVS33z86vIhxlwi3IiHfXnvdFCi1x93soIOx_C36HOJmXl29wxmprYng4VAIj8Nbt05l89LerfJ89Y3ALgThNgCVdsimeafmNa5WZmyTW6fMnCYOkMB08cjMY-CwYLJ1A5t2GYCGT5OCqmmJB5IUhGH69nWlDiT43joknYBsx9l8iTvlj1i2Pm7sPmPyLlFDN-24fs1ajKxNXBRbf6N4aKFflaDYU3YUZCGPta-eO9Nq8ysoESsuPM8vcqRPJuQ7YrToBVMYYK4mIUzsEoprJPjbfWFBzMl8git7xd5WRPkJs8LklH_QnuHEhcrSj91C2I_Rd3wBaA3H1rpEWJF_Qk8Qgiuhw-6WGzq1JsVNsSNcwu5-BFmnK6otBQUE6Rz1lN6O3k1vzDopkf8KUraO-slGzbjcC83cziNxmNKuhAg6KIz4mUaznowRtim1-f4fH7uw_QXX6UHroBz2mWAChXOvsb-EQzWOvuOD29FA93CFmcSk0lL8-jBztz39My-m4hMir1Ra75WGlsGFX24oAAvTAkS8VwbVZ79NWNhbh4X1iyr8WtlChbzBOw-dN-wDP54kPZRFVj2X5HRuDRm2lTGHUA1qYtJe9bE6AM3FyoUIs5hSxig60lHIX1siQwr4-dl-xNmhAImUIC5fHNf8FHMgMGKHMb7G4fsh2ToM3D96DXqwzPt4BJBYxfkG9MHBvKDWZQyDx1rNrvOgMvwK4Wqwoe5aA3qpppI_GYI1CZx07DjnBRWDK6XYr-k6uW1YmEXdLV1gcE_DQXB8goYouZ5nA4o5c9Mys1uQNTw_FyUeTyxS3uAuil9F-IFMKs4NbrXZBS0JXMX5hDh15kQhxl6C0Dj3PqabeCU33_rgcaSWq5RvvPksDFkWtRQf7076zM4Pdc7xBZDgzLh66oznvgKamf_iXxHG_MCcLp2athg9I7k8B7vjAM8f8m_q2aQLu_bPm0XcUgv_GHEanbO1yAGs3at0p8XG1FQbQpvXiTrWHVtqPl9Mx0O_1g602JOrCPY-HnnU-aXOYxDR9Eu-ja_QUqR_C9Tnbs6ZgFzlEsxO8sDlfHRvfr8Eizj-M9wmhfwQSx77zWzwkVx72BZawhcJHjd0Zcgk-E5sDQ9lalyrRuCpKZBnwVIdee14V_zxZuUMnt7be0scy3lBH4kRcuLDLlOq7XjyBG_9TzVMj6Y2jUXzzAdwGthh9kka39JKEK_yZAVTYrSAeHW6wBe8_QZD6ONSCvg_B1RJCTCuECCdbP6cVCG8thtmZbVSIuikvfmRsMM9wVLFvsjWLX9OziPaHUAEJZgkA5UbPLzvd9PuuqxxUtDQaJwYzAb-mxkSIsHBdtgy4KEjuM9mEE60HLdYP9lRn69se2rJDOzFEKsHz0h85f1dRykEL6RrGadG1UAzOMegWAMsNUH8qNRouUNxV526N2eMsCBnXmG29kLApDNtPlCr1LJJ2iPDT6ay8U5cS-P90JWzB883R71FfNPUN0SVWXzGoq7gcpItF9eG4WgKg3bJLT9uoGU3ZC-pFY5jNSmAh8Zysciud3_O1-nbpfsWbKWQMZGTkDRe-j0nykQ5u-FTUOMcbQao3s7ZAnjfyYJiscKT9uNW7rBTuqvCktGIwxo150Ek1X2HsqZtL1WYSAt8ikY8im9nAv-4Z4EYAVjeK5y_62dFx9dRNNM9lQaFtCZ7IXknZZzbCHnu7zzw-_2tNnlQYl9yaod4rnDf8r1OHF91DE-1bKU9Cjxgtn5PLFSA_YM6kyWs0kOAVFvQ433m0xRw9353RZpHADCQJIsON-ARLvZsCs-yKn_3GnlNoFB414ug7Srm1OYEQApryBCnAtp07SzuUzilC0dgLk4Mu7TSZNTArGHypvviARJTZe7G-fwfSaktncXA3cc2qA9wq--AGI3zZqBbmpzfPnWRMFjmJ-qQCfb_J04QtDuFQEbP4BZ5LfjSsvSPbBr-Lg8Gy0&cid=CAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=3223242062219173000&adk=3944675600&idt=38&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
121107b054007b61a818eeec3d4ac0ce9e63b26a85295ec34c02993fe1d9a835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16938
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9D00
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lcr0bk8j&c=946615467453&slotId=473307733726.5&qqid=CL3xgIu0vvwCFRfIdwodoL0Ifg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=995&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
072a80fcc0ce8a8d7f4e0dff662be638c6f5a63347764dfbf06677c102fb9f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27762
x-xss-protection
0
server
sffe
etag
"1448 / 598 of 1000 / last-modified: 1673391953"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Jan 2023 01:52:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7638
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BymQeaBa-Y5CiEe-0mLAP_p6P8AUAAAAAOAHgBAI&bg=!hYalhsLNAAYDMoyoIzI7ACkAdvg8WnWiJy--nxlSfzbINzByYO93HDbw91RtzJl7234NxmUAvWZR8QIAAAKKUgAAAAJoAQeZAscN8VsZxbiDWOqDMmNUxbAKz-KuAjwUzp-VUtOPOwRsEgjdRmS_a1zfi80ardTQyHxZKL7aju1791QRLse_DfOEUAtF21z8RVLJP61Xr6DDO-QjhCd_jpN3vw6lCea7yBZ2UyhSuTG__3tmR2xBZydpmB2Ni9Q1bTalN-sClaPdqZTz8D7kM9dHG3wCN-RaGVKknnVp0svZ1DHcsH-__pHsPM961XZN-FBzwmX1EU-y0F0Bp5IU5kkfolhiyMKQabW9hIo1ty0cAZM9nS4eCXgoLaNC2NxqlkQC78nRlUwLHNvp40TwhwWEIlDtVzWIF4ovHvxg-RO4hvb4Mmed4PhXTci2LVq6lOz6ygNMN7WkkmvNmyDJtvyEYw6fYfWZ9Vlsb3eYhVmIToMENwuukXZEtZuNaJfdKgc8ql6-7Cwj11p8ocXdKGpwSXpYctxbMxZRM7nDy3wWWoXDJmcAQPPZzcRGPjjcwfOWhw30rU1LzWVCeSXssifLUa1HrIRPkGQ5Tr8DS6nZMB5wha_UBVJv5TzZtmOIjcJVJ295hvwckcLgK7a1C_agGftAAl-6reD4aZMSUzQ349U4wCk64AzvC2jXv_O4ZNeCXpMqaAD_yiL7kAamfY5774WigVm0X0eDmZb86egkTs9YNMrNbNFAJXb8wQmKwgDbNiqu73yj-iUkl0VEn8jb1Dx2SORY21IRfams_edgbr64q2cEuO3YTz4B7TKlki_lkFRavmBXndv2AbWUDdTv1XbeLxSjnkyVqDkEEZ9iRLc0I8QYrAhgTHcGsAMBRG09dGJCBZ8-eujxwb-NNpOE4-kwmST6PLWH6nybXZvZtgbNeUgepy9BU8EsTF4kwsqs2Rjjj_bMhmr-dMhRmpYR0vbE5x78zb5-KM7N5KZlxIxsOGH_cgX2qbya6TjO7UlrPmDr4ciLzd3LSFUCG8g
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D12
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B0K8FaBa-Y8OhEZaD1waBobW4DAAAAAA4AeAEAg&bg=!oqGloeXNAAYDMoyoIzI7ACkAdvg8WmU8zj7G7ntKw8BkxcOBch-2DQezc7AdI_Xme64CnMGoAReWQgIAAAJPUgAAAANoAQcKAGdPpCSDA0TZxP3R9h11ZTA_FG47yOJGfKrCfIOLR0m-G0LP6DcgW6QPAc6BeV3t84semSffOjhN0AN9_F1_tj_MtbPjW7M9x1K52NdsdO2ubGCvSj8vHlJzEYl9B4WLZnS7v6tqhZGMmQK_oGZB3BF00UI8I9u1FWUgj0OD-z2SGvyVfr4bD72BEWNy_CCV85pWAj_270XoVC9TyGm8anJ7Chuu2zyY5LD9-8ehJe93DOafSiRVkYQ2z4NJGj2X0nTyv7vylyLWKAGsJdoqs0pGPaV60U2MDlg7bsMqgvKhwpi4w_4Q-ywAKy7pzLGITSku3FKebf2NG5pq12_6n8ylXl_uNFf8Z7v_khqBjbFpLPQXHz-htVDcHhZMoO3nAZA3lyhWd7qsSBoDWkkqsm48DKHfi0efHFz5zAWGOm11wErD8p_1s9_fz4yOfQvX-Jq13eNbB_p9770xOf1-ebvj7Sad9aOGBTK9115pUIN1Rw1ac3Dr61Rd5rwSiOvSHDOHrasAMYFTFDreYM7GQhkrwCbvMeOPFKhyheaUpYufVhlxe0HW4J4UX4SBqWllGtYAwSb6425m_fEngHhOqj6MJPZasFndNo6KntZyMV5RlvtqnyVia8oN5mPxjNvvl7X8ILU89mSuR_iMNE6xmA8IXJ1Tt2yrSwcdUL0BQvdxgASam0EXqNjt0ZUNqws9jrnMi6TnFmamPA340_Bp9TcMQ31WVRth1nTIuAuK696L5ed25_qb5d02UjkxXS3tp9QUv95hhJbPWd_42P3HMUDQ7CfAF9v6vhAKvHEzIX0kGaxd9EkMlPK1aT6XmLNL67x6ZfaVHbeFbaH8921fXqOV3DsWSv1DAFNV9K8N4x6_B7qjdCjduNje8TDd44As3rspM4G6KV3KXd2mMO5X6G4e7dl8CPIoxv77P_vdI5yJVpnPBo8zXrDyG-pxaYkI9Hy0Yvb-at9xYchBhz7XCizgAPepzlrm2MZJYtCkIzX-qz6_Ggw8h2kuDxDIPF34-QEwfoWDctQ4Kvkp2vA4YnLl7IY2ro6i7QR9dGgMDQIgf86FyaxoM0OuUg
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/ Frame CBE2
28 KB
28 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-ZSez_J8LQbLR6PkYc0vsj_q4oBiUr_WkKltSPz0OmWZcZeEI_zGnLXbwQUoVDVW-RaIAfKNbQAX0DKVJFyDz9vSqmxGn6OmhuXFuOa8fxDKT-ocjevFiFloiu5y01fUk94_5hi6CSoz8c3Td5Puu76No6RhCrqJM5E1mgMtN2sAuBws&cry=1&dbm_d=AKAmf-BrrFJ19vp4elZ3PL2DoGl5a8m0KxtR9Bw64AQeTE6XMSgWQzUcgbEB_kS5JfKLyHHbeFxw7dukI0QDG_-NOjORBF-MiljU8iPRJnE9XYc2RGx7DNe45eZFbH116gjMN2K1q36RdWWprqnpLw8qAa-VbYfDVJJfGpFiwUa1dljT6LKOQdYiyDAeiYpefZvLVFCtjrEGNYKkvYeOwb8VJe-Tog5njNH0TPPDjXzz-CvlciZadQf0rqZtrfMuG1x3Vf2jY8If1Tp5bklL3PA7YOqvj9NvtLZFZGvTRvrRxmXxFMV7uU1Rp3kUVTMM__bMBX_pq9re4xhgSMpJ7VAC4QNNIFh83-cx1zzTspYleoprbAaPEahXQpMI8JPcD3vrXYo2kXmoRRlSwwfTRIcBftaiJVF2dTNjcYpJ_n93GtwVMxA9GIQgjSS83p49mWrUzmJlIZpUgyv7QGehUMTpp0fHyBP8fTBMZXeMXL9ADkIPodjmq2TpxUK7x3wZeQnub3g4VpBOq3qD61H0Gj362KCvFqXz3i4iTqQGi9sLMCzcdWy2vai5mkLibnbuDHZtPu_UHcBzYbtGs1KDK19PA_bsiB_NRnJnz7mW7VwEkX_HfCN9rsOlmOEGC616_0jkGad6_VubIui5oJe6xsKHpAsUKvthL7cYEYFEgsjIQ7-BoHP2zo7b0WY0kFnsvk-kDTgnTHxiuK1pFFjFewiL69-mFJePyBRSYg3_Skrbv1Os6Oambu8MmRx21i6NtEX3I6nnL5PEw8uOfrAoDL5b-1mXr9q6LQiQG-y5yJyESBpR-c93xLx_MOaFoSunqage4sQigoSP4RIpiGKwAT-GjXt0w9hD6DxEX_Glh7jD5_X9cm4e2ZHKu2LGb4rmoPSYMORYI8NEIY6pWumIBJwaWj2qTdPBQaJw6XVrmTuvpyF_EeI1VfmlEzI8c3O5tfp89v7c0kkWMFEaEU6d8F1EirIcqdUnDHcNHZYI9ylDZJnK-u63phavCS8A5hANjfUmWwJLMk6pehuvAzYBw9S85OP5DIwTGHfX8-jZ6QB1JxPUU31hHB-KAvSDAkEHeyiMt7CQKjantbIKTpZu--1R7lJr7wLvBeyr0VrD8hVpBri6vCrHjHJTgG7RRm61RBTadqVdCZU38hjz3jDRgDc3J7CLchuL6gDqjm52eMKImeorH0cf6k2V8NAWEoq9Qxp6vTwKgrj9OPz_pB9dCInnGuR5TgVTuyaL1yVeoIfLu0KY8k1txYO-O-W67v8cL2VaOKZylqsXl0HP_LyeHyaX18xwDq1te6ERiWYT4fpGp0MKDdQXUFS6mZ31xdu4qYVS33z86vIhxlwi3IiHfXnvdFCi1x93soIOx_C36HOJmXl29wxmprYng4VAIj8Nbt05l89LerfJ89Y3ALgThNgCVdsimeafmNa5WZmyTW6fMnCYOkMB08cjMY-CwYLJ1A5t2GYCGT5OCqmmJB5IUhGH69nWlDiT43joknYBsx9l8iTvlj1i2Pm7sPmPyLlFDN-24fs1ajKxNXBRbf6N4aKFflaDYU3YUZCGPta-eO9Nq8ysoESsuPM8vcqRPJuQ7YrToBVMYYK4mIUzsEoprJPjbfWFBzMl8git7xd5WRPkJs8LklH_QnuHEhcrSj91C2I_Rd3wBaA3H1rpEWJF_Qk8Qgiuhw-6WGzq1JsVNsSNcwu5-BFmnK6otBQUE6Rz1lN6O3k1vzDopkf8KUraO-slGzbjcC83cziNxmNKuhAg6KIz4mUaznowRtim1-f4fH7uw_QXX6UHroBz2mWAChXOvsb-EQzWOvuOD29FA93CFmcSk0lL8-jBztz39My-m4hMir1Ra