www.u2interference.com Open in urlscan Pro
172.67.69.70 Public Scan

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 02 Aug 2021 10:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:55 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 37ms
37ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=220410098018654&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1604587c7b619a47b657d11b72a90126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ej+9/YG4tLinSLN3PQ9A2drmaAi5IYB2ZbPlVFYANpb54W2bN7A+9ax2nWJHAOghGltIqWCx9JWI7un0o1a6zg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 02 Aug 2021 10:41:55 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.u2interference.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 555914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
66 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8209282c208742c05529d76db26e717629acc5bd905921a3a86ab6e219a10246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67302
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Aug 2021 10:41:55 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.u2interference.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 526053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 282ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 282ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 673ms
659ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387092612201918&correlator=457574800680084&output=ldjh&impl=fif&eid=31062077%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1007032%2CSK_728x90_Top_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=Location%3DATF&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627900915&dt=1627900915849&dlt=1627900915539&idt=158&frm=20&biw=1600&bih=1200&oid=3&adxs=216&adys=289&adks=1303692345&ucis=1&ad_type=text_image&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1168x0&msz=1168x0&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fea9df44cb4eeedcf014b950b613923c952b15fa5fed9ac988178a8e0b941a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7436
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6921 6 KB
3 KB 28ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 250 KB
93 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=pub-7757781251671730&plah=www.u2interference.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95279
x-xss-protection: 0
server: cafe
etag: 1002108113196412170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 887ms
887ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387092612201918&correlator=457574800680084&output=ldjh&impl=fif&eid=31062077%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1007032%2CSK_300x250_Top_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=Location%3DATF&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627900916&dt=1627900916191&dlt=1627900915539&idt=158&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=327&adks=2415487666&ucis=2&ad_type=text_image&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4a032187d4bcda01fd6c6688eb7e47ced6c132bf894b2bc05f3204507e98933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7534
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u2interference.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
27 KB 1241ms
1241ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387092612201918&correlator=457574800680084&output=ldjh&impl=fif&eid=31062077%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1007032%2CSK_300x250_Middle_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627900916&dt=1627900916224&dlt=1627900915539&idt=158&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=927&adks=2659638037&ucis=3&ad_type=text_image&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x10&msz=300x0&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c6e49b901aef52b7951dae56c161ec3b50041f48709bb9847bc760c9de6a5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27294
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1786ms
1786ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387092612201918&correlator=457574800680084&output=ldjh&impl=fif&eid=31062077%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1007032%2CSK_300x250_Bottom_Right_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627900916&dt=1627900916231&dlt=1627900915539&idt=158&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=937&adks=4193009919&ucis=4&ad_type=text_image&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x10&msz=300x0&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b76ed305a33524931e29c3011ab0311a6fb92181a59d3700e0210dde314536a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7406
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 2134ms
2133ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387092612201918&correlator=457574800680084&output=ldjh&impl=fif&eid=31062077%2C20211866&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210802&iu_parts=1007032%2CSK_728x90_Bottom_Primary&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=website%3Du2interference.com%26page_url%3Dhttps%253A%252F%252Fwww.u2interference.com%252Fforums%252F%26page_path%3D%252Fforums%252F%26vertical%3Dadx%26network%3Dnull%26ForumID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1627900916&dt=1627900916258&dlt=1627900915539&idt=158&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1104&adks=1600680585&ucis=5&ad_type=text_image&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd60bcb1e35e655a07ed85ff9f0fe6d07e748ea49864a71ea4b1781e67089942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7344
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
411 B 17ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.u2interference.com&callback=_gfp_s_&client=ca-pub-7757781251671730

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=pub-7757781251671730&plah=www.u2interference.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0f4501002a271cb3b97c4905d04946543414ec9b191d78c816ab27c06fbadcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C39 430 B
408 B 103ms
102ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7757781251671730&output=html&h=15&adk=3406333225&adf=849290308&w=728&lmt=1627900916&channel=2109660748&format=728x15_0ads_al_s&color_bg=0a837f&color_border=789048&color_link=FFFFFF&color_text=333333&color_url=666666&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627900916112&bpp=12&bdt=572&idt=168&shv=r20210728&mjsv=m202107290101&ptt=5&saldr=sa&abxe=1&correlator=6278325752013&frm=20&pv=2&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=387092612201918&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TZP2FkB2C7&p=https%3A//www.u2interference.com&dtd=183

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57099c88c533568fef24578c5c5facf4431ea568f1fe0ec358c98d79aa518da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7757781251671730&output=html&h=15&adk=3406333225&adf=849290308&w=728&lmt=1627900916&channel=2109660748&format=728x15_0ads_al_s&color_bg=0a837f&color_border=789048&color_link=FFFFFF&color_text=333333&color_url=666666&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627900916112&bpp=12&bdt=572&idt=168&shv=r20210728&mjsv=m202107290101&ptt=5&saldr=sa&abxe=1&correlator=6278325752013&frm=20&pv=2&ga_vid=781695878.1627900916&ga_sid=1627900916&ga_hid=306391273&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=293&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=387092612201918&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TZP2FkB2C7&p=https%3A//www.u2interference.com&dtd=183
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 02 Aug 2021 10:41:56 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 02-Aug-2021 10:56:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:56 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644667915703"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-32C473VFPP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5023ceab9ec8538fdb1e1216afaa4a3c93f9af7d778acdbf91c4ffb7fdd20f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51071
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5295
date: Mon, 02 Aug 2021 09:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 02 Aug 2021 11:13:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 16ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72CMXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: OPLLRM8StHItY0GTDCiXmpgrIliyzEVVdkjzX5Ij67NnVCoWl7w3VD/37ArQRKSad2Xq3oHSkcTUMXWwWxr1Ng==
x-frame-options: DENY
date: Mon, 02 Aug 2021 10:41:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 result Show response
www.u2interference.com/cdn-cgi/bm/cv/ 0
560 B 21ms
20ms XHR
text/plain 172.67.69.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u2interference.com/cdn-cgi/bm/cv/result?req_id=6786b250edcc2c36
Requested by: Host: www.u2interference.com
URL: https://www.u2interference.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.u2interference.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: bbsessionhash=4a301220164fa567591fd2639db4c342; bblastvisit=1627900915; bblastactivity=0; PHPSESSID=k07ieeop0rm32f33j931r82nv0; _gcl_au=1.1.1793748564.1627900916; __gads=ID=2adef3f26f4a5a1c-2292da3487c9006f:T=1627900916:RT=1627900916:S=ALNI_MZ-4sfVE8iE6ALEMBkTdo12Jrqo-A
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=6786b250edcc2c36
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.u2interference.com
referer: https://www.u2interference.com/forums/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.u2interference.com/forums/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZtMC58B0AhzZTacs7YUoA214yjDZJ83s8gGkqhEc2k9fW8LT6FYjE9G9TSog3dpWrlNHyAZeq1%2BnQ%2FKZG9306C6uPjfOdlY8J%2FpCnqvCqFVma65YEQO49OaeXX3b33LJeYsssMqETM%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=bf8f4f63b5b02fd901251a642d404f2db40635cb-1627900916-1800-AaI/HaddwHg1g1NYlJxM5m/H3prD/+gJrNS4fT+LHBkZE+Y6spvZcHXNs51DhMzBAQfpUWpycclj+wuaFSzqtihjMaKPkG2q65GSQ0WIyvlmJttM5KPZGpTafPqxM7i76QF3XUIJ7ERcAVsPV1BXXgE=; path=/; expires=Mon, 02-Aug-21 11:11:56 GMT; domain=.u2interference.com; HttpOnly; Secure; SameSite=None
cf-ray: 6786b257accc2c36-FRA
cf-request-id: 0ba80dcac600002c363abe1000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=306391273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=U2%20Feedback&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=412187892&gjid=2048719159&cid=781695878.1627900916&tid=UA-59880719-6&_gid=1927147617.1627900916&_r=1&gtm=2wg7s0N72CMXC&z=455415011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=306391273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=U2%20Feedback&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAAABAAAAAC~&jid=565646612&gjid=1129030654&cid=781695878.1627900916&tid=UA-125129-18&_gid=1927147617.1627900916&_r=1&gtm=2wg7s0N72CMXC&z=596529930

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: um6YkbH+vFyYisR/soeevF1FrYiFTSYh8VWEot5e6t5qIYiAzfmRBQBvaAz+Zby4152fVhzPDwuGmYRa4NarhQ==
x-frame-options: DENY
date: Mon, 02 Aug 2021 10:41:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 351301425239951 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/351301425239951?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d6dfbd8b9453d1ad8c94c018742447491686813dda09d341f93b71e65b88342

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: OrH7JXfBfP04iCB97RT6FX96lvVeVzlzM1ZmK+ZNVRvaC6PlMWye+ut52FdUzd783JgJbOLyd4mglMekRVemnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 Aug 2021 10:41:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/Lc7zCIOnpdkBEK3JzdgD/ 2 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/Lc7zCIOnpdkBEK3JzdgD/?random=1627900916479&cv=9&fst=1627900916479&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30655d4fc772f94628e42c69d03149ed4df590136d9818e6c8f301ae16637ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
12ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-32C473VFPP&gtm=2oe7s0&_p=306391273&sr=1600x1200&ul=en-us&cid=781695878.1627900916&_s=1&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&dt=U2%20Feedback&sid=1627900916&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-32C473VFPP&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u2interference.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/?random=1627900916479&cv=9&fst=1627898400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&async=1&fmt=3&is_vtc=1&random=2258200528&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/ 42 B
154 B 18ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/Lc7zCIOnpdkBEK3JzdgD/?random=1627900916479&cv=9&fst=1627898400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&tiba=U2%20Feedback&async=1&fmt=3&is_vtc=1&random=2258200528&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=351301425239951&ev=PageView&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&rl=&if=false&ts=1627900916532&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=62&fbp=fb.1.1627900916531.1488917091&it=1627900916446&coo=false&rqm=GET

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H3-29 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 30F1 6 KB
3 KB 22ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD74 624 B
299 B 18ms
17ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNUEZtJutxi-qE-eGiPgRwJDxuopl5RGXNkmJvq63o1EWjhMeTOmoEIL8h_Xt75h0OIKQH4GJt-0YSrjSam5I-SJBdZmXj23le4vPI16ooMdtdwRF9pyiEMzYy-X8MCUbmQzpkkSgslvICIzHZPzzEyXUrEatXNmeITH0cGMFQvNdLCpweM

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNUEZtJutxi-qE-eGiPgRwJDxuopl5RGXNkmJvq63o1EWjhMeTOmoEIL8h_Xt75h0OIKQH4GJt-0YSrjSam5I-SJBdZmXj23le4vPI16ooMdtdwRF9pyiEMzYy-X8MCUbmQzpkkSgslvICIzHZPzzEyXUrEatXNmeITH0cGMFQvNdLCpweM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlD5-s9T1rNOS23KlLOzhaffFZjtZZ5l7l3Le31qEECGNwfy3TyVAP4Oc4N; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 02 Aug 2021 10:41:56 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 30F1 60 KB
25 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ca7WUJxLS2kGgAZ-YaYB2AiDad2Ih72wupg-AyzosQXpXqOZ5D5AXaoGQfSCoV5uYhwb1FgnrInvp4ZlDVNXfXSet6EhwWKrTz88lh9i9MQ_RE_NHH0ag58QaoEeVz38kIqHJag60BM619q0vNms4ewLzEew&dbm_d=AKAmf-Cvmrt1S84Li48ZOVmuK59NME1X7Rq-PU5G4vVQFaG38e9G_RIzcjeP-rhe8peMfS_02VZ3vGPD3q9j9N0kwq4uNXnel1o8swl5ytsKeDMJod80fWCKtjQIkUVlYBYaz0Wu6BuYzJRVvfJ7yiQaJZCrfUDn8clvilfxMsxla4BrERaBK2Jxa5FK_wcdY4CtUEDvoG8Ssr85d6G3GFnCcxClshWM8XleHAUXbINik8XgGUYdfLGLItkob-w2waQx_8UbY_JbC72mPo60cCkjrNRjQatvfXC2u1zYbpp3KgQNSEtIYnBsznM4EAsyS9_sdDsybgqn1Wj-qngbwcJi9mHzPvyEypdVrOavEVcjRXC7qTytSaHQtS2vNuWmYF9OXIvs2nofUS5eJ7PSn1iH94c-i96i2NZ_5RietsFzHxkIQz7p41HAlgYBED2cABZcIu_ofAhaL_C8i_GZrghLq_HGwc-3BTG9ga0fhdavX-Yg7iIyVwzOHd_o7Eao31AOwkppwkkrXGKCA_knwZlkk3PS5WXmGNhOaC00wwdwSXfQRBj1rFmSnPdsh_KTYMuERpgma-aJyd2KA75UEs3fkLh576Iz56n_owJjW4WFUs_0zuxU9PgiklbRMZ9akrGzPXDJYWn1Lkdhu9wiJ_McwhXSBdsHH-RC-6rPVxVdCLEtcT-xQuoLzIPDs6IwHBA8VtJlsNTvNXupc3Ia_NSDjpBP4GPE9VwSdeSC9qFVbQR_tNAR_iOGohRd8jDt5Af3FmGsG091FS5RMbGak8TeYrHkXc1BqCvvZu-wSKz_nmeHEgiIiLnJZjfI7P5JDoTLkLUIvybnz85Fjp6I9VJ-jfL9XWgS9sNL9FsODVDD6WoHQuE3TVn02UKjIlCYsI-IwzjeRfVJLsulhJkRXgztyEAaqLl5vei1rbXT9Xe4iBEWhFsgFiVwqkd8CQQ4gKgY08Jgd7mKUfEV13Y3GTdhrRP-T66umA_A8-AdhGEEj6oX-ZsJxP7WkcdsoJ-nUGdfgcX8Sr_mAUB_sTM5xRdieM4ZNbjtiNeuFUkVCbGXimjhynNF2O1BL1m0lOh6SjCI0hB0BjcuL5bTeM51vD8Tc70IoJ2clQsJ_iJUTxbrX2mHDPrr-V3H1Uu2PbRnmwzOB384kzuKM8a01b-yr2SRvuaUd9ht4a6fGGZzRLxOvg6o0QlC0Kx0Fr4uIKURM70Yn_CzGIIOz0g5Md8iRIikGE8Vy7p3384kD8wj3O8mCwmn3DGbmLiccXHSfYiBjBaaVj_ZPJvIiCHwzb0CzC445BcwWJRBiWZsov4RmnxYoJQhPMu6NplVZ7F1ppnJZcOg9uo9DIjFMqJrKuVI-BKOU_naOhXb-1jCTXvwbsvgn84U9wg7OqN5FwbceWrL5tIP4LddfGRgH4o3UjtaXssq1m092_JUMRLwlKoiM_piklyKJmsoTNlInkm6NEmUMLB99-tElpJNME4UL3LLa_AmhcJzewA2PebFtu1guqGYgwxkt7aeKNIFXSscZsB5HGDO4GvS92CNlXJC3IE_cAO8N8vIyoFiKUbK68aaxALzhme3uQJGpIfyQRa2mXRoiMq5pVc3_mRrtQ2ZnFfyBE6-ILo00CCnw9Dhvxah0ubKoqvv4sc6wKucmmBWtd_qhXm9vCr0nr_NUzqLxEXqD4eZEV-3CfmR96lSyQLCqwSyYnK9dOluR5r-nEtHV96N95-QGfDyChFM7NmtPuXFktlGPQdn8Vcyf8Ijw0t60g_FDARDhdGrN7M6cejyRLGp3OVfqLKFDzaLtPgjzWL3443XfPloTaOZq7OTqxF6nuwAIAee1CZv9VD1-s6tzGuEOe4jXX9ibfaOhzeKVn6IWZw_ZlqHcDg57SM-O4BlTfeEanXH2AQRJo6vcPW0eWYKj0_cdE81xoDdNPKZhOyFe826_kHyFlNyM0XDCMS6hf0k258Ded7b591S4phauQBLqSVWMdxABdcYYHny7DyINd3G2epGNWE0WDAs010zpJIR-TXi0C3PejuW_nHeZiSZDaWS5JiTvxdVF6L8CrRFj6LAFWbIsU5ERDGZDTQe6gCzF-WIVgWp0vInuI5JiF7axEtEzqOBmGJFfBZVjZPqBRiu0rVbwg_vtBrRnDqBev1EzWlNQMIC4-npC65C8X1JerHVME4nNpyCzSb25hvkZNJ-90BTvDV1BIsyEF71C2D9r8kLwyUqoo-MiYPEilyATJ4MGOU4rUUyEV0O0V6ejoDvvZgCA2V5ugfgONelX6Z7fcJg_cKPtPVxITRQA17yqdFc4XmOnVsa8tuGDK16j9qphuMw8rfBNwLeF6-8rETahAP69hy5TpiBM3GkBOmU_Qqk1LY45y4ktlpVBxmsiVZt3dXwg9BJXknmxLdQjNwXr43xpIyQAa3uxVZ3IcIAFkWIbVaAFkSodZYqVI41xBbBca8unmB9FkJh5YqMA686xxVjxggzbx9jcRnpd88FoGDRYM6yvnO1MPa4ig0M7rdVfEfP6lCFPmPGzCJgDNlmtLKwl1TsRhlLVfoPet6RWkOlNhjps1fE6WotzYlzFs0lu1YVxjgLJjY1ciyWOvJ7MSmPuD-OWLtTdLW3SFBCWRVDjtE8qQ5B7SDBXwCVgzflQgsOt9n7LL8DVV4wgnDVXWrFi-XG0zAXh-n_rhbByDlN_Ood1Vqvsmpk8QHfzcsssbaBmtA1vHcqBZ3sxavTZUWr8mCY_HXFgTRy3PzeSgzhzhovxZZ8WIlXVb2MgYWAta1jvIwICZdD2OIRQtpBx_8f3rh0UQ-WS3tmyX5nG6Z1taPXt6eHx8dpAB50nU-bcxxlJ6Qv5OxHTplBQZ8PaDlHpj6ZqyzQ4qqca2CrIpxKzoLVaqc_wPSIdz4BNv5NfHWmjSQiaBdyOvVdEdkD3T9BbL-lMwUC-ffPj1ftslfS-qmTvzhBgQ3cW8Sciy-75HgWk1JULj3BvhbQKw7zjjmzJC5KENr8T9-aISKNr9Qd94iVcUGLA0D-eLkc42RxM6PR1VrMS6pa9h4r9AX8f8wg27QFwUP0LppxuJsPw7DoE5bJXJesSx-OC48b1SzxuBrRv5TEE1inaLovNEZeebnnt3Zec7MEAhLUny2mECiFhFFKtSvjJ7HuiSdzFEThnjyq22oo8hu6jc2rXD4KQiKkfcDMSsc&cid=CAASFeRoCI-6yLe_TGzMCwGdKXBcpLrydw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fdac4abecaff51d3c4bf474b73782f7f5bbd3e62d93f0f8f260aa7c5324df2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 30F1 42 B
63 B 28ms
26ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-KZ6xey4goFXAXUWykJQyhyzigE3dkuKg9306Ki5vrYByvtwuvA7Ye6q73ncseGCTxQe3MHFhruOdo_WbleNkC9JdXvuNorHp-I8oer0Aj618EIU

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 30F1 2 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30F1 124 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 30F1 14 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 30F1 0
0 24ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvbY3n-IpNcPLhf0pyGpfCJQ-W8haPGURdNU44w37_WyD1AHzCJQh0jrb_FTw45ITW1c12IbUDN4O8zJAAf-ZYrsJroQ
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FD74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1

43 B
1014 B

28ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNUEZtJutxi-qE-eGiPgRwJDxuopl5RGXNkmJvq63o1EWjhMeTOmoEIL8h_Xt75h0OIKQH4GJt-0YSrjSam5I-SJBdZmXj23le4vPI16ooMdtdwRF9pyiEMzYy-X8MCUbmQzpkkSgslvICIzHZPzzEyXUrEatXNmeITH0cGMFQvNdLCpweM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:56 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FD74
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfL9P3nMwlYli0PN5wX8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNUEZtJutxi-qE-eGiPgRwJDxuopl5RGXNkmJvq63o1EWjhMeTOmoEIL8h_Xt75h0OIKQH4GJt-0YSrjSam5I-SJBdZmXj23le4vPI16ooMdtdwRF9pyiEMzYy-X8MCUbmQzpkkSgslvICIzHZPzzEyXUrEatXNmeITH0cGMFQvNdLCpweM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFo91eLCo2CNNLVNfW6XECg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame FD74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELYgJegAEbx-Ra0ntb2EmMs&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYgJegAEbx-Ra0ntb2EmMs%26google_cver%3D1