75WGlsGFX24oAAvTAkS8VwbVZ79NWNhbh4X1iyr8WtlChbzBOw-dN-wDP54kPZRFVj2X5HRuDRm2lTGHUA1qYtJe9bE6AM3FyoUIs5hSxig60lHIX1siQwr4-dl-xNmhAImUIC5fHNf8FHMgMGKHMb7G4fsh2ToM3D96DXqwzPt4BJBYxfkG9MHBvKDWZQyDx1rNrvOgMvwK4Wqwoe5aA3qpppI_GYI1CZx07DjnBRWDK6XYr-k6uW1YmEXdLV1gcE_DQXB8goYouZ5nA4o5c9Mys1uQNTw_FyUeTyxS3uAuil9F-IFMKs4NbrXZBS0JXMX5hDh15kQhxl6C0Dj3PqabeCU33_rgcaSWq5RvvPksDFkWtRQf7076zM4Pdc7xBZDgzLh66oznvgKamf_iXxHG_MCcLp2athg9I7k8B7vjAM8f8m_q2aQLu_bPm0XcUgv_GHEanbO1yAGs3at0p8XG1FQbQpvXiTrWHVtqPl9Mx0O_1g602JOrCPY-HnnU-aXOYxDR9Eu-ja_QUqR_C9Tnbs6ZgFzlEsxO8sDlfHRvfr8Eizj-M9wmhfwQSx77zWzwkVx72BZawhcJHjd0Zcgk-E5sDQ9lalyrRuCpKZBnwVIdee14V_zxZuUMnt7be0scy3lBH4kRcuLDLlOq7XjyBG_9TzVMj6Y2jUXzzAdwGthh9kka39JKEK_yZAVTYrSAeHW6wBe8_QZD6ONSCvg_B1RJCTCuECCdbP6cVCG8thtmZbVSIuikvfmRsMM9wVLFvsjWLX9OziPaHUAEJZgkA5UbPLzvd9PuuqxxUtDQaJwYzAb-mxkSIsHBdtgy4KEjuM9mEE60HLdYP9lRn69se2rJDOzFEKsHz0h85f1dRykEL6RrGadG1UAzOMegWAMsNUH8qNRouUNxV526N2eMsCBnXmG29kLApDNtPlCr1LJJ2iPDT6ay8U5cS-P90JWzB883R71FfNPUN0SVWXzGoq7gcpItF9eG4WgKg3bJLT9uoGU3ZC-pFY5jNSmAh8Zysciud3_O1-nbpfsWbKWQMZGTkDRe-j0nykQ5u-FTUOMcbQao3s7ZAnjfyYJiscKT9uNW7rBTuqvCktGIwxo150Ek1X2HsqZtL1WYSAt8ikY8im9nAv-4Z4EYAVjeK5y_62dFx9dRNNM9lQaFtCZ7IXknZZzbCHnu7zzw-_2tNnlQYl9yaod4rnDf8r1OHF91DE-1bKU9Cjxgtn5PLFSA_YM6kyWs0kOAVFvQ433m0xRw9353RZpHADCQJIsON-ARLvZsCs-yKn_3GnlNoFB414ug7Srm1OYEQApryBCnAtp07SzuUzilC0dgLk4Mu7TSZNTArGHypvviARJTZe7G-fwfSaktncXA3cc2qA9wq--AGI3zZqBbmpzfPnWRMFjmJ-qQCfb_J04QtDuFQEbP4BZ5LfjSsvSPbBr-Lg8Gy0&cid=CAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=3223242062219173000&adk=3944675600&idt=38&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:41:10 GMT
x-content-type-options
nosniff
age
25891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28948
x-xss-protection
0
server
cafe
etag
12554467027428251666
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 24 Jan 2023 18:41:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CBE2
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-ZSez_J8LQbLR6PkYc0vsj_q4oBiUr_WkKltSPz0OmWZcZeEI_zGnLXbwQUoVDVW-RaIAfKNbQAX0DKVJFyDz9vSqmxGn6OmhuXFuOa8fxDKT-ocjevFiFloiu5y01fUk94_5hi6CSoz8c3Td5Puu76No6RhCrqJM5E1mgMtN2sAuBws&cry=1&dbm_d=AKAmf-BrrFJ19vp4elZ3PL2DoGl5a8m0KxtR9Bw64AQeTE6XMSgWQzUcgbEB_kS5JfKLyHHbeFxw7dukI0QDG_-NOjORBF-MiljU8iPRJnE9XYc2RGx7DNe45eZFbH116gjMN2K1q36RdWWprqnpLw8qAa-VbYfDVJJfGpFiwUa1dljT6LKOQdYiyDAeiYpefZvLVFCtjrEGNYKkvYeOwb8VJe-Tog5njNH0TPPDjXzz-CvlciZadQf0rqZtrfMuG1x3Vf2jY8If1Tp5bklL3PA7YOqvj9NvtLZFZGvTRvrRxmXxFMV7uU1Rp3kUVTMM__bMBX_pq9re4xhgSMpJ7VAC4QNNIFh83-cx1zzTspYleoprbAaPEahXQpMI8JPcD3vrXYo2kXmoRRlSwwfTRIcBftaiJVF2dTNjcYpJ_n93GtwVMxA9GIQgjSS83p49mWrUzmJlIZpUgyv7QGehUMTpp0fHyBP8fTBMZXeMXL9ADkIPodjmq2TpxUK7x3wZeQnub3g4VpBOq3qD61H0Gj362KCvFqXz3i4iTqQGi9sLMCzcdWy2vai5mkLibnbuDHZtPu_UHcBzYbtGs1KDK19PA_bsiB_NRnJnz7mW7VwEkX_HfCN9rsOlmOEGC616_0jkGad6_VubIui5oJe6xsKHpAsUKvthL7cYEYFEgsjIQ7-BoHP2zo7b0WY0kFnsvk-kDTgnTHxiuK1pFFjFewiL69-mFJePyBRSYg3_Skrbv1Os6Oambu8MmRx21i6NtEX3I6nnL5PEw8uOfrAoDL5b-1mXr9q6LQiQG-y5yJyESBpR-c93xLx_MOaFoSunqage4sQigoSP4RIpiGKwAT-GjXt0w9hD6DxEX_Glh7jD5_X9cm4e2ZHKu2LGb4rmoPSYMORYI8NEIY6pWumIBJwaWj2qTdPBQaJw6XVrmTuvpyF_EeI1VfmlEzI8c3O5tfp89v7c0kkWMFEaEU6d8F1EirIcqdUnDHcNHZYI9ylDZJnK-u63phavCS8A5hANjfUmWwJLMk6pehuvAzYBw9S85OP5DIwTGHfX8-jZ6QB1JxPUU31hHB-KAvSDAkEHeyiMt7CQKjantbIKTpZu--1R7lJr7wLvBeyr0VrD8hVpBri6vCrHjHJTgG7RRm61RBTadqVdCZU38hjz3jDRgDc3J7CLchuL6gDqjm52eMKImeorH0cf6k2V8NAWEoq9Qxp6vTwKgrj9OPz_pB9dCInnGuR5TgVTuyaL1yVeoIfLu0KY8k1txYO-O-W67v8cL2VaOKZylqsXl0HP_LyeHyaX18xwDq1te6ERiWYT4fpGp0MKDdQXUFS6mZ31xdu4qYVS33z86vIhxlwi3IiHfXnvdFCi1x93soIOx_C36HOJmXl29wxmprYng4VAIj8Nbt05l89LerfJ89Y3ALgThNgCVdsimeafmNa5WZmyTW6fMnCYOkMB08cjMY-CwYLJ1A5t2GYCGT5OCqmmJB5IUhGH69nWlDiT43joknYBsx9l8iTvlj1i2Pm7sPmPyLlFDN-24fs1ajKxNXBRbf6N4aKFflaDYU3YUZCGPta-eO9Nq8ysoESsuPM8vcqRPJuQ7YrToBVMYYK4mIUzsEoprJPjbfWFBzMl8git7xd5WRPkJs8LklH_QnuHEhcrSj91C2I_Rd3wBaA3H1rpEWJF_Qk8Qgiuhw-6WGzq1JsVNsSNcwu5-BFmnK6otBQUE6Rz1lN6O3k1vzDopkf8KUraO-slGzbjcC83cziNxmNKuhAg6KIz4mUaznowRtim1-f4fH7uw_QXX6UHroBz2mWAChXOvsb-EQzWOvuOD29FA93CFmcSk0lL8-jBztz39My-m4hMir1Ra75WGlsGFX24oAAvTAkS8VwbVZ79NWNhbh4X1iyr8WtlChbzBOw-dN-wDP54kPZRFVj2X5HRuDRm2lTGHUA1qYtJe9bE6AM3FyoUIs5hSxig60lHIX1siQwr4-dl-xNmhAImUIC5fHNf8FHMgMGKHMb7G4fsh2ToM3D96DXqwzPt4BJBYxfkG9MHBvKDWZQyDx1rNrvOgMvwK4Wqwoe5aA3qpppI_GYI1CZx07DjnBRWDK6XYr-k6uW1YmEXdLV1gcE_DQXB8goYouZ5nA4o5c9Mys1uQNTw_FyUeTyxS3uAuil9F-IFMKs4NbrXZBS0JXMX5hDh15kQhxl6C0Dj3PqabeCU33_rgcaSWq5RvvPksDFkWtRQf7076zM4Pdc7xBZDgzLh66oznvgKamf_iXxHG_MCcLp2athg9I7k8B7vjAM8f8m_q2aQLu_bPm0XcUgv_GHEanbO1yAGs3at0p8XG1FQbQpvXiTrWHVtqPl9Mx0O_1g602JOrCPY-HnnU-aXOYxDR9Eu-ja_QUqR_C9Tnbs6ZgFzlEsxO8sDlfHRvfr8Eizj-M9wmhfwQSx77zWzwkVx72BZawhcJHjd0Zcgk-E5sDQ9lalyrRuCpKZBnwVIdee14V_zxZuUMnt7be0scy3lBH4kRcuLDLlOq7XjyBG_9TzVMj6Y2jUXzzAdwGthh9kka39JKEK_yZAVTYrSAeHW6wBe8_QZD6ONSCvg_B1RJCTCuECCdbP6cVCG8thtmZbVSIuikvfmRsMM9wVLFvsjWLX9OziPaHUAEJZgkA5UbPLzvd9PuuqxxUtDQaJwYzAb-mxkSIsHBdtgy4KEjuM9mEE60HLdYP9lRn69se2rJDOzFEKsHz0h85f1dRykEL6RrGadG1UAzOMegWAMsNUH8qNRouUNxV526N2eMsCBnXmG29kLApDNtPlCr1LJJ2iPDT6ay8U5cS-P90JWzB883R71FfNPUN0SVWXzGoq7gcpItF9eG4WgKg3bJLT9uoGU3ZC-pFY5jNSmAh8Zysciud3_O1-nbpfsWbKWQMZGTkDRe-j0nykQ5u-FTUOMcbQao3s7ZAnjfyYJiscKT9uNW7rBTuqvCktGIwxo150Ek1X2HsqZtL1WYSAt8ikY8im9nAv-4Z4EYAVjeK5y_62dFx9dRNNM9lQaFtCZ7IXknZZzbCHnu7zzw-_2tNnlQYl9yaod4rnDf8r1OHF91DE-1bKU9Cjxgtn5PLFSA_YM6kyWs0kOAVFvQ433m0xRw9353RZpHADCQJIsON-ARLvZsCs-yKn_3GnlNoFB414ug7Srm1OYEQApryBCnAtp07SzuUzilC0dgLk4Mu7TSZNTArGHypvviARJTZe7G-fwfSaktncXA3cc2qA9wq--AGI3zZqBbmpzfPnWRMFjmJ-qQCfb_J04QtDuFQEbP4BZ5LfjSsvSPbBr-Lg8Gy0&cid=CAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daisyyohoho.com%2F&ds=l&xdt=1&iif=1&cor=3223242062219173000&adk=3944675600&idt=38&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 16:15:08 GMT
csi
csi.gstatic.com/ Frame CB8C
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lcr0bkcd&c=5577698863985&slotId=2788849431992.5&qqid=CKPugYu0vvwCFUj-dwodF28CzQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=996&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230104_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF2
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo04daBa-Y5q8E9WP-gbn8ZOoAQAAAAA4AeAEAg&bg=!w8ClwITNAAYDMoyoIzI7ACkAdvg8WmqwDVzq4dBKMr6KU9Bgeg84_AIWq8o5EqaMXh3x2mN6YYNMoQIAAAImUgAAAANoAQeZAsK61aqwGMeD6CGJ7NAKI24_AuafPSN7qg6bFw8QheFJbMdcK2n7nAs0gPrjx5pex-0yg2pX-VveVYgqE9P-k8ZmM9iCPz0ushBqJC7i5bw5yy9JroYQCnOtktnEK7J4EDJ0nYWkdmn44SP-57cox3tI7woCLvrQXvpKOe0Z6NowAK9OQ1fSr9PMoSvkjWWPZblp1BNm9Y2huL5NbsURmI-_NALFIHaTZsJK8SwjeGV5wk-lFPQud_ueDb9mPekX1I5g7y17PyGnqEwd3o-kg5VhANznqyfVe4Ji7rMvFx7rHLEW7qr9H2uf_unLYx-cwKwv3y6xjNgvypxq7lP0oYYcgQKL8Vy81lUCbmi-lJJj1V4X5f5bcnxfuXinzzUOTX6Dj5jLJelrYqK6iFVQUGbyWhj_ww8yP_gCpJNGCpjR8ylqYS7xYe5-eA47g-RP3qPznspAMoCpw0LjCA_P-aT5oPn53fIcAHUI9hu9FMkOPk1yqksAQfE7YiaoW7Zigbs-J_liEXOcMRgyLd1UpmOGpG9D83ghT_Yz916Q8ya6dxqagYy2Zu4IEWA0z85Xc_gdkWr4iF0a3zKaf7Uv1Oq4x_CW6GXd2iyTxHnayii8KIeRwNGSy3kvuAbkk_-XMwssUPhpx4VDZNvF8aFM6OFkNkGHCdTKQ0MiVaNTTN63Gq0TfzenEwIgJg8KLxiCW-dmUtc426uu-mAbdSJH5CrRySzduRxWEz9VKFuF8rUujX2_fvyZNAjtuuJPHw6fsQoqQeHX91KzPijvafa7ai-omSve5_sruHgsnCDb5xZl90LpqN_iNom9HKBU_3aWMHWI4Rr3wpFImkUfA0v8FGFHZD0pbBwdbu5-5IlsUgZN9h1ygPoZ-IegDxhEUD6yZqx_mS-EhNXV5B03zKD2jvb8sfOjCJScyxFIrmkQwcOlrkbC
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
layout_renderer.php
as.euw1.jivox.com/unit/ Frame B938
295 KB
52 KB
Document
General
Full URL
https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.240.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-240-102.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ace46613384b41a0231a6eeb9f59df1fc3375ea41d0f0e398dfcb426700bf92f