43 B
1 KB

20ms
19ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYgJegAEbx-Ra0ntb2EmMs%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNUEZtJutxi-qE-eGiPgRwJDxuopl5RGXNkmJvq63o1EWjhMeTOmoEIL8h_Xt75h0OIKQH4GJt-0YSrjSam5I-SJBdZmXj23le4vPI16ooMdtdwRF9pyiEMzYy-X8MCUbmQzpkkSgslvICIzHZPzzEyXUrEatXNmeITH0cGMFQvNdLCpweM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:56 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ad51c33f-a5a5-4bc6-af53-b61100a240a1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:56 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 42af1bc9-b8d0-48b5-9178-c8403ab3ac7e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYgJegAEbx-Ra0ntb2EmMs%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FD74
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE0MjMyOTgyOTkwNTcxNTQzMg%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE0MjMyOTgyOTkwNTcxNTQzMg%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:56 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f511068c-ad35-48a6-93fa-ad8f0d37304f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjE0MjMyOTgyOTkwNTcxNTQzMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 30F1 114 KB
40 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 30F1 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ca7WUJxLS2kGgAZ-YaYB2AiDad2Ih72wupg-AyzosQXpXqOZ5D5AXaoGQfSCoV5uYhwb1FgnrInvp4ZlDVNXfXSet6EhwWKrTz88lh9i9MQ_RE_NHH0ag58QaoEeVz38kIqHJag60BM619q0vNms4ewLzEew&dbm_d=AKAmf-Cvmrt1S84Li48ZOVmuK59NME1X7Rq-PU5G4vVQFaG38e9G_RIzcjeP-rhe8peMfS_02VZ3vGPD3q9j9N0kwq4uNXnel1o8swl5ytsKeDMJod80fWCKtjQIkUVlYBYaz0Wu6BuYzJRVvfJ7yiQaJZCrfUDn8clvilfxMsxla4BrERaBK2Jxa5FK_wcdY4CtUEDvoG8Ssr85d6G3GFnCcxClshWM8XleHAUXbINik8XgGUYdfLGLItkob-w2waQx_8UbY_JbC72mPo60cCkjrNRjQatvfXC2u1zYbpp3KgQNSEtIYnBsznM4EAsyS9_sdDsybgqn1Wj-qngbwcJi9mHzPvyEypdVrOavEVcjRXC7qTytSaHQtS2vNuWmYF9OXIvs2nofUS5eJ7PSn1iH94c-i96i2NZ_5RietsFzHxkIQz7p41HAlgYBED2cABZcIu_ofAhaL_C8i_GZrghLq_HGwc-3BTG9ga0fhdavX-Yg7iIyVwzOHd_o7Eao31AOwkppwkkrXGKCA_knwZlkk3PS5WXmGNhOaC00wwdwSXfQRBj1rFmSnPdsh_KTYMuERpgma-aJyd2KA75UEs3fkLh576Iz56n_owJjW4WFUs_0zuxU9PgiklbRMZ9akrGzPXDJYWn1Lkdhu9wiJ_McwhXSBdsHH-RC-6rPVxVdCLEtcT-xQuoLzIPDs6IwHBA8VtJlsNTvNXupc3Ia_NSDjpBP4GPE9VwSdeSC9qFVbQR_tNAR_iOGohRd8jDt5Af3FmGsG091FS5RMbGak8TeYrHkXc1BqCvvZu-wSKz_nmeHEgiIiLnJZjfI7P5JDoTLkLUIvybnz85Fjp6I9VJ-jfL9XWgS9sNL9FsODVDD6WoHQuE3TVn02UKjIlCYsI-IwzjeRfVJLsulhJkRXgztyEAaqLl5vei1rbXT9Xe4iBEWhFsgFiVwqkd8CQQ4gKgY08Jgd7mKUfEV13Y3GTdhrRP-T66umA_A8-AdhGEEj6oX-ZsJxP7WkcdsoJ-nUGdfgcX8Sr_mAUB_sTM5xRdieM4ZNbjtiNeuFUkVCbGXimjhynNF2O1BL1m0lOh6SjCI0hB0BjcuL5bTeM51vD8Tc70IoJ2clQsJ_iJUTxbrX2mHDPrr-V3H1Uu2PbRnmwzOB384kzuKM8a01b-yr2SRvuaUd9ht4a6fGGZzRLxOvg6o0QlC0Kx0Fr4uIKURM70Yn_CzGIIOz0g5Md8iRIikGE8Vy7p3384kD8wj3O8mCwmn3DGbmLiccXHSfYiBjBaaVj_ZPJvIiCHwzb0CzC445BcwWJRBiWZsov4RmnxYoJQhPMu6NplVZ7F1ppnJZcOg9uo9DIjFMqJrKuVI-BKOU_naOhXb-1jCTXvwbsvgn84U9wg7OqN5FwbceWrL5tIP4LddfGRgH4o3UjtaXssq1m092_JUMRLwlKoiM_piklyKJmsoTNlInkm6NEmUMLB99-tElpJNME4UL3LLa_AmhcJzewA2PebFtu1guqGYgwxkt7aeKNIFXSscZsB5HGDO4GvS92CNlXJC3IE_cAO8N8vIyoFiKUbK68aaxALzhme3uQJGpIfyQRa2mXRoiMq5pVc3_mRrtQ2ZnFfyBE6-ILo00CCnw9Dhvxah0ubKoqvv4sc6wKucmmBWtd_qhXm9vCr0nr_NUzqLxEXqD4eZEV-3CfmR96lSyQLCqwSyYnK9dOluR5r-nEtHV96N95-QGfDyChFM7NmtPuXFktlGPQdn8Vcyf8Ijw0t60g_FDARDhdGrN7M6cejyRLGp3OVfqLKFDzaLtPgjzWL3443XfPloTaOZq7OTqxF6nuwAIAee1CZv9VD1-s6tzGuEOe4jXX9ibfaOhzeKVn6IWZw_ZlqHcDg57SM-O4BlTfeEanXH2AQRJo6vcPW0eWYKj0_cdE81xoDdNPKZhOyFe826_kHyFlNyM0XDCMS6hf0k258Ded7b591S4phauQBLqSVWMdxABdcYYHny7DyINd3G2epGNWE0WDAs010zpJIR-TXi0C3PejuW_nHeZiSZDaWS5JiTvxdVF6L8CrRFj6LAFWbIsU5ERDGZDTQe6gCzF-WIVgWp0vInuI5JiF7axEtEzqOBmGJFfBZVjZPqBRiu0rVbwg_vtBrRnDqBev1EzWlNQMIC4-npC65C8X1JerHVME4nNpyCzSb25hvkZNJ-90BTvDV1BIsyEF71C2D9r8kLwyUqoo-MiYPEilyATJ4MGOU4rUUyEV0O0V6ejoDvvZgCA2V5ugfgONelX6Z7fcJg_cKPtPVxITRQA17yqdFc4XmOnVsa8tuGDK16j9qphuMw8rfBNwLeF6-8rETahAP69hy5TpiBM3GkBOmU_Qqk1LY45y4ktlpVBxmsiVZt3dXwg9BJXknmxLdQjNwXr43xpIyQAa3uxVZ3IcIAFkWIbVaAFkSodZYqVI41xBbBca8unmB9FkJh5YqMA686xxVjxggzbx9jcRnpd88FoGDRYM6yvnO1MPa4ig0M7rdVfEfP6lCFPmPGzCJgDNlmtLKwl1TsRhlLVfoPet6RWkOlNhjps1fE6WotzYlzFs0lu1YVxjgLJjY1ciyWOvJ7MSmPuD-OWLtTdLW3SFBCWRVDjtE8qQ5B7SDBXwCVgzflQgsOt9n7LL8DVV4wgnDVXWrFi-XG0zAXh-n_rhbByDlN_Ood1Vqvsmpk8QHfzcsssbaBmtA1vHcqBZ3sxavTZUWr8mCY_HXFgTRy3PzeSgzhzhovxZZ8WIlXVb2MgYWAta1jvIwICZdD2OIRQtpBx_8f3rh0UQ-WS3tmyX5nG6Z1taPXt6eHx8dpAB50nU-bcxxlJ6Qv5OxHTplBQZ8PaDlHpj6ZqyzQ4qqca2CrIpxKzoLVaqc_wPSIdz4BNv5NfHWmjSQiaBdyOvVdEdkD3T9BbL-lMwUC-ffPj1ftslfS-qmTvzhBgQ3cW8Sciy-75HgWk1JULj3BvhbQKw7zjjmzJC5KENr8T9-aISKNr9Qd94iVcUGLA0D-eLkc42RxM6PR1VrMS6pa9h4r9AX8f8wg27QFwUP0LppxuJsPw7DoE5bJXJesSx-OC48b1SzxuBrRv5TEE1inaLovNEZeebnnt3Zec7MEAhLUny2mECiFhFFKtSvjJ7HuiSdzFEThnjyq22oo8hu6jc2rXD4KQiKkfcDMSsc&cid=CAASFeRoCI-6yLe_TGzMCwGdKXBcpLrydw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 30F1 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:47 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 30F1 41 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
DATA 200
OK truncated
/ Frame 30F1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8773dfa3d4d86d8b32b0a752c0c759e4f7b4a9a445ee02b73508988c61c9415

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C29 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 30F1 11 KB
4 KB 22ms
6ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc1ebbf02f6d8a60eba340148fa0953af2a878b8bfd17b1deaab0bf7a232b857

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 02 Aug 2021 10:41:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 1022
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3720
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5136-BWI, cache-fra19151-FRA
x-response-time: 1
x-do-esi: esi
x-timer: S1627900917.001997,VS0,VE0
etag: "677bfdce378cae93d331370b53d92bba7a4234f9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 377

GET
H3-29 200 index.html Show response
s0.2mdn.net/4528516/2128510631811208/ Frame 72B5 7 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/2128510631811208/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b39c4dffd58f4b8520077f6e0d970bec3fe41485dd568f44879a8dde0c8c9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4528516/2128510631811208/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2648
date: Mon, 02 Aug 2021 10:28:07 GMT
expires: Tue, 03 Aug 2021 10:28:07 GMT
last-modified: Tue, 29 Dec 2020 15:23:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 830
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30F1 0
592 B 60ms
32ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLcvXtIn3gt1LcL4SL1Y09JEuOtrFAMezY3M0oNNQtK6Ha6sUa8YPzT0ehzce3omR68iynQ2FwBY31iun4d3c9DgKJqaMVPdXv8hBwDdkCjx_YxdUH-AQ0P1TD6MFfWVXkVW1yCkvKdjNhLB5FHeJAoWFQYrVNTYw07VzabdM7NJla49EW8WZCad2hC4bfXUtLHFNcvp9_unFIq9bIQOVkC8BPJIbM1PkuKSE4rTX2v2OZTvC0PyUuHuwfWs_z-jevmDBrIVBvxmBOpeZM-3nKgB1UfETIr32l6DjixWD3hmvtJrEGTGActKCvtBw_MuykHPDGs4vBzLnHsjmeU8td3uWWZbaXcl4kSBKuqfdwkuuNF0hZVzg0YUy7ZXWsTOx0qxEGVNH6T31uLXr8_zwKmiD_JJrIxdJYYGT9I2rS9bWXHdJGJQ4ulvHZePS-Ytx2MXcjjEPVxuh_vMBNdHT_Pg9L_b2J9M8mfAwBkCPzPe7xBb1gON6FCtA3mKOB5c33AMwKoeuv2JOcApvcBCEs5hgoOeuPF1pkTbdhEE6VbdTKoAmvREBvdVGKvxc-iOv7iOMEi5YeNhgEOXQhTVzqS1enWnfkzKd-8lseD90zLk92j-jTMWaVsqdDwBQUBykQ7zVhOZSJx-cSUcmhNXfQ5O8cEcYrQLOxzzjrGuy1bOrtgzdK-GcZsIxo8JW5xoGWh_rBZtlSWieULjHT9l7qqnDfE2w88fnSH0dGGhUhJ7zkaEus4Tobxgd8lX3ShPD439D6Wpx4b3gSXG_P4LxSllxWFhhCwp6kHg6KqU4N6eFPU387n_QSiaetBBL35-TOde-joWT4RBxXYGOPl-MoLx2YJhPNDuuJFkHGu6fotVFyi238Qbefdxyb-GE8pJ-5SaXmBeQDSXXHKG3NqDbYo3jMRa93rovEVnPB7dXSm0Z1GJHNc2oV2-94KbN9bf_f3abkVKai2AQifSLQTQ1vgU66cX2_nC68mDsx6qWngj6pYRHjWP2FK48cPB7QpSBYe6LeWPMejVT03zLfJd94IQEdHzyGPwPARh2B91F5HliHbFapkkJ3OyI19JNCsC5Vj3d7gqRPrXKist5S-SDqHdd3f5tBTyP7Lv4jo5mlQzTMtuUX_biTOQI8xzlVxnSLbNHfDC_mat4lYW_O6H2mWBOZHQzYxXbbVZEiWxYK4IQdonfB-xoxFK5YHb1DmTIVLmvVuh3127azoZKSEAIYl3o&sai=AMfl-YRsNtO9TNxUlnoNfJztrVoCfYlfSzOK4zhn6Y6XphH5sl5gvS_JZfZ2AS2tMnz_NS7Vp3TgtrlU5IBk0xVuUvEkgQZAXFaA4Xgk8GUnx4RiCGyHZKGZQEfPi5POA5N2zf8IhEOCeXdw5MhS--YozidBHSwsq222q7MS34M&sig=Cg0ArKJSzC38HnCAA7ZmEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=94&cisv=r20210728.17865&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 02 Aug 2021 10:41:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C29 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