Request headers

Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 11 Jan 2023 01:52:41 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B5B5
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 08:07:16 GMT
etag
48472445140208031
expires
Wed, 11 Jan 2023 08:07:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CBE2
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20cbaf97ecabe3b31a0f791790685ee5d5a66dcd2aee480d8153fadd05ca9028

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 010F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
351409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Jan 2023 00:15:52 GMT
expires
Sun, 07 Jan 2024 00:15:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5EE6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYtIRaBa-Y4HnGo-c1waJiaSACAAAAAA4AeAEAg&bg=!iomlic3NAAYDMoyoIzI7ACkAdvg8Wr5UbFJQFXTXAex8DX3ibP-9zULogpn2VxzliPa2pFqMHBpXlgIAAAGRUgAAAANoAQcKAF6wbfFmfiTx65aVz8FQfhcHBzOQf192s8ovWmiC4qWiJa_knDXDPc-pgmCvHv35NKChN8i9vICZMSt3fZpi0Qhp_hh_qlOXVTFCfVNuooOevBM8C6QxwWm9Shhyce7xmQLLQEBwXMmLJFbNJp-JIFnpTMjD--zvI8_cXCGya0Su8YxhIVY0bJljzj34sNcxgxnvHUcBj4tqoO0u4lfZsz8GrDs7R1y4DQ9a_ak9bs83r9o35iokeT_75QqaAYqxPemgzy2XXmeDGnhoZQeBNhzgyDYgHKExMKfcdPWqWJvFLJikG8FlS8dbySDJfJZlvW0EqWisgTnz9A-wuFx5ff9Aq_XOGVzV57NGYdma-tOAUyywSyT-5x1J7d_x-gd901oq4jy7qMBmAikiuWI2JQiC98kHftykFV9Ay35M_3nsqFSkz2aT5PEdMPZE4pd0vhniAcAJlKuK4j_0BFTDS_VRWa7LRvcwhzrnWB8uTW1oYHVnjO4gn4pRNYW9I7IZOdigl_bnolg3blG9K__yJxtI0MEOdDfcQpGiZjJxpyoaLxdSnm6TCh24TzwJbuJEU4NROGDn9yP1QFb3T6y63yh3LxXw2q_rVl3K_6BRstCl7MyKhXq0T_GRzCkZz7X9EG1Fs6MTz5mPfJHK3eKUerimJLoz7sjzWQvXdReJEfQV1gAlTFB4pQ6zdSO9q2tLV8wHuv5jZmO7iFPt2iJRBPqPLTxXDOhuN6nBHxJP3_WFrZLWggK9ON-DenPX9Zvm_1i3cYhh90ugkQreE9EJAK55OKLZy8uIu9Bpg1-QUrH65TIZfiBOPao_HqBo4BEMXCdKIKdtL5HpQss71pdw5z3vwtVW63uYuBJpCBF2QsZLUZTb6tOCKCqNQpzgmqrjDIxqIbuq08wNzdSmVA9QZaZdrA8e4xKm1q-G-EunkH5ISncv3555AOapdY3tjjyPTu3E_xnH0Y_dscaxN4b4qcMkcXIOVgseq0eGjtdX6dTAQWuSdK2zHZv2BlnssrihlO5gfVp8jWQdHwC3-VD0JUWUv8yKQDAjJ5d2wj-SbWLzACbfO-J5BZjxK8zhGA
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B5B5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1&google_push=AavPq0MF88QludzcfZijhl8ZpVU1maPL9bIi0wKqJ5UjXLS3zvrpGFWaLoplIfNkcmyty84DWXWCJ6Vd0TOloBwc3wqMGHE9aVaS
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY0MjgwNjYwMzgwMDUyNjg1Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMCrFp0wEN6onOPcgA1RTQw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame B5B5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYT...
43 B
439 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:42 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
787a03b5de6c2bf7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
633
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4HMLXrnxqQowZ5NIISyMg&google_cver=1&google_push=AavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MUKbTb9XkY1SbQG-vlr0bsl6TD-QltONCScuc4If2zliuS8U5l9gix0jjNvvy0MHosIK-TwlotFaUKcHETiQwzixO8fYTX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
787a03b4cd902bf7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5B5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdk9cjtThHngshXZSkuQ5Y&google_cver=1&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhq...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhqZby8&google_hm=eS04RHFwVUN0RTJwRUdSN3V...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhqZby8&google_hm=eS04RHFwVUN0RTJwRUdSN3VEY2NFaWhXcVpqNnplbWFDYn5B
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Mtu-ZzWZ-zp6l7O4PCiyQCGI5xiXRARHsIXtBEoITUoLlxEzQLOSBqUjmUCHDkCL2JruJ5GWtbi6QCNojHuZ1xlhqZby8&google_hm=eS04RHFwVUN0RTJwRUdSN3VEY2NFaWhXcVpqNnplbWFDYn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B5B5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPQ84QS_kNj-PFpPezcjY5c&google_cver=1&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5Ym...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEPQ84QS_kNj-PFpPezcjY5c&google_cver=1&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NVIKjQxwlNeDTvLCFnjhJNTm6gsUJP-TjX4AyXi5_PbfSG8lAEsVuqfClkJct2VlGte3bCIylI-aEkGm5gO0kI5YmSVfPH
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B5B5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WiozrZNbR5i8ocyPThqGcg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WiozrZNbR5i8ocyPThqGcg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N01t8qJFIhnSabywbB_y8hcQeS_94vpoMFufZOeuIIylrMyy9bDqorGOVN4Q11XKCnfnUulouwAEMLtRyU_r2Y4WHJAivp
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WiozrZNbR5i8ocyPThqGcg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N01t8qJFIhnSabywbB_y8hcQeS_94vpoMFufZOeuIIylrMyy9bDqorGOVN4Q11XKCnfnUulouwAEMLtRyU_r2Y4WHJAivp
date
Wed, 11 Jan 2023 01:52:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B5B5
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELz1JRxPnNmC3kuUlgiALn0&google_cver=1&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc2fZlC_IGN5WJ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc2fZlC_IGN5WJ
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 11 Jan 2023 01:52:41 GMT
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NgRZpuEOLEea9AtyffAM7F-w3kOai2wy8aBpul7tFanpgmrFYXqsUviAZRJzu6TIRBW9v5PXxM0qKMwSYc2fZlC_IGN5WJ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
jWuZ7ues7A0UJQ-yA0zOPTznaQHZblXUXn8HK5_ptDAWDRUVcUssXQ==
pixel
cm.g.doubleclick.net/ Frame B5B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkAzap4IBBgMoX7vfRG7zE&google_cver=1&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3Nmt...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBkAzap4IBBgMoX7vfRG7zE&google_cver=1&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3Nmt...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16TTdLZG14RTJ1RWlWV2dPZUhheUcyNmZCWkxNdkdQOH5B&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16TTdLZG14RTJ1RWlWV2dPZUhheUcyNmZCWkxNdkdQOH5B&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3NmtdPFL9av6xaW28WEdfHUoIbPVhc9A
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16TTdLZG14RTJ1RWlWV2dPZUhheUcyNmZCWkxNdkdQOH5B&google_push=AavPq0PkXRpRhV-PnC6ZduqXmqgHOHx-d_KrnUiONTHD4bHFMgIasaehQKWTz8GRt-KEtO3NmtdPFL9av6xaW28WEdfHUoIbPVhc9A
date
Wed, 11 Jan 2023 01:52:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame B5B5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMoYNR5X3b7pv89skwU2qO80TOaj721MVHP_y5R-p21VQ2fUwMapuisqgdOxhlGdn6CSpdfg
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
jquery-2.1.0.min.js
playercdn.jivox.com/1651821427/unit/js/gz/ Frame B938
82 KB
29 KB
Script
General
Full URL
https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-98.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 03:26:08 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:27:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
80794
etag
"84642ab523899a6150af1489287de4de"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
29294
x-amz-cf-id
T0Pq251Mx67dl3NfF6O1vWYIgeFyy7B_vWNyYhK4dczcstaM2JlhzQ==
velocity-raf-disabled.min.js
playercdn.jivox.com/1651821427/unit/js/gz/ Frame B938
34 KB
12 KB
Script
General
Full URL
https://playercdn.jivox.com/1651821427/unit/js/gz/velocity-raf-disabled.min.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-98.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 07:51:48 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:27:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
64854
etag
"6db08f58b76a3c4459a454a7acf752ca"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
12405
x-amz-cf-id
LrI1GnWD0D3bghQvhgIridHwvXrOtMO8R1oqdq9jaPDpkTjZ6YRBQA==
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame B938
29 KB
6 KB
Script
General
Full URL
https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-98.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:59:14 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:29:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
17608
etag
"2a0e0abd8f7f11fb012a534ea115a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
5987
x-amz-cf-id
bUdQvmvhrma_yeI7MUP39exHhgzxBXjMFGjxgNAcKNXVendS3zpA_g==
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 010F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 16:30:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D75
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9889620097787&version=m202209210101&ct=76&x=1&cor=12013401495894663000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EA2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWCHsE7lJHuEjogef4jiVAg9JvQ6Cz6bgYz24_7ymWcSNQH3M2AZXCqQgFQGrnAttrPiqrJ7chM2gKYuV2cIaYGTHunW-6dKT4s2FT1Yruxuc8yrSF2minu1-hlrizIufP6-vFiA&sai=AMfl-YTcSjGsc349KMrm7PZxDX_cSYR6AcP8mnTTCQwbfmf2XLSNAJD19GSy4BZVBWmzrb2yWt0LKMPg9ILeeuI&sig=Cg0ArKJSzH_FEnOYp0F3EAE&cid=CAQSGwDq26N9mOVVfyzLEyMPfT9jkPn2_PtiXabWDRgBIBM&id=lidar2&mcvt=1032&p=0,0,124,1005&mtos=158,729,1032,1032,1032&tos=158,571,303,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3046330951&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673401960333&rpt=450&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jivoxWidgetApiV2.min.js
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 39DF
29 KB
6 KB
Script
General
Full URL
https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-98.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 20:59:14 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:29:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
17608
etag
"2a0e0abd8f7f11fb012a534ea115a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
accept-ranges
bytes
content-length
5987
x-amz-cf-id
2pcjVW7iLcWyCIlvr8Aj9fu8AZBDyWgYXrZGzQiYS83D-pdgkKUDwA==
createjs.min.js
code.createjs.com/1.0.0/ Frame 39DF
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 11 Jan 2023 02:07:41 GMT
mazda_300x250_jvx.js
assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/ Frame 39DF
30 KB
6 KB
Script
General
Full URL
https://assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/mazda_300x250_jvx.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b219a891dec59d546694cd0953e973f8c19eafa07744737e19f8add53c2ec13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
date
Tue, 10 Jan 2023 14:27:16 GMT
last-modified
Thu, 27 Oct 2022 12:52:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
41126
etag
W/"df1693788b1cf8182e5bc0cf72565133"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
wleVhMuYEQhiBZ_HPLaJmy7bBQBzvpdO6Jktd6BNJ4TvmRFDmK0E_Q==
canvas-text.js
playercdn.jivox.com/1651821427/player/js/ Frame 39DF
8 KB
2 KB
Script
General
Full URL
https://playercdn.jivox.com/1651821427/player/js/canvas-text.js
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-98.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 12:26:29 GMT
content-encoding
gzip
via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 07:22:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
48373
etag
W/"92cdc84e4a0a05215db6931b920e15fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400, s-maxage=86400
x-amz-cf-id
Yuj2m3U5mK86cB_AJDzYJn54nc3LHE5gtTUCq6-Y3o2nPs9yxB9w-A==
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT0zMDB4MjUwL3I9MC40MDM4MzQyMzg3NDkxMzQ5My9l...
evs.euw1.jivox.com/trk/66/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/ Frame B938
43 B
230 B
Image
General
Full URL
https://evs.euw1.jivox.com/trk/66/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT0zMDB4MjUwL3I9MC40MDM4MzQyMzg3NDkxMzQ5My9lc19ldD0xL2VzX2NnTmFtZT1NTURFX00yJTNBRGVmYXVsdF9ubytsb2NhdGlvbl9XZWVrZGF5X05pZ2h0X0JvbmRfcmVkX3YxL2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrZGF5X05pZ2h0
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-130.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:41 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/60/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/ Frame B938
43 B
229 B
Image
General
Full URL
https://evs.euw1.jivox.com/trk/60/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENiazRWYUJhLVlfeU1NOWFuZ1FmNDNyMm9EY0hQMjdGdWdkTE90T1FRbTZ6ejVmVUtFQUVnNnFla1YyQ1Y0cENDb0FlZ0FlYmozdWtDeUFFSnFRTDBtQXJBemdLeVBxZ0RBYW9FOWdGUDBPcVFqMXpYWDEwUUVUU3pOUHVEV1RXVnJVRENZSTVWUVZPLTdYRXRGR3JHXzJDSS1lWDlDVUN5ZHdLOFhrXzJXX0tPdVAwWHZwTnZTb2s2RDluQnlBUWwzNXZ0dHU5QldSREk5WEV4TnNCY256Y0FlV0cxb180X0pnYjgyWG5Gc0k1ZXUzQmxqSXpYSUFkS2xjb1I5cDFJcTJsVFVjZ0U4cVpDa3BEN3pucm50M1E4T3NvbzJKNElLa3JRX0xaMzZqQXBnQkY0VTVjNmVEV1gtR3dEbnVWT3QzU09lbENLOHhINHFhOFdyZEh3T0RybWpzY2l5bUJzR2hvVFNJbE5TZ0JQM0Z5Q203Zi1nU2x4aURqZEZBa0tLc0p4eWdLUUoxdF9qWm9mTTJ4ajJXcG0zd2R0NFpGamxFTjFUM2hfaE5HaERMekFCTFRGekpPTkJPQUVBNUFHQWFBR1RZQUhncHlobGdHb0I0N09HNmdIazlnYnFBZnVsckVDcUFmLW5yRUNxQWVrbzdFQ3FBZlZ5UnVvQjZhLUc2Z0htZ2FvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ1JDSURoZ0JBUUFSZ2RNZ0txQWpvQ2dFQ0FDZ09ZQ3dISUN3R0FEQUd3RTY3XzZCSFFFd0RZRXczWUZBSFFGUUg0RmdHQUZ3RSUyNmFlJTNEMSUyNm51bSUzRDElMjZjaWQlM0RDQVFTUEFEcTI2TjlvU3pGYk1ubjVKcS1KMllaOGxVVE9zYUtLRjd1aDVtWWRmV2tvdUV0Tk1WUXRuMnlWa0p6NWhqb3ZTQk9rbDBhcU5LQ1lEZldqQmdCSUJNJTI2c2lnJTNEQU9ENjRfMkl5aDUzM3BxWEFUMzJ6MFp6ejRoVVU5a3h6USUyNmNsaWVudCUzRGNhLXB1Yi03OTQ1MDQ0ODYzODc0Nzg3JTI2ZGJtX2MlM0RBS0FtZi1BbE5LdTNoeFRBWXQycW9kWjAtVTFFOHY1Q0RsVG1YakM1TWw0ZW16UzU2SUZMdEpmd2dkRVJ4QmRmc1ltRXE3bTAyNWRvUUw2OHVVTEpvcGZxUjc4Zm16ejR5amhPTzMyNllMel90cWotSkRzS3BKbVlhRnR2TzNvNXMwWUMtV3c3eTFuTHZjQmNHamd1VFRnMHpCNnl3WG9fXzVqZkRiaW5nX181enY3RFp1dS12Y2clMjZjcnklM0QxJTI2ZGJtX2QlM0RBS0FtZi1CYmIyVTJDa1JpdFhYaW1pcDRzb1NqaFh2U0F0TG1tRk9MQnpuMHM0U2Q1U1JqSm5pWklKUm1renBSQ1hKRGFBNm02OHRtUmYzM2FES1VJNzZ1TW9xTTJtVUtqVHlxbFdnMlBtOFYxMnZzeU1IVGpjVHRRYnNFci1wZFdJV0JSbnRxTDJhekFTVUxkUklJdmp4d2xqbTJhblJONDFYZ2VlZWo4ZVIzUDUybnlhUDgwQWx4WlpvOVVGLXc4SkZTaTVSQ3lXMDZ4U2ZLS1Q0QTIwUFhZUXN5cWMxVU5vdWltZGRRUEVmMlpVZVQ2NzN4SUJybk9TVHpqRDBEd2FHVnNVWDVITlhFM09NZ21JT0c3eVpITmNpOG5XblNFUmVwSTNLVW9VVXhScTRGclVvWjFya1NDbnNNZEtKdDZUNER5ZlY2aEpCa19NNVNXOGY2cGRrQV9lV2ktVkcxVFJMNDNKLW1NTFhfX0hYeTUtckY5amU0YkVGNXpuZHJfdTY4cDlVWmhTalVrSDRZYlF1bmJzVnhmY3pzVHRscHIwbFdLTFQxRGpIYlVBMUpSWFdHTlhxOFYzSWlTRkhKQ1RPekRuV284WVVMdE5FakpKR2NEbVc1Y3h5Q0s1clNLbnpxemxmYzl2bkVoalpRN2dycXkyeVgxRTB0R3ViVFBiM2ZqRDJxaGJyd1I4cGxFelUtMWl2QVhORU1nR2hqZmQ4QTJ6S1JPVjRRTmZjbUxTUWxDR0Jfa21WUTEta