GET
H2 200 controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf Show response
cdn.krxd.net/ctjs/ Frame 30F1 259 KB
83 KB 8ms
6ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7cce63ddd80fca5a56ff41093c0629756d4536b772b355ab4919be7f4695a7d7

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
age: 236470
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 289831
content-length: 84507
x-served-by: cache-fra19151-FRA
last-modified: Wed, 28 Jul 2021 13:34:50 GMT
x-timer: S1627900917.011918,VS0,VE0
etag: "2b7bf9f4c301d43b3b0e0a564e9050cf"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 26 Jul 2031 13:34:49 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 72B5 236 KB
63 KB 48ms
20ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128510631811208/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 02 Aug 2021 10:56:57 GMT

GET
H3-29 200 javascript.js Show response
s0.2mdn.net/4528516/2128510631811208/ Frame 72B5 24 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/2128510631811208/javascript.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128510631811208/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaebc65ea9be8a3b59f5718c08eb2c19a637cfb9f1ed778bc29c83e4493a7ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/2128510631811208/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 15:23:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 03 Aug 2021 10:28:07 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 30F1 0
337 B 93ms
30ms Image
text/plain 52.31.20.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618917&adid=321276317&creativeid=143874886&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.20.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-20-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1627900917
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E61 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 30F1 301 B
467 B 48ms
32ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82e76fd96be924f1b403ac3df443b63361cf0dae48400077bc085965265e75c1

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a010-dub-prod.krxd.net, cache-fra19170-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1627900917.134737,VS0,VE26
content-length: 228
x-cache-hits: 0, 0

GET
H3-29 200 visual.png
s0.2mdn.net/4528516/2128510631811208/ Frame 72B5 58 KB
58 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/2128510631811208/visual.png

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f2fbe414e0b79e516fec53f54d6ef6c914cea4e6ad1e804bbd762ad8332dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/2128510631811208/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 01:19:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Dec 2020 15:23:18 GMT
server: sffe
age: 33722
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59019
x-xss-protection: 0
expires: Tue, 03 Aug 2021 01:19:55 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 30F1 0
23 B 33ms
17ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A2E1 640 B
318 B 17ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlD5-s9T1rNOS23KlLOzhaffFZjtZZ5l7l3Le31qEECGNwfy3TyVAP4Oc4N; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 02 Aug 2021 10:41:57 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6E61 65 KB
25 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMwYGWQRs7ECt0lmpkChcU4G3vjchsX_8VC31sDFKEDtym9DjXf1VOVV93mpXjE-YM7JN1ilE3a-JdHTA0xcmYv-FhxvHmwYKCxC9o2kz5dZJ2bjRAl-gV5QHJGIAymCVc_3tRIxoRNSxl2Y1BAbsOa_Y6Dg&dbm_d=AKAmf-BYWWmoSa_8KjzwMzwBYILH3ivxYBqSVA8mcb3--kTOHTd3uUqf2CD2ESFaHIkE7LRIeaYkVGGFylhrPrRLr0IXyqc1NgN1yuOXyo8fFU-hlqxiUU8Wvz3UuifPJ4GPASN31dr4K1IY58j9dbFsMxjzmJ6FL1T6CsXn3PnpgaE1_V3trWLp5HaLWVaNsucAWlSts8izqDHJOZOVaG_88nvhvkUuEza-EJydCATskuYW6AHpqrcx8YZk7-2_HuPyztsPRFhb-zYTXvBKwFYnsog_etz3_skMwhD7wiC8e0KsJU1iNuQecvb9xGi7VMqqWhX_pMAk_nSXu5DlsZRsD_8anRwOVeU9eLvAKv-9EwOM9JYpFCHjOywji3czIl2QyfLiga1SK9BNJTFkfbEgXLnuPomfzGjjlhHjV2rgu1X-JbwFvrL7pzYjrALcB3vJ_4K1LBFabp3K0kHbrLImnSUGBfqpgyAxsWiPSNmiQb9Q2DSP05jX820Jh0HfFHxmlWP7Dk1lWoeCMERL_aiuBaEl1vFjneOGWD26yaiNvYgw-JXJRY6z21Ot3SzJGwGQ1baKZvbvzD_RSFiBf3NYnh-U_yPM_QlVDvs2zPXy7rLtElJfNF3DYh8p6An46Ms4FffiWUt4BLv20fGc1HJ51vsXNXMUkiSpwxyA9fmutGDBpQWuUZZfwadjEDhoCeHif42ycci3fXKLnssS1aa8GPCKzsnr0wJKkree5QEfmD2Oq2PSOiLEkc64wJOqu4MdV2qrlYIVSOAbi0BVo1h8tnR7Hj7czzPS953DdqXxvpU_PucHE3ncram15H--3c3VPWJRErWsy5U4p_MBKHUb_CVVENS5thxU0uyEIhdocMx1e4hUa985_qaF97cuyteFMVouCE4jLO69qbagPQt2ZR-NRObj_2Iy9CH-hNtxWFDGHnQndVsmr05SPMPCbqxnDOTgOvKCw1lZ-7L28qrYryDaAvt8uY8NOH0SfZleCNbRVuEi-vmh2mLvFntpVGMff5miIBMYiflfA3DJNZJgCfOgCJp9og_lzq__QqRhF0cwBiJcfOOaIJApFBcZaH4uLkT05C3LXKOOAEh3VfvK7qNMoVPRo3c0zmsDHlpfqfZomtl23z-bebpqWtD6kVAeznz0kwVrHOTFESFVw2BXq1rLm-eoBWUJuEdzOdxy03GUGR_hKPfq4PI7hd6PuWcScgYAOw1GJYe_zIdSfpuHjMYRRd7J4gVgjOc7A5X95V-wYvGuShCTNSoytPp89TMGxiduk8feOPiO-dpaWH_1D9pOWmYtv8pCBgVqOf5X7Njzhqt3jKPRNR1oAWBR3qdOijqUz6CDxQTU1eIEVh4LlQoGiIqeT86mSldbJa_3gwRGKh52XFoilrjQIyQX5iQetjkXWtqnAo3J_xOcHTHW36YKiG9MkcGV8JigN1D7_0LB_oouDyaqYSaU0FlZEIVz2GqwCt6QHniEZCR0oYZVP3scSQVQIIqulu0cxCmKLszjTkYC_GYGLnpdpvbYQRBAv59KtoiihEbiODC9MeMq68MmKfgSEG9HvM-07JbVpRSElvH7DbAW7XnkjCajmA1U3IzXBd8zsNJpvMOYpor4tyaO7uwyt8ZX7F215E084tzyA7h10t86HBA4eFPWbFHnR23LA4mnd_d_0QZWEnPgCQLkUNyyXhs3o8EVz2lb2dPMUPbwst-Jeeegm5NWJpIc8uv60SNX3GFs1ifE3poH4p10M4axsDd--Y9nKH1JVdZ2hTJhs23dE-qmRFjo0LiWzm8ElQq4n_bjtlhcT1BiYj-My5pCcKp94EB0R0Phy2wEGt1D6BFuyy2OZ3izy2GfKa-0N4oTXtE8lkSCaVxW4R7OEA6U-f99O2SpZbDX0j3I_uKR6-e0xiYQhNY8CNrEEtcyU_BAUCnfXkMUmkwPqGUCtQZFVNt6SES5Dq55omDfbHY8Lk0F8nBphgmCySELvcfN079rJGSExzK4-jtEOc5o51h_WrcEI0WBYIM0SminlllSKg4-_0ZQYJrcPNeFXuSAKPAt5JnyLeanyvV0W2RZcp3_iNZ53lsOd74ep3cEFQY9QjCyw6iknVNY5Fko1eJy62M8WHoEGrikYRSb5EIIs8fCmtIuJWr84fMonmKNDgpT0P9qNDtFWR92LLvuuq5jQV6K4Nto5Am2IXJbFfHwx1GptsQdweQr5QF6gI_M6k9Tr-MspskJegv4wjI518JkTe7qxhXUcvvqt5jzuRuMjK7MmKMwGbAIFJ_Fc1qFJ1EilQtEgJeQs06ly8elbKp-zVLpIhwjQBW6P6UyDpNsA8bqMrWWAE7VAagfz3a6VRZpy3fAFhxyRS-NxcA2gRR6Gf-3wuYDHpMMLaNXXoDvRsegX4Z1sGvkOm1jmJ01Khr-oyOqC4KhwqXDj30FwiQlZXMbsto8yTAwb054ZlRwz3TWypl4BJIG_bTJX7OCjv6FA40k94ZtFr-9CrDFb7ERF6YEwuBxLQnnjuo6xGiAKIbfgYZg3xMv4F2lu4Gh-s1PqP9jmlWSCYaxXtqnX0MWpXLiZSNc-PZaKZuY2bHMJYjGLx-cMvoaotoRV_ZXELosstYweIJ_z0iD1_6hBcR5M8pNuRr40OrmFhbRhmJQPKESg7UHk3ai05O25be4yKxUya2JLSb-VbyJPCAZNNPrK7uO55U3UQROmbnHLgPNQXM8pEiMa64WNuEKAsd6FnOIxOEJuSLKg_xmfMMQisfqfNYO54y1v7WYorR6J_UxIBc9YsufGa1ilhn-KDc1qxdWQpAIqAW1ABUUbKX1m2vziqfCtXiX1xjQmeC7xcvDCFK8CydeZAcOGZ217bMLLXBhZcFQaBTWx3Rk5jXXpXoofIv1wOWvMJE9p6V9GaE4G23pVQKMhHFhGN9dYFQwZmrnIL7PPfFsmByROCH98G_YgNRTTKxp_Gv3HjBAT9hTd-IeA8_C7VK1MbIe878Xkre1zKYT1whpMo_qo4iQe8iPt2KBKFbwQRg9bzkeSB9i1TyR52YGzc4RXEqbNmwtdbfUT8deI8vVtHOq5_t4BAZmoWtKA3M18z6uzm4EgXjKB03UdpubHFP6AtFXHvDms4AmVax2I-SFZejWgCNS4kUuiEt3XfnY8d57jGxofF26DTGQmMceWUaAeLkOGACw_LpdoCdgkanCpx_C39y3gOKq5HCNEorvu543YEzVvfJktv9mUw&cid=CAASFeRo29UzLjiZUK_vv3h4E9zvNYo-BA&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b0ce59118b7b7dbe0cd333276a7cd25f532f237e6a65e6e746f975b0c2712ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E61 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASvhFI56Hf8tqwMu8neIurNgb-lUzpbYKBKWq4VYreNtkHq2L00trm6RLukiS0FAaLUHIdlVA9n5QtI71h2pz9BkrnlE8XudONmqfI8MX1XbcDAi4