3JtNDY1aDQzVWQyR1clMjZhZHVybCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3Lm1hemRhLmRlJTI1MkZtb2RlbGxlJTI1MkZtYXpkYS1jeC02MCUyNTJGJTI1M0Z1dG1fc291cmNlJTI1M0Rkb3VibGVjbGljayUyNTI2dXRtX21lZGl1bSUyNTNEZGlzcGxheSUyNTI2dXRtX2NhbXBhaWduJTI1M0RtbWRfYWx3YXlzX29uX2Rjb19jeDYwX3dlcmJlbWl0dGVsX2RlXzE1N18wOTIyJTI1MjZtb2RlbCUyNTNEbWF6ZGElMjUyNTIwY3gtNjAlMjUyNmJvZHklMjUzRDV3Z24lMjUyNmNhbXBhaWduX2ZvY3VzJTI1M0RtYXpkYWN4NjBfNXdnbiUyNTI2ZG1wX3NvdXJjZSUyNTNEbm8lMjUyNmRjb19zb3VyY2UlMjUzRHllcyUyNTI2Y2FtcGFpZ25jb2RlJTI1M0RtbWRfYWx3YXlzX29uX2Rjb19jeDYwX3dlcmJlbWl0dGVsX2RlXzE1N18wOTIyL2NtVXJsPWh0dHBzJTNBJTJGJTJGYXNzZXRzLmV1dzEuaml2b3guY29tJTJGd2lkZ2V0cyUyRjIwMjIlMkYxMCUyRmE3Mjc5OHo2MzVhN2YwN2MyZWJkJTJGMSUyRjMwMHgyNTAlMkZtYXpkYV8zMDB4MjUwLmh0bWwvYkRpbT0zMDB4MjUwL3I9MC45NzI5ODIyNTQ1MTk1NDQzL2NsaWNrTWFjcm89aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENiazRWYUJhLVlfeU1NOWFuZ1FmNDNyMm9EY0hQMjdGdWdkTE90T1FRbTZ6ejVmVUtFQUVnNnFla1YyQ1Y0cENDb0FlZ0FlYmozdWsvY2FjaGVNYWNybz0xNjczNDAxOTYwODM3MjQ0L3BhZ2VVcmw9aHR0cHMlM0ElMkYlMkYyYzQ4MmM1N2EwYWExNDZiZmZjMWYzYzFjMWFiNjQ0Zi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGc2FmZWZyYW1lJTJGMS0wLTQwJTJGaHRtbCUyRmNvbnRhaW5lci5odG1sL2VzX2NnTmFtZT1NTURFX00yJTNBRGVmYXVsdF9ubytsb2NhdGlvbl9XZWVrZGF5X05pZ2h0X0JvbmRfcmVkX3YxL2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrZGF5X05pZ2h0
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-130.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:41 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/77/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/ Frame B938
43 B
229 B
Image
General
Full URL
https://evs.euw1.jivox.com/trk/77/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENiazRWYUJhLVlfeU1NOWFuZ1FmNDNyMm9EY0hQMjdGdWdkTE90T1FRbTZ6ejVmVUtFQUVnNnFla1YyQ1Y0cENDb0FlZ0FlYmozdWtDeUFFSnFRTDBtQXJBemdLeVBxZ0RBYW9FOWdGUDBPcVFqMXpYWDEwUUVUU3pOUHVEV1RXVnJVRENZSTVWUVZPLTdYRXRGR3JHXzJDSS1lWDlDVUN5ZHdLOFhrXzJXX0tPdVAwWHZwTnZTb2s2RDluQnlBUWwzNXZ0dHU5QldSREk5WEV4TnNCY256Y0FlV0cxb180X0pnYjgyWG5Gc0k1ZXUzQmxqSXpYSUFkS2xjb1I5cDFJcTJsVFVjZ0U4cVpDa3BEN3pucm50M1E4T3NvbzJKNElLa3JRX0xaMzZqQXBnQkY0VTVjNmVEV1gtR3dEbnVWT3QzU09lbENLOHhINHFhOFdyZEh3T0RybWpzY2l5bUJzR2hvVFNJbE5TZ0JQM0Z5Q203Zi1nU2x4aURqZEZBa0tLc0p4eWdLUUoxdF9qWm9mTTJ4ajJXcG0zd2R0NFpGamxFTjFUM2hfaE5HaERMekFCTFRGekpPTkJPQUVBNUFHQWFBR1RZQUhncHlobGdHb0I0N09HNmdIazlnYnFBZnVsckVDcUFmLW5yRUNxQWVrbzdFQ3FBZlZ5UnVvQjZhLUc2Z0htZ2FvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ1JDSURoZ0JBUUFSZ2RNZ0txQWpvQ2dFQ0FDZ09ZQ3dISUN3R0FEQUd3RTY3XzZCSFFFd0RZRXczWUZBSFFGUUg0RmdHQUZ3RSUyNmFlJTNEMSUyNm51bSUzRDElMjZjaWQlM0RDQVFTUEFEcTI2TjlvU3pGYk1ubjVKcS1KMllaOGxVVE9zYUtLRjd1aDVtWWRmV2tvdUV0Tk1WUXRuMnlWa0p6NWhqb3ZTQk9rbDBhcU5LQ1lEZldqQmdCSUJNJTI2c2lnJTNEQU9ENjRfMkl5aDUzM3BxWEFUMzJ6MFp6ejRoVVU5a3h6USUyNmNsaWVudCUzRGNhLXB1Yi03OTQ1MDQ0ODYzODc0Nzg3JTI2ZGJtX2MlM0RBS0FtZi1BbE5LdTNoeFRBWXQycW9kWjAtVTFFOHY1Q0RsVG1YakM1TWw0ZW16UzU2SUZMdEpmd2dkRVJ4QmRmc1ltRXE3bTAyNWRvUUw2OHVVTEpvcGZxUjc4Zm16ejR5amhPTzMyNllMel90cWotSkRzS3BKbVlhRnR2TzNvNXMwWUMtV3c3eTFuTHZjQmNHamd1VFRnMHpCNnl3WG9fXzVqZkRiaW5nX181enY3RFp1dS12Y2clMjZjcnklM0QxJTI2ZGJtX2QlM0RBS0FtZi1CYmIyVTJDa1JpdFhYaW1pcDRzb1NqaFh2U0F0TG1tRk9MQnpuMHM0U2Q1U1JqSm5pWklKUm1renBSQ1hKRGFBNm02OHRtUmYzM2FES1VJNzZ1TW9xTTJtVUtqVHlxbFdnMlBtOFYxMnZzeU1IVGpjVHRRYnNFci1wZFdJV0JSbnRxTDJhekFTVUxkUklJdmp4d2xqbTJhblJONDFYZ2VlZWo4ZVIzUDUybnlhUDgwQWx4WlpvOVVGLXc4SkZTaTVSQ3lXMDZ4U2ZLS1Q0QTIwUFhZUXN5cWMxVU5vdWltZGRRUEVmMlpVZVQ2NzN4SUJybk9TVHpqRDBEd2FHVnNVWDVITlhFM09NZ21JT0c3eVpITmNpOG5XblNFUmVwSTNLVW9VVXhScTRGclVvWjFya1NDbnNNZEtKdDZUNER5ZlY2aEpCa19NNVNXOGY2cGRrQV9lV2ktVkcxVFJMNDNKLW1NTFhfX0hYeTUtckY5amU0YkVGNXpuZHJfdTY4cDlVWmhTalVrSDRZYlF1bmJzVnhmY3pzVHRscHIwbFdLTFQxRGpIYlVBMUpSWFdHTlhxOFYzSWlTRkhKQ1RPekRuV284WVVMdE5FakpKR2NEbVc1Y3h5Q0s1clNLbnpxemxmYzl2bkVoalpRN2dycXkyeVgxRTB0R3ViVFBiM2ZqRDJxaGJyd1I4cGxFelUtMWl2QVhORU1nR2hqZmQ4QTJ6S1JPVjRRTmZjbUxTUWxDR0Jfa21WUTEta3JtNDY1aDQzVWQyR1clMjZhZHVybCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3Lm1hemRhLmRlJTI1MkZtb2RlbGxlJTI1MkZtYXpkYS1jeC02MCUyNTJGJTI1M0Z1dG1fc291cmNlJTI1M0Rkb3VibGVjbGljayUyNTI2dXRtX21lZGl1bSUyNTNEZGlzcGxheSUyNTI2dXRtX2NhbXBhaWduJTI1M0RtbWRfYWx3YXlzX29uX2Rjb19jeDYwX3dlcmJlbWl0dGVsX2RlXzE1N18wOTIyJTI1MjZtb2RlbCUyNTNEbWF6ZGElMjUyNTIwY3gtNjAlMjUyNmJvZHklMjUzRDV3Z24lMjUyNmNhbXBhaWduX2ZvY3VzJTI1M0RtYXpkYWN4NjBfNXdnbiUyNTI2ZG1wX3NvdXJjZSUyNTNEbm8lMjUyNmRjb19zb3VyY2UlMjUzRHllcyUyNTI2Y2FtcGFpZ25jb2RlJTI1M0RtbWRfYWx3YXlzX29uX2Rjb19jeDYwX3dlcmJlbWl0dGVsX2RlXzE1N18wOTIyL2NtVXJsPWh0dHBzJTNBJTJGJTJGYXNzZXRzLmV1dzEuaml2b3guY29tJTJGd2lkZ2V0cyUyRjIwMjIlMkYxMCUyRmE3Mjc5OHo2MzVhN2YwN2MyZWJkJTJGMSUyRjMwMHgyNTAlMkZtYXpkYV8zMDB4MjUwLmh0bWwvYkRpbT0zMDB4MjUwL3I9MC41NjExMzc5MjI5NTU4MjI5L2NsaWNrTWFjcm89aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENiazRWYUJhLVlfeU1NOWFuZ1FmNDNyMm9EY0hQMjdGdWdkTE90T1FRbTZ6ejVmVUtFQUVnNnFla1YyQ1Y0cENDb0FlZ0FlYmozdWsvY2FjaGVNYWNybz0xNjczNDAxOTYwODM3MjQ0L3BhZ2VVcmw9aHR0cHMlM0ElMkYlMkYyYzQ4MmM1N2EwYWExNDZiZmZjMWYzYzFjMWFiNjQ0Zi5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGc2FmZWZyYW1lJTJGMS0wLTQwJTJGaHRtbCUyRmNvbnRhaW5lci5odG1sL2VzX2NnTmFtZT1NTURFX00yJTNBRGVmYXVsdF9ubytsb2NhdGlvbl9XZWVrZGF5X05pZ2h0X0JvbmRfcmVkX3YxL2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrZGF5X05pZ2h0
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-130.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:41 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
gen_204
pagead2.googlesyndication.com/pagead/ Frame 010F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5nk2aRa-Y9qnHv_ix_APuJqyuAQAAAAAOAHgBAI&bg=!b2ylbCjNAAYDMoyoIzI7ACkAdvg8WjW2Z5jarOZN4DREG1Kl9jp-WgCbvCGZmhkUh89B7Jf6qxrPfQIAAACkUgAAAAJoAQeZAv3dhdZIwjin_GkJyPsjV5TETmHVt_KXwh10qWPUF9xyQrCGQDzazR8F0nmTzxUZ5q5FPn6xNPIDHCbYgPS0uCt01Fzwv6lQVtc5nk0D_bqniZZaTN6ASj0Ld3jxokN0iRRUjm8Qxn7g5zsTw0mBGBcKMflGBYksY6Fb3aZ-W0xklkUrVqyhlA6KEycT0Eoz7EmHQ450yj2jeITg7qx95858f_K6a7_-ipyBn1iIhUoOjIrI3vpDNBKXFLtODzLyTKEYOknsuecFcFcCiVJgFHlgp0ixMo2cYxcPuMkxkRmssGx8GN7tuFQSnY944nkrMB4PEtzPOprr5FiU-9vncQcqO9F_2O9SwUm489WFkBnvA83QajYQ2230hqpJuyjDEMxa8CcCag9Zmvq4OYEDP2F5xwHJIgq3PybZ-N5jwPZLTsVFOKB-HFZxYRY23HWQw-g2biNV0Go_6CmiasM657lo4LKBTJ8S7oJD6ZEAGJi2Jv8E1udLRWGvBxy1gCNgHx7vJxxtMbC6wpW_hyjJMHfC2s0k57uLBVn_96rrrpsJxK22wV2lMag5n-ER0rzWK6jD-Nr_1lkZpFPdC9zjIzy9TITztbTgI7-Z9w1d-BxgsG1xssjZ1XXyQNclkOQjR5zie0YAIKs2-Zzx-ID2pQmEoxvxF8yNw2ip4KdNrRXy_xoYwSTd2-b45o3op0r-Qq70JWZHyLDzPRBa8fAA5j2NGKX88j06nv_fxiiZY4VjiYBA3Vfng_9v6nIRVnHHG_z94-x1uXAB4SlnAqtS5DhIUfMHSsADN_71U4cp_VEYLRCyXyOZK0Qz2qkt5edccDwEujMmVjHnKltk2TZ7z0EJPdLhaRIERegLkCdO5aW-ELuKmZ78wrUIWqhljHfAI4RKw7U1mM1H6BgLYO4-Rc9SXGVIANLsaOy2Oq6G4y0jfzJW4OqKl8Tvspy1ylYsqxLILFq6SHSv2HoRdW7x4Uxq1Fdci4QnOBFTt6BPNFcsUMGzQvDhlzv_B5o-yPc
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MazdaType150-Regular.woff2
assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/fonts/MazdaType150Regular/ Frame 39DF
42 KB
42 KB
Font
General
Full URL
https://assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/fonts/MazdaType150Regular/MazdaType150-Regular.woff2
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd