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 6E61
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/741547/55522417/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
481 B

39ms
11ms

Image
image/gif

2600:9000:2190:fe00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 14:26:28 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
age: 5084130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: meEKQ10rMVfgTCMZX5GIuv5F24CpFst_pcLU0PFLqWDO8gJIVQ6Bdg==

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 6E61 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E61 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 6E61 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6E61 0
0 14ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqZbP9eyIQcskSPlHDweFWRnsWDa6e-lth8QpFYHcStEaBTFdeuvUG38PoklUUtHPZo5QhIy_h8zv2n5Qj4FIyLlFxHQ
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 30F1 81 B
240 B 30ms
30ms Script
text/javascript 52.31.20.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.20.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-20-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0648c82d30b408db69eab909d1f4a53037803330629bf300911bd74ee12f5dea

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=48 t=1627900917
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A2E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDEfoe9xNbH_mmrmwTEoR3s&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDEfoe9xNbH_mmrmwTEoR3s&google_cver=1

43 B
172 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDEfoe9xNbH_mmrmwTEoR3s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDEfoe9xNbH_mmrmwTEoR3s&google_cver=1
date: Mon, 02 Aug 2021 10:41:57 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A2E1
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjEyYWYwODAtNjEzZC0yOGRhLWM2YTQtY2I3Mzc3ODExMWM2
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjEyYWYwODAtNjEzZC0yOGRhLWM2YTQtY2I3Mzc3ODExMWM2&google_tc=

170 B
188 B

18ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjEyYWYwODAtNjEzZC0yOGRhLWM2YTQtY2I3Mzc3ODExMWM2&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjEyYWYwODAtNjEzZC0yOGRhLWM2YTQtY2I3Mzc3ODExMWM2&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A2E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMajYBD9b4uJ6EtxK4Xk4_Q&google_cver=1

23 B
172 B

35ms
35ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMajYBD9b4uJ6EtxK4Xk4_Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 Aug 2021 10:41:57 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMajYBD9b4uJ6EtxK4Xk4_Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A2E1 23 B
172 B 53ms
35ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNvs6K0BMAE&v=APEucNUTmOFEKqoAM5txMxH1IjBl_H0WXJCHUlGeDchIEsRhGyecwGhKa3idu5WeYkJawaqQ5JCRbeL5oxnPp-X9SWDNM1ZQCa8jCAT_Ur15SGY64X2m1ia3lvIgm7Bu32nA8raVB0jOix00qNpdfqHemqJEadFly6M59NgXdx7pnrIuGMnUa5o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 Aug 2021 10:41:57 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 6E61 169 KB
58 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 14:30:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 6E61 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMwYGWQRs7ECt0lmpkChcU4G3vjchsX_8VC31sDFKEDtym9DjXf1VOVV93mpXjE-YM7JN1ilE3a-JdHTA0xcmYv-FhxvHmwYKCxC9o2kz5dZJ2bjRAl-gV5QHJGIAymCVc_3tRIxoRNSxl2Y1BAbsOa_Y6Dg&dbm_d=AKAmf-BYWWmoSa_8KjzwMzwBYILH3ivxYBqSVA8mcb3--kTOHTd3uUqf2CD2ESFaHIkE7LRIeaYkVGGFylhrPrRLr0IXyqc1NgN1yuOXyo8fFU-hlqxiUU8Wvz3UuifPJ4GPASN31dr4K1IY58j9dbFsMxjzmJ6FL1T6CsXn3PnpgaE1_V3trWLp5HaLWVaNsucAWlSts8izqDHJOZOVaG_88nvhvkUuEza-EJydCATskuYW6AHpqrcx8YZk7-2_HuPyztsPRFhb-zYTXvBKwFYnsog_etz3_skMwhD7wiC8e0KsJU1iNuQecvb9xGi7VMqqWhX_pMAk_nSXu5DlsZRsD_8anRwOVeU9eLvAKv-9EwOM9JYpFCHjOywji3czIl2QyfLiga1SK9BNJTFkfbEgXLnuPomfzGjjlhHjV2rgu1X-JbwFvrL7pzYjrALcB3vJ_4K1LBFabp3K0kHbrLImnSUGBfqpgyAxsWiPSNmiQb9Q2DSP05jX820Jh0HfFHxmlWP7Dk1lWoeCMERL_aiuBaEl1vFjneOGWD26yaiNvYgw-JXJRY6z21Ot3SzJGwGQ1baKZvbvzD_RSFiBf3NYnh-U_yPM_QlVDvs2zPXy7rLtElJfNF3DYh8p6An46Ms4FffiWUt4BLv20fGc1HJ51vsXNXMUkiSpwxyA9fmutGDBpQWuUZZfwadjEDhoCeHif42ycci3fXKLnssS1aa8GPCKzsnr0wJKkree5QEfmD2Oq2PSOiLEkc64wJOqu4MdV2qrlYIVSOAbi0BVo1h8tnR7Hj7czzPS953DdqXxvpU_PucHE3ncram15H--3c3VPWJRErWsy5U4p_MBKHUb_CVVENS5thxU0uyEIhdocMx1e4hUa985_qaF97cuyteFMVouCE4jLO69qbagPQt2ZR-NRObj_2Iy9CH-hNtxWFDGHnQndVsmr05SPMPCbqxnDOTgOvKCw1lZ-7L28qrYryDaAvt8uY8NOH0SfZleCNbRVuEi-vmh2mLvFntpVGMff5miIBMYiflfA3DJNZJgCfOgCJp9og_lzq__QqRhF0cwBiJcfOOaIJApFBcZaH4uLkT05C3LXKOOAEh3VfvK7qNMoVPRo3c0zmsDHlpfqfZomtl23z-bebpqWtD6kVAeznz0kwVrHOTFESFVw2BXq1rLm-eoBWUJuEdzOdxy03GUGR_hKPfq4PI7hd6PuWcScgYAOw1GJYe_zIdSfpuHjMYRRd7J4gVgjOc7A5X95V-wYvGuShCTNSoytPp89TMGxiduk8feOPiO-dpaWH_1D9pOWmYtv8pCBgVqOf5X7Njzhqt3jKPRNR1oAWBR3qdOijqUz6CDxQTU1eIEVh4LlQoGiIqeT86mSldbJa_3gwRGKh52XFoilrjQIyQX5iQetjkXWtqnAo3J_xOcHTHW36YKiG9MkcGV8JigN1D7_0LB_oouDyaqYSaU0FlZEIVz2GqwCt6QHniEZCR0oYZVP3scSQVQIIqulu0cxCmKLszjTkYC_GYGLnpdpvbYQRBAv59KtoiihEbiODC9MeMq68MmKfgSEG9HvM-07JbVpRSElvH7DbAW7XnkjCajmA1U3IzXBd8zsNJpvMOYpor4tyaO7uwyt8ZX7F215E084tzyA7h10t86HBA4eFPWbFHnR23LA4mnd_d_0QZWEnPgCQLkUNyyXhs3o8EVz2lb2dPMUPbwst-Jeeegm5NWJpIc8uv60SNX3GFs1ifE3poH4p10M4axsDd--Y9nKH1JVdZ2hTJhs23dE-qmRFjo0LiWzm8ElQq4n_bjtlhcT1BiYj-My5pCcKp94EB0R0Phy2wEGt1D6BFuyy2OZ3izy2GfKa-0N4oTXtE8lkSCaVxW4R7OEA6U-f99O2SpZbDX0j3I_uKR6-e0xiYQhNY8CNrEEtcyU_BAUCnfXkMUmkwPqGUCtQZFVNt6SES5Dq55omDfbHY8Lk0F8nBphgmCySELvcfN079rJGSExzK4-jtEOc5o51h_WrcEI0WBYIM0SminlllSKg4-_0ZQYJrcPNeFXuSAKPAt5JnyLeanyvV0W2RZcp3_iNZ53lsOd74ep3cEFQY9QjCyw6iknVNY5Fko1eJy62M8WHoEGrikYRSb5EIIs8fCmtIuJWr84fMonmKNDgpT0P9qNDtFWR92LLvuuq5jQV6K4Nto5Am2IXJbFfHwx1GptsQdweQr5QF6gI_M6k9Tr-MspskJegv4wjI518JkTe7qxhXUcvvqt5jzuRuMjK7MmKMwGbAIFJ_Fc1qFJ1EilQtEgJeQs06ly8elbKp-zVLpIhwjQBW6P6UyDpNsA8bqMrWWAE7VAagfz3a6VRZpy3fAFhxyRS-NxcA2gRR6Gf-3wuYDHpMMLaNXXoDvRsegX4Z1sGvkOm1jmJ01Khr-oyOqC4KhwqXDj30FwiQlZXMbsto8yTAwb054ZlRwz3TWypl4BJIG_bTJX7OCjv6FA40k94ZtFr-9CrDFb7ERF6YEwuBxLQnnjuo6xGiAKIbfgYZg3xMv4F2lu4Gh-s1PqP9jmlWSCYaxXtqnX0MWpXLiZSNc-PZaKZuY2bHMJYjGLx-cMvoaotoRV_ZXELosstYweIJ_z0iD1_6hBcR5M8pNuRr40OrmFhbRhmJQPKESg7UHk3ai05O25be4yKxUya2JLSb-VbyJPCAZNNPrK7uO55U3UQROmbnHLgPNQXM8pEiMa64WNuEKAsd6FnOIxOEJuSLKg_xmfMMQisfqfNYO54y1v7WYorR6J_UxIBc9YsufGa1ilhn-KDc1qxdWQpAIqAW1ABUUbKX1m2vziqfCtXiX1xjQmeC7xcvDCFK8CydeZAcOGZ217bMLLXBhZcFQaBTWx3Rk5jXXpXoofIv1wOWvMJE9p6V9GaE4G23pVQKMhHFhGN9dYFQwZmrnIL7PPfFsmByROCH98G_YgNRTTKxp_Gv3HjBAT9hTd-IeA8_C7VK1MbIe878Xkre1zKYT1whpMo_qo4iQe8iPt2KBKFbwQRg9bzkeSB9i1TyR52YGzc4RXEqbNmwtdbfUT8deI8vVtHOq5_t4BAZmoWtKA3M18z6uzm4EgXjKB03UdpubHFP6AtFXHvDms4AmVax2I-SFZejWgCNS4kUuiEt3XfnY8d57jGxofF26DTGQmMceWUaAeLkOGACw_LpdoCdgkanCpx_C39y3gOKq5HCNEorvu543YEzVvfJktv9mUw&cid=CAASFeRo29UzLjiZUK_vv3h4E9zvNYo-BA&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 6E61 24 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:47 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E61 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
DATA 200
OK truncated
/ Frame 6E61 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdb098d4323d7e8733b4bc6c27ae388615a2b94ed0000f6296ecfe61d0be06fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/ Frame 85C8 36 KB
6 KB 33ms
15ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5616
date: Mon, 02 Aug 2021 10:41:57 GMT
expires: Tue, 03 Aug 2021 10:41:57 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 18:40:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E61 0
61 B 26ms
25ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYQTdUzblNW9Ap2T5Y8YbB0K6sRvJ9IbSG2z5gX2YvWagqdQXCH9DdCN-dlveB-qb77w7cYnGns1WsGyC92hwLQdmg8sNReCpHtlLniyNEShZyvTkLvGi3qffbbPRESIyRntUaOTFWTlu1fOFyfEkQg-3nmocM_GeR9s1g4aS8TmxCVDF46ME9NvP54LyYGOlwO8R2C3sveQ0HqVHFjmHNoDvVHI6BOzZiFbnMAzUNINDsuOdO6_Y0GLIy-vAtL1JjUK31wR2tRq1ac4wuHUz14WtUED6rEnpQWXFC3rSy83fLzTX6c-9dqbHhUgN8rTjnFkStDxNXfXcQTlFwXaxtN9i5MDQsEpcu5NLd0RrY0EqgK8VMTQp8ZbbVR2bWqLISlWzvoM-yo7olL36n4IHClp-I5JNcZmLfrMqDLim-4A41dabByW5YQR9kmw0ttFOLx6211xRx_lBJAhdA4N_2vZJHe3DZyPdLY2RBco4wU6KSST7dxQcxiAHX0usfmlMsSulSI6c-H4r_kmE4OHTPVc50uSSLWK4L7icrwkG-1njZLYpnLsVL79MISzyWSAvQ8BFeZ9MgLwhT3GJLGADtS0wl7yJvdF9GfBYkUCFJLL-vhX55nzK5VX3u22dZ2paGWtTB2Sw1Kiwdhd3l9dPmJL5qeAh589OD-UzPB6kFxnlCP8zfosCdN2vtKq6dsgnvPfGka9V9yiCwyG6Hyfj9RF1jbd_G5Qw3-CNQzOSKhOE9xIIHrnI_8EQ3t9PHjAIxFrsoxHfOUijQeJCKmJOB6j-lNInzE0ST6YdwdU39nMZ0NdTAfcHn8xYL_N-3Rj1nGA8ktaxmd97MKw-hbTyOfjcfFUf6kjX4g8io5mnICgor6Fa8_OUTYBaXwRBNiqAFUjiWdisXLpxGGOtyKKYIFcK5sjmokAAVp6tl92nxE6DjnEwbi4jDE0b6OuV8z0fd-wNjqOueHx9sbO8ilIHvfx-0ZUSmuKPis8eQlaibHKQsdf5vNQQJcZ8aKxlZ-IoEzQebxECmOlIc1l7CXtqGXUkLCHb9mTH7xtEtcTri1d37_B4tfr76T-SiwxyjKax5EUZGqlUmuAlBBPpYoz-adnrimQm0jRikuOGQiT-VvaA7hrd_bOkanN4iSfDHldCFUEOy8h-uO0sYbxY8FuJDhlgSEr-1OF3NiNGlMJWmKvzSpoGsl3YUEpjTszVdsuOB03dqJwDwSU3DFfcClHOVAiTewFWLox5PLXqP8pHwtw&sai=AMfl-YSAJcovJRTPNaWNK5a0SLMdyH6pUrZfj6kmxeaoxArpa-PrIJQ0XfzzxY73HutfzTrVZ61spt5tQ5lXCwWIloXR6LKfZv7ReKsyHf6spt8ygnENtDe9PJic_3Sc0oDPT5Oyk-7Q2yTr4gRfcSynvLsABB0uF71L2KcQddE&sig=Cg0ArKJSzCJcyVyMlCrUEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=84&cisv=r20210728.05054&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-34-254-147-143.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 02 Aug 2021 10:41:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 6E61
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=306717467&d_campaign=26006000&d_bust=2324560061&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=306717467&d_campaign=26006000&d_bust=2324560061&gdpr=&gdp...