Request headers

Referer
https://as.euw1.jivox.com/
Origin
https://as.euw1.jivox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 10 Jan 2023 14:27:16 GMT
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
41126
x-cache
Hit from cloudfront
content-length
42740
last-modified
Thu, 27 Oct 2022 12:52:25 GMT
server
AmazonS3
etag
"3f2a9073b5b7460866937e4cd2251bb8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
EbdO2oKftYsM9pBGAE1wiKZHP8zVENQ4bf90eXsG85m9GHphZ-uQMQ==
bttp.js
power.adhacker.online/general/
20 KB
8 KB
Script
General
Full URL
https://power.adhacker.online/general/bttp.js
Requested by
Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=OE1NOEpNWjFaQURYT0FGUVdSOVJSUVpQVDNaVDI4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6413
x-guploader-uploadid
ADPycduExieg3EMhqg0vrok6Iue-J1_niymrxaqbahDbEln17Qk1zp7uTqE5wEFMTshBrG1KdTC9zb9wKcaxssLzz-g7DQ
x-goog-storage-class
REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-meta-
last-modified
Mon, 26 Jul 2021 01:41:08 GMT
server
cloudflare
etag
W/"4c1ad9b189d5f0ec0a687e464bb0c987"
vary
Accept-Encoding
x-goog-generation
1627263668774739
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=KqZV5Q==, md5=TBrZsYnV8OwKaH5GS7DJhw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1b6I3i%2F06HGUQHhcGe%2BjmzIVypS%2F0FS9eRBuOAsbjuUe5UkBIlR6U9c65UKy1lNBu6fIeiZetwZHKOkxomLGa%2Bl6bdEcwGpR%2Fdycws8VEgNxcw2gvG6Z5oJ9O%2FlFpkvvwbbQ0d0JHr%2FtS7qeSiTne5n%2FOBE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
6780
cf-ray
787a03b65f1b9125-FRA
expires
Wed, 11 Jan 2023 02:22:41 GMT
Mazda_CX-60_CraftedInJapan_Sideshot_30_RGB_5000x3750_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame1/ Frame 39DF
89 KB
89 KB
Image
General
Full URL
https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame1/Mazda_CX-60_CraftedInJapan_Sideshot_30_RGB_5000x3750_2022_Eur_Engl.jpg
Requested by
Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=9f38299&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=300x250&ap_DataSignal1=18271488133&jvxVer=2&gdpr=&bUnitId=2000&r=1673401960837244&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbk4VaBa-Y_yMM9angQf43r2oDcHP27FugdLOtOQQm6zz5fUKEAEg6qekV2CV4pCCoAegAebj3ukCyAEJqQL0mArAzgKyPqgDAaoE9gFP0OqQj1zXX10QETSzNPuDWTWVrUDCYI5VQVO-7XEtFGrG_2CI-eX9CUCydwK8Xk_2W_KOuP0XvpNvSok6D9nByAQl35vttu9BWRDI9XExNsBcnzcAeWG1o_4_Jgb82XnFsI5eu3BljIzXIAdKlcoR9p1Iq2lTUcgE8qZCkpD7znrnt3Q8Osoo2J4IKkrQ_LZ36jApgBF4U5c6eDWX-GwDnuVOt3SOelCK8xH4qa8WrdHwODrmjsciymBsGhoTSIlNSgBP3FyCm7f-gSlxiDjdFAkKKsJxygKQJ1t_jZofM2xj2Wpm3wdt4ZFjlEN1T3h_hNGhDLzABLTFzJONBOAEA5AGAaAGTYAHgpyhlgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE67_6BHQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM%26sig%3DAOD64_2Iyh533pqXAT32z0Zzz4hUU9kxzQ%26client%3Dca-pub-7945044863874787%26dbm_c%3DAKAmf-AlNKu3hxTAYt2qodZ0-U1E8v5CDlTmXjC5Ml4emzS56IFLtJfwgdERxBdfsYmEq7m025doQL68uULJopfqR78fmzz4yjhOO326YLz_tqj-JDsKpJmYaFtvO3o5s0YC-Ww7y1nLvcBcGjguTTg0zB6ywXo__5jfDbing__5zv7DZuu-vcg%26cry%3D1%26dbm_d%3DAKAmf-Bbb2U2CkRitXXimip4soSjhXvSAtLmmFOLBzn0s4Sd5SRjJniZIJRmkzpRCXJDaA6m68tmRf33aDKUI76uMoqM2mUKjTyqlWg2Pm8V12vsyMHTjcTtQbsEr-pdWIWBRntqL2azASULdRIIvjxwljm2anRN41Xgeeej8eR3P52nyaP80AlxZZo9UF-w8JFSi5RCyW06xSfKKT4A20PXYQsyqc1UNouimddQPEf2ZUeT673xIBrnOSTzjD0DwaGVsUX5HNXE3OMgmIOG7yZHNci8nWnSERepI3KUoUUxRq4FrUoZ1rkSCnsMdKJt6T4DyfV6hJBk_M5SW8f6pdkA_eWi-VG1TRL43J-mMLX__HXy5-rF9je4bEF5zndr_u68p9UZhSjUkH4YbQunbsVxfczsTtlpr0lWKLT1DjHbUA1JRXWGNXq8V3IiSFHJCTOzDnWo8YULtNEjJJGcDmW5cxyCK5rSKnzqzlfc9vnEhjZQ7grqy2yX1E0tGubTPb3fjD2qhbrwR8plEzU-1ivAXNEMgGhjfd8A2zKROV4QNfcmLSQlCGB_kmVQ1-krm465h43Ud2GW%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=9f38299&siteId=961ee94c58df6c&creativeUnitType=20&objectName=jvx_63be16696b1bf&adUnitId=2000&jvxSessionId=1673401961.7384&base=1&creativeResolveBeginTime=1673401961000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
815d7f7ef20bd5c135a52e1e083878e6d20650ad84af8eb5b043b0b7fcc0be50

Request headers

Referer
https://as.euw1.jivox.com/
Origin
https://as.euw1.jivox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 03:56:59 GMT
x-amz-version-id
null
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
78944
x-cache
Hit from cloudfront
content-length
90914
last-modified
Thu, 25 Aug 2022 16:13:26 GMT
server
AmazonS3
etag
"91a95a78c22bfaf5e4f167312947bdf4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://as.euw1.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
AFKMPfKAQh7RI1BoS2ew7-RP_CTQC6Dg4_e3rOJiI20nnXOpSb4tLQ==
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MC9iRGltPTMwMHgyNTAvanZ4UmFuZG9tPTAuMzM3...
evs.euw1.jivox.com/trk/72/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/ Frame CBE2
43 B
229 B
Image
General
Full URL
https://evs.euw1.jivox.com/trk/72/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MC9iRGltPTMwMHgyNTAvanZ4UmFuZG9tPTAuMzM3OTA2MDQ5MTk4MTM1NC9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2RheV9OaWdodF9Cb25kX3JlZF92MS9lc19zZWdOYW1lPUdlbmVyaWNfV2Vla2RheV9OaWdodA==
Requested by
Host: 2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
URL: https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-130.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:42 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
Mazda_CX-60_CraftedInJapan_Sideshot_08_RGB_5000x3750_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame2/ Frame 39DF
79 KB
79 KB
Image
General
Full URL
https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame2/Mazda_CX-60_CraftedInJapan_Sideshot_08_RGB_5000x3750_2022_Eur_Engl.jpg
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4198ed854fc2f4093439f29c056a0f955013371a5dab32b7a4f54f9d749ce38f

Request headers

Referer
https://as.euw1.jivox.com/
Origin
https://as.euw1.jivox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 10 Jan 2023 05:02:37 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
75155
x-cache
Hit from cloudfront
content-length
80476
last-modified
Thu, 25 Aug 2022 16:13:26 GMT
server
AmazonS3
etag
"2dfe5cf070a35eb1c15b6545feb57c81"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://as.euw1.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
rRz5rIF4jCZZNo7p5sVRvFRyP62W-5U1UIG9ddKInQhi9lgxvM5hsw==
Mazda_CX-60_CraftedInJapan_Sideshot_04_RGB_5000x3705_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame3/ Frame 39DF
226 KB
227 KB
Image
General
Full URL
https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/300x250/Frame3/Mazda_CX-60_CraftedInJapan_Sideshot_04_RGB_5000x3705_2022_Eur_Engl.jpg
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-115.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d506ba691828204decf56743298a71f336737fc4784a62d385dd85f002cb901

Request headers

Referer
https://as.euw1.jivox.com/
Origin
https://as.euw1.jivox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 19:02:26 GMT
x-amz-version-id
null
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
24617
x-cache
Hit from cloudfront
content-length
231716
last-modified
Thu, 25 Aug 2022 16:13:26 GMT
server
AmazonS3
etag
"0314acda47864f6a5f70c95e62ffdfc5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
https://as.euw1.jivox.com
access-control-expose-headers
Content-Range
cache-control
max-age=86400, s-maxage=86400
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
AsCWf50fUbIySKNWkVMS7k73D-SfrCzN9jTeBeEYVpzsDY__zCd7pQ==
logo.png
assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/images/ Frame 39DF
16 KB
16 KB
Image
General
Full URL
https://assets.euw1.jivox.com/widgets/2022/10/a72798z635a7f07c2ebd/1/300x250/images/logo.png?1660821971717
Requested by
Host: www.daisyyohoho.com
URL: https://www.daisyyohoho.com/garlic-chicken-soup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e