42 B
980 B

35ms
35ms

Image
image/gif

34.254.147.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=306717467&d_campaign=26006000&d_bust=2324560061&gdpr=&gdpr_consent=

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.147.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0924b2ac2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4geEZypST1I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-0a778d318.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nmV5V2HFRN4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=306717467&d_campaign=26006000&d_bust=2324560061&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 6E61 43 B
1 KB 61ms
24ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=21213705&extPm=364525147&extCr=53131072&gdpr=&gdpr_consent=&rnd=2324560061

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 02 Aug 2021 10:41:57 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 02 Aug 2021 10:41:56 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 510F 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C29 0
121 B 29ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKOTM9MsHYevaM5T03gPN6oWYBgAAAAA4AeAEAg&bg=!o6CloOTNAAals0SOpbM7ACkAdvg8WqritexPKQxjTrxuucaJLk73Js-RlclxldQhsmwe2O9H0fi7FwIAAADZUgAAAFVoAQeZAtOh1iESw90pI6CPL7arMlGtlWl9V5OgityoANTV7EhRBJ0J2NFcAICwCw9U7zIbFn3gKiCgeMedH5y5d3Xrq6akAloDjiaIIV1bllHSqrMtCLq0RJp1FynDqst47bVeoPmfNXNQOmOTG-g_rHy1ckzDfzz0mQDo9St1Q-d21zHYFRzdeGPIY9E-OPOkqSl5PypFtNjaiB9AIZGB2WTZC5lzTOegMYMbfo03gn4FysjBnCTe-nn-jG5bgf7_7MpZ_bfdtJdO2SSri_UIuqXWTiGnR37hYUIV17-IC05huDYTeoLY0RPTtcpRb64UcwAL68Fdr62dxiVLoKjMhTCA_lX5s5a_RXXULNoialwY68UwV_aUMxhum7fOThaB0IjK3QqrDSNHW7tPdD9HeneJqOPTVkOPUqGveEnfF3HoxPvA3Fhdgo7OqTXSQPCNRvDFwzg6xbPflrcbmHRkEKUrLYYXWoMrq7seHsrPvKtbh8U9UvYmzo1SNpxGR544mIyPhnSE02PdPlcZpC7l5i0AB4UGVAzpUSFRXSHC0N_Js4XSuJSgmZDvraS3AvglB4YdH8xE9tDnBJA4bnFD_kOfw5Wn70MM83Sfg56YlkH10lV-A18dChgfZcZmkcjxBsErZQU9IOtHEamaPhU-MP5xNAXftjoy4889Ow8HwHioEugohhl8Y30t1qPUbl_oecBpFzCkpJ3yMqOSZAteCTqMnxGCstXY6VS6r1FCyybnyLwGKKHxJAJxURtLbxAKqeLSrFlQ8ESTI0DlnF4oXZKXmBZMebesgkLQbez4jzh8hR3AdmO3TTQAAS24t3epJsIuKYRA6gockD-3ddYjIPTfX8gua8vl625hBzFsUJia16WVJJmAJoZJOnfrpz5QBu8-Xh7-eGJA2doPaGWFsOx7deZjTYG99H5cRCBQCKer8-EW7M3WzRWnuH2L0B4wBg6Xbok9dBE

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/ Frame 85C8 6 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 14:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1741
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 18:40:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 14:30:12 GMT

GET
H3-29 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 85C8 109 KB
37 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 14:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 14:30:11 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 85C8 59 KB
22 KB 31ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 493851
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzUhBhtIcdr5r0SsTZR4wAdQP0hJ3xEGfC2%2BiNPjO1YmFFvVGepecO8lsSqXv7NmeEOzwYfBGEbHYr2CtS8faekcXO7obBFNLGOfJa%2FZ8O2jmqdtaYLmcV0qWHNDMlOQEIqZXUdkDRMsNurcjH3Ru0J3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6786b25d8ea405ed-FRA
expires: Sat, 23 Jul 2022 10:41:57 GMT

GET
H2 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 510F 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E61 0
23 B 17ms
16ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85C8 6 KB
4 KB 31ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b97f1b0038abb2d79dbc0f6360be54e8c7c2d9459cae8811929b2f478284e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4335
x-xss-protection: 0

GET
H3-29 200 blank.png_1621952972643_blank.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 85C8 95 B
118 B 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952972643_blank.png

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 05:38:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 14:29:47 GMT
server: sffe
age: 536632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Wed, 27 Jul 2022 05:38:05 GMT

GET
H3-29 200 DCO_Engagement_Test_300x250_1.jpg_1621952972643_DCO_Engagement_Test_300x250_1.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 85C8 58 KB
58 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/DCO_Engagement_Test_300x250_1.jpg_1621952972643_DCO_Engagement_Test_300x250_1.jpg

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617f0068499a5ecc677e1c4143c7ba112f0413213e2e56ed97e6be3728c80e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/index.html?e=69&leftOffset=0&topOffset=0&c=Prcg0Bza6W&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 05:37:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 14:29:50 GMT
server: sffe
age: 536694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59473
x-xss-protection: 0
expires: Wed, 27 Jul 2022 05:37:03 GMT

GET
H3-29 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 85C8 27 KB
27 KB 7ms
7ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453748/20200911114052183/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:37:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
age: 296
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:52:01 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85C8 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H2 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A4F2 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame AD0E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA76 624 B
584 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKXk-LABMAE&v=APEucNVrViiJO48yJfRtNuSj3TtlSx-jzKodqyMW1rBxTeCiqknBpqyDApnnH0GKj_lFghtVdDYv6QbdW_p7oqFrr6QJZlmYoJlOHCkBZHggGGvMUv6pbCfGWsqQzgACGGgzEt3LVblvmIHZc21kOGkibuRmVvR0D4bGtph3T-kC-nTl6gPPygY