Request headers

Referer
https://as.euw1.jivox.com/
Origin
https://as.euw1.jivox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 04:27:56 GMT
x-amz-version-id
null
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
77086
x-cache
Hit from cloudfront
content-length
16349
last-modified
Thu, 27 Oct 2022 12:52:25 GMT
server
AmazonS3
etag
"7f0160e79867e7360cc692e067174aeb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, s-maxage=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
_mWzo9_HsIXz13HgYdfOND20BRotpuVY1lH42V7uSqmoxL8IaQioHA==
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79916e68e47ae76ec128ced0f78d883321bb1a30535072047237fc49293addd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11118
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0513762288381539&plah=www.daisyyohoho.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 01:52:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0BA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14894
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Jan 2023 21:44:28 GMT
expires
Wed, 10 Jan 2024 21:44:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2ED4
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38c591b4e825a0eb5e5d41a57ae2d1c27c9f49f85b8371a2bd058b43de4834e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M9HLp2JDdaZm0tovimzTkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.daisyyohoho.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-M9HLp2JDdaZm0tovimzTkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 01:52:42 GMT
expires
Wed, 11 Jan 2023 01:52:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame B0BA
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 16:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 16:30:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2ED4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230109&jk=797670582497272&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230109&jk=797670582497272&bg=!TU6lTgrNAAYDMoyoIzI7ACkAdvg8WhORCorfesZLtk-IKvzB0Oroylj3Gr4JCq6X0AzE6RU7JmZ_5wIAAABbUgAAAAJoAQcKAKvKP2dlJMFm4yIdiCHOb23Srv0n89S76YNHn_k8WlCv9vIDUOB9B5kT7T9XcVnKbe4xjzb8x1cRjymIzQ_7w8E196ffFkkY1rdpMNgk5i1kVkkDxDDcAGhoIBG2sitAZybheFSHHXbnndbpVydsn2s8sCb83SgL9ZPSZWcGatDo-8Dx1UJ450mLg1sF9g7Qdp9GR26o_a_Ax9yTsaC2um9hzsP5CXfqXzuOF5OZAqxpiKWOgHFUefji7tB68orafuUtgqzHpf11fu2l-X39NhFGSsepoUD5NtO2c-yS3CGV4VhnJiPiaRzfStG4KiDEkcViETkDt9hz2r3nI4XjV78RN1PGsA0Sp2JEAtlbP13c_NRNzlEx4tM-t1udNr7eqbUBpib2fD0EYRTIrSDqagYGD7E9T6GxiWnl2GxguV7FO0YX5mAPoLWxNvaSPnQA8JLNJGcO7nf6G5AQ6QFi8j93zD2bfef0rubadLxrbIHBdoUFT3PjdnD3wd-0sFKXDk7w894AigwajGvsM96_dd9u_9gt71dfsKLvHcjzygnnFbLmG3SbU5W_iszJ0Ob0ah1DIqg-JffQKnzBiWuGohbkxpPC_KH0aBKLKMEFyy9jw-KY4lZ7MjkExRgzubjs4nIa8WKJ1Ei5tH_5r0rL-pvCJUNdtoExxJzlaUm-GGad9MZBpSosaYnOR6BH8m4qMT4oeybudeEwCbGy5C82r2va_JNvtsJNpJeBSAqJt-wbCx6LVSW4b8-VgyMO8mdUjFHe8o-nKsuxxcvdIqg48NPxyaFHGaoUXaZmroXtKGao-0hGPs83UlvMFRGEeWAOcIpkhz0_SFQJowsY22M9fduOWPVoVmj1tjKHqY7eCAHlpq6yUcZJ2bIqf1ktin30dIvtJqJyQcuKIFNZrrhoTDxwjqWV95vyix8cu8eX2QbHxcPNWhWfio6WOZRXxvX0y9NISiRm6KnftrRG1HftZPjtkEMDdyOepG95Uhv_TDpvg0UnA6Iz5esH3ovU49muaOX846EaATPCnvkCbkqwMJKIzx5o8zaePPSM1q02Y5xEH7oHRl6zZHAa2ICKlx74qTsxYH4f_kAVjXVEaLZWcLbzMkBMVq0-Du_kvZXKA6BzhLb0NY5dQnpQ9IE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daisyyohoho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame CBE2
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9160128502802&version=m202209210101&ct=77&x=1&cor=3223242062219173000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CBE2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj3n_9SqcymM6zcJBlA9sADlnADJbuCqn5rk4_4zaiVlTpB9hGih5JvnVHeflmhG-hqPDf_TwVDQPmqJx7q8BxOgQfCnPluVBjPRaQBJ9Z93_jnCgl9ol7SITNjA3WKxJz_MS0NA&sai=AMfl-YQccaYm3TXMU9lzm-rzF141sWnd1qPXEiNqaCfUCQkR-q2tBUtaAfeT41qjQMcBTvZW3zobHenUeEqVkbKzsDGPudIQ1078BfnWmU3n2nshR7xQEuKlO65XjvEsA30&sig=Cg0ArKJSzEVQvx1nbBZNEAE&cid=CAQSPADq26N9oSzFbMnn5Jq-J2YZ8lUTOsaKKF7uh5mYdfWkouEtNMVQtn2yVkJz5hjovSBOkl0aqNKCYDfWjBgBIBM&id=lidar2&mcvt=1012&p=4065,196,4315,496&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2169949607&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673401961252&rpt=403&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT0zMDB4MjUwL3I9MC4zNzQ5MDgzNDcyODMzMTI1Ny9l...
evs.euw1.jivox.com/trk/73/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/ Frame B938
43 B
229 B
Image
General
Full URL
https://evs.euw1.jivox.com/trk/73/205853/2000/159897/961ee94c58df6c/20/jvxSId_1673401961.7384/es_pId_9f38299/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjcxNDg4MTMzL2FkYjEta2V5PTgwOS9hZGIyLWtleT04MDUvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT0zMDB4MjUwL3I9MC4zNzQ5MDgzNDcyODMzMTI1Ny9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2RheV9OaWdodF9Cb25kX3JlZF92MS9lc19zZWdOYW1lPUdlbmVyaWNfV2Vla2RheV9OaWdodA==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-130.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.11 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.euw1.jivox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 11 Jan 2023 01:52:43 GMT
access-control-allow-credentials
false
content-type
image/gif
server
akka-http/10.1.11
content-length
43
p3p
CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 2B28
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,174,273,647%26tos%3D2064,0,0,0,0%26mtos%3D2064,2064,2064,2064,2064%26amtos%3D0,0,0,0,0%26mcvt%3D2064%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2397%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D334%26dur%3D14976%26vmtime%3D2433%26dtos%3D2064%26dtoss%3D1%26dvs%3D2064%26dfvs%3D2064%26dvpt%3D2397%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2064;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1673401960946;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B28
42 B
66 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUkGOCCJoi1KhCNUSWPJiBZng_ak9Rjx8FTJP7HqfLsGuyDzn9WR8KGBQDdPxaIdVGTA_PbmYhIkrLcBo0eWh4RpumPQw_YxSsRkmrz-JQDBayXUxbocLQssw3&sai=AMfl-YSQ12U7zcoN6HA0-ME3d6v6DctmMaDypI_9BPOFLK_zjG9b6WXcJorod-0GfZ8vMTqjsra0l2Yxqxg2Mnw&sig=Cg0ArKJSzAYqGI9dVoZmEAE&cid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM&id=lidarv&acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,174,273,647%26tos%3D2064,0,0,0,0%26mtos%3D2064,2064,2064,2064,2064%26amtos%3D0,0,0,0,0%26mcvt%3D2064%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2397%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D334%26dur%3D14976%26vmtime%3D2433%26dtos%3D2064%26dtoss%3D1%26dvs%3D2064%26dfvs%3D2064%26dvpt%3D2397%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2064&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1673401960946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 2B28
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_Wii7S-_AIVlsHVCh2BUA3HEAAYACCgyO9XOhoItNzy4gMQpIj3mK4EGMD0z-EDILm28e6MEUITCMnU-oq0vvwCFSyFgwcdYFkMyQ;dc_rmcid=CAQSGwDq26N9s8EeZ2Syu-lqlx-JV5GOaF-bz24wbRgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,174,273,647%26tos%3D3494,0,0,0,0%26mtos%3D3494,3494,3494,3494,3494%26amtos%3D0,0,0,0,0%26mcvt%3D3494%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3827%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D334%26dur%3D14976%26vmtime%3D3863%26dtos%3D1430%26dtoss%3D2%26dvs%3D1430%26dfvs%3D1430%26dvpt%3D1430%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3494,3494,3494,3494,3494%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3494;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1673401960946;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2B28
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZjSVZxa-Y4mFJqyKjuwP4LKxyAyO8-WHbrm28e6MEfAuEAEg_vyMJmCV4pCCoAfIAQWpAvSYCsDOArI-qAMByAObBKoE_AFP0PnnmzFXZKlR1Irli5EATW6pCbT_3M5vncB5NS6N3bDmmoWmlK_M6R3uRog0FRHf8b28Q0HDXJP2zAtvhSx7eDeBHCciCmaSTPLTC16rS1xzSWHV2kXPbYN3vhumMfK2zeUEoE62qOR2b4zxJC1lVPKfYcJr1maDNmGkOnr82zm_mVaXDO8z90cF-GaW4Mm3pKwlPFqultZd3xYhEN7xkxUu7TwEZQay-BxfnFMyiBNCXsRsEDSqe58owc2tDDuYhHazjt10Un39lIw26uoAkPcEl7IF_loOpwdtvDsH4uJhpK3ejrUJfzCVXywOrxAgpN83XP0jjmBDX2bABKSI95iuBOAEA5AGAaAGdoAHoNbWxwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE72h0hHIE8D0z-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&sigh=U7sABJeOrXs&label=videoplaytime25&ad_mt=3864&acvw=sv%3D943%26v%3D20230104%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,174,273,647%26tos%3D3494,0,0,0,0%26mtos%3D3494,3494,3494,3494,3494%26amtos%3D0,0,0,0,0%26mcvt%3D3494%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3827%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D334%26dur%3D14976%26vmtime%3D3863%26dtos%3D1430%26dtoss%3D2%26dvs%3D1430%26dfvs%3D1430%26dvpt%3D1430%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3494,3494,3494,3494,3494%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D866185645%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3494&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1673401960946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0513762288381539&output=html&h=280&slotname=5917752188&adk=831136070&adf=2370072040&pi=t.ma~as.5917752188&w=821&fwrn=4&fwrnh=100&lmt=1673401959&rafmt=1&format=821x280&url=https%3A%2F%2Fwww.daisyyohoho.com%2Fgarlic-chicken-soup%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673401959279&bpp=16&bdt=893&idt=317&shv=r20230109&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1161921313003&frm=20&pv=1&ga_vid=809618810.1673401959&ga_sid=1673401960&ga_hid=2013717530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=195&ady=835&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44779794&oid=2&pvsid=797670582497272&tmod=988324775&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=elkBbElMjD&p=https%3A//www.daisyyohoho.com&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Jan 2023 01:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontentvisibilityautostatechange object| __core-js_shared__ object| core object| firebase object| _wpemojiSettings undefined| $ function| jQuery boolean| avia_is_mobile function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| regeneratorRuntime string| partnerResult object| pbfp object| FB string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint number| google_lpabyc object| gnshbrequest object| twemoji object| wp function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __buffer object| avia_framework_globals object| addComment object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| Froogaloop function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| $f object| _stq function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| st_go function| linktracker_init object| wpcom object| LineIt function| initialSizeArray object| reA object| reN function| sortAlphaNum function| moveToFront function| getElementWidth function| getCampaign_async function| getKeyword_asnyc object| ziCampaign object| googletag function| getCampaign function| getKeyword function| showAds function| callDfpAds function| __gnSendWrapperJSBeacon object| gnpb boolean| gnslibincluded number| gn_aladdin_vendor_id object| bt_data object| google_llp string| btadimpdbgcd string| btadimplog object| btScanElementsContainer object| YJ_YADS function| getGnshbrequestSlots object| gnParentShadow object| GoogleGcLKhOms

23 Cookies

Domain/Path Name / Value
.daisyyohoho.com/ Name: _ga_675FQNN89X
Value: GS1.1.1673401959.1.0.1673401959.0.0.0
.daisyyohoho.com/ Name: _ga
Value: GA1.2.809618810.1673401959
.daisyyohoho.com/ Name: _gid
Value: GA1.2.319225897.1673401959
.daisyyohoho.com/ Name: _gat_gtag_UA_99603078_1
Value: 1
.daisyyohoho.com/ Name: __gpi
Value: UID=00000ba0daecd9c8:T=1673401959:RT=1673401959:S=ALNI_MaEYD-zW2SvlPHzk74UoSoX2KJ_Gg
.doubleclick.net/ Name: IDE
Value: AHWqTUnon7BMA1LrdSUbhai0IxaO7EEKUWrg0LuXi2-ce1V4cD611UbR7vZPPxN5OTU
.adnxs.com/ Name: uuid2
Value: 8629738772509134873
.casalemedia.com/ Name: CMID
Value: Y74WaIBQ1FoCDPkPzAVyhQAA
.casalemedia.com/ Name: CMPS
Value: 3204
.casalemedia.com/ Name: CMPRO
Value: 3204
.breaktime.com.tw/ Name: cat_trid
Value: 499c8901-a0ad-45e3-a121-8923adf8c9d3.1673401960.7372437
.daisyyohoho.com/ Name: cat_trid
Value: 499c8901-a0ad-45e3-a121-8923adf8c9d3.1673401960.7372437
.daisyyohoho.com/ Name: __gads
Value: ID=9554b6abf29871f2-220fb55538db004f:T=1673401959:S=ALNI_MYZQjUWCTAYYuKpZSvBPpzCqQtuXw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.jivox.com/ Name: jvxsync
Value: tsAM5OLfRJOf
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?^p*mgX!]tc18i_iqf!oN/@E'zz<*Z0QkGZr<g=^0m?XltU!e*h<czJC!>H<?KGS]OATD._*PlZ[C[-kX-G%9C=
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~29cp
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 2642806603800526853
.de17a.com/ Name: guid
Value: 1.2172223256296368041
.yahoo.com/ Name: A3
Value: d=AQABBGkWvmMCEHYbDl9aFD_XLStSrx1LqQwFEgEBAQFnv2PHYwAAAAAA_eMAAA&S=AQAAAk5RF4nHDlOYrnLFFvJegiU
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5A2A33AD-935B-4798-BCA1-CC8F4E1A8672
.tribalfusion.com/ Name: ANON_ID
Value: aUnseFON6Jf8ZbUxrbOFRLZcxY7jt10RHcATmHWZbBd5lbIMGQONHTsmkqfxZcQesvkD5aLvQcPLRCVCrucg3Ya8