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CM_cnJQCEOXw25gCGKXk-LABMAE&v=APEucNVrViiJO48yJfRtNuSj3TtlSx-jzKodqyMW1rBxTeCiqknBpqyDApnnH0GKj_lFghtVdDYv6QbdW_p7oqFrr6QJZlmYoJlOHCkBZHggGGvMUv6pbCfGWsqQzgACGGgzEt3LVblvmIHZc21kOGkibuRmVvR0D4bGtph3T-kC-nTl6gPPygY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 02 Aug 2021 10:41:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkhf1H_5_aLtJ-Y39eF0_hJqYJvmx9b9z3a-obMKlaogoiDtZM-5TflCE3u; expires=Sat, 27-Aug-2022 10:41:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame A4F2 114 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:46:05 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame A4F2 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 09:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 09:54:45 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame A4F2 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:27:49 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A4F2 42 B
63 B 30ms
27ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3Sa-lOfRsBNUqS5FoIKkeB4HjDjuc0x1Mi4VpmajvMAB6uCZnNfa4yyaEH3QeygQPoyEqhykIfYSnXOcqX5gUPhMYOJU2COfKEHDJB9h9lGPZem0

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame A4F2 43 B
1 KB 71ms
35ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=300&extProvApi=roller-dv360&extPu=ROM&extLi=44868471&extCr=371077669&rnd=1627900917066316

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 02 Aug 2021 10:41:57 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 02 Aug 2021 10:41:57 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 713
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame A4F2 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4F2 124 KB
37 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame A4F2 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A4F2 0
0 15ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJzTOgF_oOef_fMRN5LqoJCB8IlKQFdQXltakMFJEYjcfjBklybCazd63x1KoAa3_WxFdxo9S6VGxAGKbJsWQ7InePNA
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 180 KB
25 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf62c91caaa4d12c02d12565e13d93ea3ad82f51d1854a59465ac9875386d0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/6098122305590071555/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 31 Jul 2021 22:10:36 GMT
expires: Sun, 31 Jul 2022 22:10:36 GMT
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 25953
age: 131481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame A4F2 0
24 B 25ms
25ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsukbI56LzCzGO-JH2bNgPezuk2pKn3G6OdA0fFrXS1guUHpRL13gNULuZGTkcyalK-xLQZBM6K1pcOHXAOB77Nwv2Sh9kPDcwVIG-r2lUyAzvlCYzlrxqL6dalbV3Sgfvrr-6pm4vYBr9PUvzev9elSFwqk9_gde35wY3xzGVwG_wjZXtRokPAo5FFY2nhbzh2gh8Z2AcyBU0dtkWQWID40rk2a3eWURuQkAtY64sywk5wjsmAfDSNS9EGRW-M9Xyd1oXuaFLwDqRMmZQR0DaG_R1QLZvfLWm2nwxlrrtBp1iMruoFBUNWSlNg_Urzrcj8_m2cfGurSe9EPNg_UTyVpfZEUABiTXKmzPaUrPe-rfH0JqN0ARBNKOPVWtV9rV1KJpCA82eH9zsQTNN4SUop6jyCJ1o7DVJ3OcgOPQJFz52OZH-ahrqxvHAHlunLA9PUwNSEE_LugWJkfCvjzyv2Mz2FVIQ6wR5YFhDJuLXvGFYNEGR8YqKOGExTngsFBCJkR6yMEm-MQACcglpSS7USxAbX_nmCltMIPZW1X68sDfkqGkoagkETWUd9MA9FLbbEXC2drnIC0wlWVVnnZM7J08ZfwP0EZM6BcwiZ_f3411exFsMii5AUlufm9LNACLrMmIM8EkTpsbLTZ-PakKCVqDac8Qw6GE-LOJ-YvwivtPicjV5BGvHqinjPuck_b8jiIkkqJnsNvTYMfGsw1lEOO_x61yG5HsWRoCBPQMDU1B6vuts2fhcNwVzPnPpYkEEhF3ZLe985hQ1q1Ph0EI2f42ZRhGqxXlNzWrl-Tnf4qlvyZmjQCoUPKgZx3XxPE5eS40Uy0yGXkY5AmR6BGksPc_j0i9XBDiY8wCbLeBWZfNxoloMwzpW8qimUjp8qY-JMvXoNgP_QbeYFs5AyggFOndiC1vAjkB08r0ALvV0mywxBoYM46fawFCNdDjm17tTw2q5MCFblfdrZVh-CYUtVYbzgi-B3vUv5oxy4XHXCtIZw0GPMZ-p_qKqFmL0Th_Ab-9B8Ar4JXOqAwskkgYdQQFb0trkwZN9pcSNhczpAR8MeNynKP6hqUWkllk--H85AEETwk7P2v7YS0HQvgAzgZ8a0_ISjSyqw_0pmkPvmLVa13XmHVQFD9M5mNsXR4qLb0_QpxLEVsK83Id6wthjfcPCEQGxCdrzqfmJes&sai=AMfl-YSn6R2fPduhB_yrc_tTE6cjcHVoQqNftyzXezqjLD8jZCsMp-az_E_Ab80uv167tQnlv2n62CnVwJuk85BMgY8YdBRtHYrkecBmYdWutl1wmH1lE6KvIvNqhz0SS_Ggz5oTMRVS6NSX5DoUDW2RDeRkMnPx3rXiwi6Lmiocv0v3l0KzD-IYb1NJHdpohxKGCFXZFBTrASsYRrxRE9FiKSl1Ao5XjH4A0ZXV9CTjrGk51RKq5SGHGgZ8aJ1ZDbCSldy9ErTuhcC62vtFuZLMGWO-jer9AwbXAQKEK5MndKNsAfj0phI1JOkdKFu6h4B0rVvWbflcK2XV_mTKCC01LE6fL7-7Er-nrVlf2WXJVLgkTvO7L7bZNQifrnBqxBmHIQ&sig=Cg0ArKJSzM2RUeahHlBlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=77&cbvp=1&cstd=76&cisv=r20210728.33031&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 02 Aug 2021 10:41:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A4F2 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FA76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1

43 B
1014 B

20ms
20ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKXk-LABMAE&v=APEucNVrViiJO48yJfRtNuSj3TtlSx-jzKodqyMW1rBxTeCiqknBpqyDApnnH0GKj_lFghtVdDYv6QbdW_p7oqFrr6QJZlmYoJlOHCkBZHggGGvMUv6pbCfGWsqQzgACGGgzEt3LVblvmIHZc21kOGkibuRmVvR0D4bGtph3T-kC-nTl6gPPygY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FA76
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfL9cEA0-lcWGug6pNL7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKXk-LABMAE&v=APEucNVrViiJO48yJfRtNuSj3TtlSx-jzKodqyMW1rBxTeCiqknBpqyDApnnH0GKj_lFghtVdDYv6QbdW_p7oqFrr6QJZlmYoJlOHCkBZHggGGvMUv6pbCfGWsqQzgACGGgzEt3LVblvmIHZc21kOGkibuRmVvR0D4bGtph3T-kC-nTl6gPPygY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame FA76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK68dqxJA3BtX07T33oGQeI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK68dqxJA3BtX07T33oGQeI%26google_cver%3D1

43 B
1 KB

22ms
22ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK68dqxJA3BtX07T33oGQeI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGKXk-LABMAE&v=APEucNVrViiJO48yJfRtNuSj3TtlSx-jzKodqyMW1rBxTeCiqknBpqyDApnnH0GKj_lFghtVdDYv6QbdW_p7oqFrr6QJZlmYoJlOHCkBZHggGGvMUv6pbCfGWsqQzgACGGgzEt3LVblvmIHZc21kOGkibuRmVvR0D4bGtph3T-kC-nTl6gPPygY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e9774454-e60c-484c-8961-e46ac25dd7fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ba8b49e0-a7fa-49ec-b6d8-01efe516686a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEK68dqxJA3BtX07T33oGQeI%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FA76
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:57 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 39277fc3-b7e3-41f4-84f4-e7f4f3d5e96c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A4F2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6930d4b634461f69a17d5ac391168d3e85b70a07deac727f5063bc1cf5a40fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 72B5 102 KB
102 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128510631811208/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/4528516/2128510631811208/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:30:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
age: 698
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:45:19 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 386A 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame A5A4 28 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 14:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 14:42:05 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 510F 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7egB9csHYZr_CYWT3gP16rnABgAAAAA4AeAEAg&bg=!IyClIGTNAAals0SOpbM7ACkAdvg8Wp7dbmIr6Zg_Me2WJJ5hY9yd3U95KAYWvi2TSNXChqdfpotNfAIAAAEcUgAAADFoAQcKACzdhJ5qNE1sPF57gHQKnGUznsBmvQHveeFx9yiQzuhGNrmWGVvikfY9EU9jB5kC1NMjq_lsi3C_vLNre6NHqk5GE27p5mXgAwx94IL0GbnQQWovNCP1i2h2udV8_KW8NnuhuWQZXTSvWGTYyoSLPflNldJJYUAeOY_2AZ6WgyjB5HF6zkvZw74vhj1__uIsxLo_I6U1BrNz-L04yEGem-_vf7CIvhQDYMwc8ltSvo1OLGCX26-_IqbyrjxS6EHK_b5Cai1UfDv1gEqE4eU8pxYz7JPiH8UzrqNF9_biev5nV6oXH39YCLWFcDEqNoNdLIGf_G0oBED-mHbWYA3NbcBdqco1tce1vd4pcmTnmVfVSucijogtpbHF7ALZ12DlGKLip8ORqdFCQ3QvjkwAdSQx8IU73j30CKr7Xdm34puhxlXm4vxq6H-sDYeH9ORVGPvXe0Vzngr3QNgafFw7Z0v86XqB9dajK-uVe74ogtAKsxVKub7LIFxTZeP0IzHTjB7BIGUlt86c7mnddrXZcKsEIB8ZL5HaRiZeNyjf29X7yMU7pqTk5NuI9G0ph-su6vddNWYDw47vk5ypckUzcLDk1Z02vkCDOiYOOXc_ndVNOAyRPLjeTyWzQnsZKot2kkZkTZ7f5VFFU8wTkAeYIwHjyRCmfcX1CWzMALAJZiObixUWbBKIC99QAWQ6bEvYtfRrtuBkKoWm48Nkuvp4XhVaoSagaUyooPoMgjcec0mb5j-sjm_ibWgRFZBNMNPJgzYJZxOyK2UyYAo1uzCcmM6JukxGE-gk6ZNBCH20fZoL9j783xzhwYYwAAIG94TIYBsF3fNzt-cF7snWAvyDwIAUQtlZf-JZ4h2irHoNMktkWbU3wEKjAfM6jL8ZeN_QGjHAzGDfD6NkAFRfHfWsRfBO0UCghrL24LTf_e_mqyAJRXliuL2cE5gImYdUZRNWn2u-r7wZKMzh6w0NjMxI3QhG8sUODhYywcG-N8tp-2vm0YRFs9i1Prn8yPTYH-0FqiheFX4