6 Console Messages

Source Level URL
Text
network error URL: https://www.daisyyohoho.com/wp-content/plugins/blogimove/fcm/firebase-script.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://www.daisyyohoho.com/garlic-chicken-soup/(Line 88)
Message:
Mixed Content: The page at 'https://www.daisyyohoho.com/garlic-chicken-soup/' was loaded over HTTPS, but requested an insecure element 'http://www.gobytrain.com.tw/Blogger/180x280.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.daisyyohoho.com/garlic-chicken-soup/(Line 88)
Message:
Mixed Content: The page at 'https://www.daisyyohoho.com/garlic-chicken-soup/' was loaded over HTTPS, but requested an insecure element 'http://www.gobytrain.com.tw/Blogger/180x280.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://yads.c.yimg.jp/js/yads-async.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230109/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=3046330951&client=ca-pub-0513762288381539&fa=1&ifi=8&uci=a!8&btvi=4&xpc=qwIAKEPb2x&p=https%3A//www.daisyyohoho.com
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c482c57a0aa146bffc1f3c1c1ab644f.safeframe.googlesyndication.com
a.breaktime.com.tw
a.tribalfusion.com
ad.turn.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
alliance.breaktime.com.tw
as.euw1.jivox.com
assets.euw1.jivox.com
bid.g.doubleclick.net
catalyst.breaktime.com.tw
cdn.euw1.jivox.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
cpt.geniee.jp
csi.gstatic.com
d.line-scdn.net
d5p.de17a.com
dsum-sec.casalemedia.com
evs.euw1.jivox.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
playercdn.jivox.com
power.adhacker.online
powerads.breaktime.com.tw
pr-bh.ybp.yahoo.com
r.turn.com
r2---sn-5hne6nsk.c.2mdn.net
r4---sn-5hneknee.c.2mdn.net
r5---sn-5hneknek.c.2mdn.net
region1.google-analytics.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
use.fontawesome.com
www.daisyyohoho.com
www.gobytrain.com.tw
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yads.c.yimg.jp
108.177.15.154
13.75.71.72
142.250.185.162
142.250.185.98
142.250.186.98
143.204.205.98
143.204.215.7
18.156.0.31
183.79.249.124
185.80.39.216
185.89.210.180
192.0.76.3
198.47.127.19
2.18.169.101
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
207.46.146.168
210.242.155.195
213.155.156.165
222.230.178.132
2600:9000:211e:2200:1b:5138:8a40:93a1
2606:4700:3037::6815:1950
2606:4700::6812:19ad
2606:4700:e2::ac40:840f
2620:1ec:4f:1::44
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200e
2a00:1450:4009:81e::2003
2a00:1450:400d:802::200a
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80c::2004
2a00:1450:400e:16::a
2a00:1450:400e:5::7
2a00:1450:400e:8::9
2a00:1450:4025:401::9d
2a02:26f0:3500:11::215:14cb
2a03:2880:f045:10:face:b00c:0:3
2a05:d018:d29:3602:8a24:a60d:c474:c49c
2a06:98c1:3121::3
35.244.138.40
52.210.237.130
54.72.240.102
65.9.66.115
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b6f5ec2f0f37052769275119ae272d64894bdb06ccbea463d20bb134a6cf44
070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3
072a80fcc0ce8a8d7f4e0dff662be638c6f5a63347764dfbf06677c102fb9f68
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d506ba691828204decf56743298a71f336737fc4784a62d385dd85f002cb901
0d7d8e63939315ca2ed7fbe3f7844eb9d0613221d291368cd0a1949103bf453a
0e6d7bf57fe842f07af5a2057639565928640ac5702e66f8501619e089ad1044
121107b054007b61a818eeec3d4ac0ce9e63b26a85295ec34c02993fe1d9a835
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13fef5261e3eb60af4bc574b2a3d350c8755336ef8d093b51cdc932cadb264c4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
1cf8ba0f4631a85188ec997a93dad46d37d03750f5a04cf288282a6f41678a21
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f02bc212452001a63c090352611088cceb3405f90b4c7d8e9cefaef6da31c11
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20cbaf97ecabe3b31a0f791790685ee5d5a66dcd2aee480d8153fadd05ca9028
24516b0f22fc3aff2ef7b9a75f4ff20d5e96e0eaef35e222b6e6035c648966c2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2607914525cf6c6fec59c2300aaf27b817acf31117394d1bb6221bd3576499a2
26bc552510d894ef4dc3184b6fe93abcdb931f09319034d9a5ed7d39bcdaa491
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2bb1896521ee1aee3c66ae15726645db752297e0975ef74027994eb83c428f5a
2de698757553663e448aac16a434e4a4696a16005ea211829f570b8ac1c99ea8
3074209502ee3d9b4a1e1df40857995e865f0b6e6d38fcbdf2982ecc52159800
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
375bab585cf2a387b8061143ca2f4b310c6f68511daacdc1d45cdeac8005db45
38c591b4e825a0eb5e5d41a57ae2d1c27c9f49f85b8371a2bd058b43de4834e2
3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee
4198ed854fc2f4093439f29c056a0f955013371a5dab32b7a4f54f9d749ce38f
41c6622647cc1bb0c11c31d24447f4424d5c809b208d57a4fd67b5992034be46
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
46719fa6a1e5d4daf4e8ff743b0a53c3703c9592deee31b3345527a1cbc71d67
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b219a891dec59d546694cd0953e973f8c19eafa07744737e19f8add53c2ec13
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517903192a6b3a90c46b06a5e7615b5a4e477c03ac78af7e32e1df894152e24c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c32f8594fce5f46ea5717bd077b1eafa996a51a510d34f5252e9621c0ebcbfa
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eaa7ae6fb8ca45ea23ee68ca4718276199cb8aecaffe34a1d833c6ee50d3c3f
610fb0782c7e2575c34e540e54932294b4143fbf7ef368027e799ce586a82c76
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
669aa35a680d54f4754cca415cdd201c9a189011623545abb4993a844ad1ad67
678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6e2e396f0365ebac168a7d2f947ec53e460e1deffa440dde0438773cce04a99f
6f651b4f2f09d058595086b35779b5a1fbd0f69d47b5de397095a47bd3b39ba1
708107634452c8e1aef7cdc480c1b973a65109826112b3bd6d277558363040e6
7094cc13daf5bf576a6e288c77ed80f21f90fadd8271156126c20ea4fc66e40d
717a2d98e2cf83ac66db4e4a3843ac5f21b682d1183b797625a64700ee519bbc
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e
785ed84dc18246f427059405397b7eaa004815650b2a6ce68dfe10d1c59d197f
79916e68e47ae76ec128ced0f78d883321bb1a30535072047237fc49293addd3
7d3ded0bec7cdcb03de8134cfee3ef80a49ba441eb32bcd26a0ab15394814116
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
7f2ca409ccc7a7fdf7dd155ae62b4c42236c221ec31d517b3cda14d903fda69d
815d7f7ef20bd5c135a52e1e083878e6d20650ad84af8eb5b043b0b7fcc0be50
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8cac8d0519195d9dadf4e35d8de44b6a7a11912d994c356616236f3b61172bba
8d85640ed19bf877a704d275804e8608d52e9201417e41ca3042abca7e48564f
8e7fdb4d9f444a44d1c1dfe1ade065b7c16e61b8bea231a616b347effa35359c
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
927b7f3d509ad875c625836a864987899c71d6f7e7b81e2d01b3322226bb42dc
94d3ed7d9c03a28ef107e4fbcbbc6fc1777cafa403f0d4470d5ddc437c77ccb3
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
988f4ffe9da8f33bc22c6668f1a3ac2e486c80eb752fce5df501959224554dcf
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab36dbc9e47783d6a1cb932806555de5a8248bca20688ae5ae8e063d63550a9
9d260679b15aff8c4196b7a7a60eedfd638c1536ad2c297e03309b08e3bad763
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f
9f4fff267e575509a2fab753d83a325fdf8bd3d24eb7c21674a588191ec0599e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81f46aa87b0fb52219df41f92e726a1c38ead6eb3122eb1e283a5279bf3dc
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1117fdc5952f4e54a862b9180f2b9868e28f72d6ae3891185e852d3c2e94420
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a610f00e7b57d9f36954b8da1d5f4dc439cb10cf2d9486d0cd5a33a93ad84552
a74f21f2af9a33d4fa151a40717e410cbc73f8dcefed9b0bc1401ecdfb80db8a
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa8c946cb3e5676f2c208b9543ade0b4bef217805746342961eecad5964d2cd2
ab02c043a24ad1cd6d31b619f509cc3188ab340d248cfa4cada5ca27500559e0
ace46613384b41a0231a6eeb9f59df1fc3375ea41d0f0e398dfcb426700bf92f
ae43c598938e35e9110ec0864a4e602e41041594fa364343bb9a8d1631778ba1
b11e7207a9d3388f75af88c644f1c35cb0ff31e95c7308387aee62fd38f4d811
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b1c7737c389465a1dcfe9cfe315203c661576c9b9dadc42b8df004f9c0ffbc43
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9e0bf67417b4052d1e827408bfbb9dcfd1b811fd20149b83b811cfa86401d82
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be611e9fa69d7565e64e93e5545e1d9a680dda0cff4ab7fb41fe4565e3d4474f
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c370289dcbd2b6fed53933a7e342ce3f1201c1393020e6ad3f69ec86407636
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c903f39a3bbc7bc61b7072554fef65730f908201bc55b2d39a65c2152844bfdf
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cdc83d194a4957bd5c24ea0e9e82ea4e7e56c4390d169ea266e234117474739a
d242c3508886d21c567593e72cd4ccacf43bc7c2064a74c201b700b8237c6b61
d28579226291bcc75381cc69fc59b7c88631b56cf6ee2ca63041a7cabe72a81a
d2b038a76d94d4a96684075d24b196a8ac389644adbc27946337ad0b2ba17445
d4021aa8689373e259774172ba7c644baf410364dce9fae0a9a49909f1b05a78
d5167bd14eb7624ba5762ff8ea95c05ba443e9a782b984d7e752fde27492dc41
d5f90174be47121a3c746ae751e23d7f6e0f0dd52237c0c81a20598a22cf2c05
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42
d8a685e465b5d942658f45adfadd3c125008e85bc9c46f6695b872a098c01a1e
d9d3c19d4a59cbfed2dc374a1cad5752201337f20bdd2e6d16b140ac60f7f5f7
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
dc0684993fd1bcd1afbe3818f197599c1d53e25fda9e9b1eefd387969fba442c
dc501df06db006a5be5c42f9c89ff233375874be0e179844afb892e95f727ea6
dd1e60b7df3ff6d7e4b6c1af3c71a8f6c28ba582286791ca14746924912cfb2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df39ea7353fb9f15866361bf8fc51fd391637fd23aabfed76eb97762c7dc8680
e0db89aef1fbc88cfb405acfcb99f3919bcf39d335e9f1acaea7a9a924766d1e
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e49a9674c391229b89469f41d2f087546bf61d57594166b73ce0064a7136669c
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e88723e14945a8eb059bfa3c7201cc849b45ff414b6aef581fd62a91a8d8505d
e937dd960c0dc96cee987a9e21f1f01a6b9106e80d2e9c5db78dd61e5aaa77e3
ec86f5383d172965e48dc7a61ddf129e28e956b6442b8eeeb19c7a43ecfc0b61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a89febb2897c1c138bfbd55d807120c516f1d65c17a4e393692f4e56fefe13
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f650a0228f1304804af405d348961299216c54065321bab351283063c793cd1e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
f96e8c5673f6b4985309afc495f9c3e90ca5408b852a7c9412f8eaa6fe00d6ba
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
fda37ba2e31fb2dc81e427d724105c2a3785f109d553137b12e54df2bc5e8ea7