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame A4F2 0
23 B 22ms
21ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210728&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08e97451ed6aa449876b851c5ac38cb4e342b76eea700c8473ee7b5055350a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8606
x-xss-protection: 0

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 386A 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 09:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Aug 2022 09:00:12 GMT

GET
H3-29 200 160x600_0001_button-Jetzt-sparen..png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 5 KB
5 KB 19ms
15ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/160x600_0001_button-Jetzt-sparen..png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b077311f492cc5d4d1298c75bf59632b8e6aea513e34e709975bb30c20a226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5076
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 Logo_2.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 8 KB
8 KB 18ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Logo_2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e894dbda8c37ec5e424d1ab1bb9e2f2cd701f3eb8179ef60fc058dbb7b96bda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8105
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 300x250_0001_1_-Bei-Ihrem-Einkauf-gew_hrt-Ihnen-ROLLER-einen-Rabatt-des-zu-d_1.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 19 KB
19 KB 17ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/300x250_0001_1_-Bei-Ihrem-Einkauf-gew_hrt-Ihnen-ROLLER-einen-Rabatt-des-zu-d_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4e5dcac1cfc86c753f2b314c71c2f4e421a52302feded74a24f2788b1af9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 22:10:40 GMT
x-content-type-options: nosniff
age: 131477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19311
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jul 2022 22:10:40 GMT

GET
H3-29 200 roller-970x250_0001s_0012_links_unten_g.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 5 KB
5 KB 16ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0012_links_unten_g.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e0b24da733d5cd59471143d6e0dd3893ae82941865676f4b1bb27e558588a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4862
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 roller-970x250_0001s_0011_Vektor-Smartobjekt.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 5 KB
5 KB 16ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0011_Vektor-Smartobjekt.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06f3fe1e1d1129211e14f8d87851843026604160f352447950968b1d9dd15ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5252
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 roller-970x250_0001s_0009_Vektor-Smartobjekt-Kopie-2.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 4 KB
4 KB 11ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0009_Vektor-Smartobjekt-Kopie-2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d24df6a70dac277a4b3fdf9b570e1b257e8fb4360c073101805ce2dc4db93f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4222
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 roller-970x250_0001s_0006_Vektor-Smartobjekt-Kopie-5.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 4 KB
4 KB 25ms
22ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0006_Vektor-Smartobjekt-Kopie-5.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed262ff069f171050f888cd30b8018bdaa23e79a13098db9e49cfc8ad0cd7ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4222
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 roller-970x250_0001s_0003_Vektor-Smartobjekt.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 4 KB
4 KB 25ms
21ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0003_Vektor-Smartobjekt.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca536a22e57935dde7743aa7c7281fad4963b30dd9cec7f6f04014593b24413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3946
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 roller-970x250_0001s_0002__ber-Button.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 4 KB
4 KB 24ms
21ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0002__ber-Button.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd6ba1ddbb2a35d4a1cfe4956d3c84811e10805817ff917b7adcba7647132e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4222
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 roller-970x250_0001s_0001_rechts_mitte_am-Punkt.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 5 KB
5 KB 23ms
20ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0001_rechts_mitte_am-Punkt.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d97c0460d91ec9a3dc72a4dc142a461ad0e4bc9b6434d789e90435f5b11f7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 22:10:40 GMT
x-content-type-options: nosniff
age: 131477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4862
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jul 2022 22:10:40 GMT

GET
H3-29 200 roller-970x250_0001s_0000_oben_links_M.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/roller-970x250_0001s_0000_oben_links_M.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0090fcc2894fba1ebc463827b631b427132dd148e42f6d67e77ae4356cd3d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:42 GMT
x-content-type-options: nosniff
age: 361215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4341
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:42 GMT

GET
H3-29 200 52Jahre.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 19 KB
19 KB 17ms
14ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/52Jahre.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5682d900e162f48a6932289c60b7f02038911a2a4edd712728ef739fe314f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 22:10:40 GMT
x-content-type-options: nosniff
age: 131477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19049
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Jul 2022 22:10:40 GMT

GET
H3-29 200 Verlauf_1.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 17 KB
17 KB 17ms
15ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Verlauf_1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897495aee8d088d4ab86463f2e5393569bbf3518f491e30ce32bccc83598349d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17653
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 Text_copy.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 3 KB
3 KB 20ms
17ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Text_copy.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fc0c8cee8754be02353387e9cea03ae66af42457fae7c2944057cd2668b6d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3034
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 Text.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 3 KB
3 KB 20ms
18ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Text.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3c4d7504fc83cc40af4b5d8b93eb36792b60c6c55cf5bc127046216919adbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3317
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 Text_copy_2.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 2 KB
2 KB 20ms
17ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Text_copy_2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0dfc7b0b95fdb9803cbd51eefe0ae3d58453db886543c0e673970f606106a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2516
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 Verlauf-1.png
s0.2mdn.net/sadbundle/6098122305590071555/ Frame A5A4 45 KB
45 KB 19ms
17ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6098122305590071555/Verlauf-1.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e164ef1fd512c4dc8d84373c230ecd58848fd61f61a798f947a48e1ace148403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6098122305590071555/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:21:43 GMT
x-content-type-options: nosniff
age: 361214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46516
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 06:20:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 06:21:43 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:57 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C44E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 02 Aug 2021 10:33:52 GMT
expires: Tue, 02 Aug 2022 10:33:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1477 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ed0c141c14e538f439dffcf00bdfaaf97f6ae2597785e1792ac85b269a156ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2G9+bqL0hq5wy1RDVXaGOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

expires: Mon, 02 Aug 2021 10:41:57 GMT
date: Mon, 02 Aug 2021 10:41:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2G9+bqL0hq5wy1RDVXaGOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame C44E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 30F1 42 B
64 B 32ms
32ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucWXcI3W1llVQQb39wWenKWXcLe4k1vWl65MNUwyBVE4deAbAjvYKMUCPpyL0FEPfZeZI15BAPKMcx7qSToyGbnXnCj2Wqq6cjak9iUxkVFz4OguKszcTATID19g&sai=AMfl-YRK3zaojpSLAjPQsT6QL_ZUAVzZ_iZ74QeSLcAqkZKsZoL5ZPFD5Zk-wErv8ADHWpRDD3IgCmnqdnjbBrabUaS_M5EEWFK5_zQoEWmU7mKMYhw3i3V4vwivQB2hIfI&sig=Cg0ArKJSzPkucVNaQFgyEAE&cid=CAASFeRoCI-6yLe_TGzMCwGdKXBcpLrydw&id=lidar2&mcvt=1019&p=289,436,379,1164&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1303692345&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627900916803&dlt=23&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BE6 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
182 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=351301425239951&ev=Microdata&dl=https%3A%2F%2Fwww.u2interference.com%2Fforums%2F&rl=&if=false&ts=1627900918053&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22U2%20Feedback%22%2C%22meta%3Akeywords%22%3A%22U2%2C%20bono%2C%20u2%20lyrics%2C%20u2%20tour%2C%20u2%20vertigo%2C%20u2%20beautiful%20day%2C%20pleba%2C%20interference%2C%20bands%2C%20pop%20culture%2C%20social%20responsibility%2C%20atu2%2C%20u23d%22%2C%22meta%3Adescription%22%3A%22U2%20-%20We%20are%20an%20online%20community%20where%20thousands%20of%20U2%20fans%20talk%20about%20the%20band%20U2%2C%20their%20lyrics%2C%20tour%20dates%2C%20upcoming%20album%20releases%2C%20Bono%20and%20the%20rest%20of%20the%20band%2C%20pop%20culture%20and%20socially%20responsibile%20living.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=62&fbp=fb.1.1627900918052.374491594&it=1627900916446&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D72 624 B
299 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYtMCTcDAB&v=APEucNUb59k1D4QWDm5g9-424IJgc6vefJot5JgI0j7W5kgvi-N7qc8qYDC9c5qzIYHlSw1XXur6O40kfqY-dHouboUfCVpllgdoRGoYv1ITxlogaFTMP_nMpcCOy1U4lxhPm2BbYRsELaWqMa7ta150sOp6lw4AJm7U8sNDQVaV0PIfDpAMhE8

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CISOChD9gyMYtMCTcDAB&v=APEucNUb59k1D4QWDm5g9-424IJgc6vefJot5JgI0j7W5kgvi-N7qc8qYDC9c5qzIYHlSw1XXur6O40kfqY-dHouboUfCVpllgdoRGoYv1ITxlogaFTMP_nMpcCOy1U4lxhPm2BbYRsELaWqMa7ta150sOp6lw4AJm7U8sNDQVaV0PIfDpAMhE8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhf1H_5_aLtJ-Y39eF0_hJqYJvmx9b9z3a-obMKlaogoiDtZM-5TflCE3u; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 02 Aug 2021 10:41:58 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5BE6 66 KB
25 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtNTdncWCbc92Je3s94ADbCJp2EOU0JU5KRrQK63Iun-IXnAys7T1r3UEvWFp1S035ZpVuJaL4lellOwCcXK9ubie68fx2zzJl-yz8nXL1C_sID2NPyxPQL56FTp3m_l3CaMyXUxAOpcJhpTR2ec2tZdpgow&dbm_d=AKAmf-Bt01vRMcLW2g8valW2YRNqS0x8V_ceEc80a8-UkcPH5FqPYxyXQ-Lvdtw9dK7u5NWQ3HhKE_JwFT6Ry1VeTSO8H7o90qLQHoQBGbcQzgxr9KJ0y97j8LWMeei7fg5Ti7n1jhmUTRwRcDS9lfHL0UVi6vcEfWM-CLxZDQaq9R1-p3QT5d4DEezoN_tYRYelfTFHJRDz-GNXkJpPx9KgUT7ll2536BRh4s-gIPjLhGsqiSUzHHgR0_5fFlhZFvo4MU_4GC-rIYn12GesRFCOa4yUgkIlBTF24Afi6GuI13EZy74Pemw0S3T3oeTRpLBfiTonIRptA5EV_z3qqmpzdij-4aZRfeZJTFVTWGlPaqpyaIWCNIWJX0-0N_TpZ-N-LSssMc74_TsDs7Z31EuCWmxaMOlEKRVuSOxEizIeP6HYFhGEbNnrLD3dyVv-mNVsyXyE-mCJ2s42Uyszv2tq7jksjwsG6WH41rpZ80poWXkMrF9LiZq6RV-tU1PoOI2lW5NNu2wQGf-eilsqE4ZQrF7M2joed4PoMfJiAa13PLKSpF236NutW_B7l3Y6CmblK0D6z2l6DCnPeYcwYL8wTJ95iPsxFxh_Nx3qh235SLqmC7mL9Xv78E3rnz6pICSZyzJR4wbscgCfUbV5y29c4O2c6cbECuFgSjMKxLyDxkguOXK5hgkwR8EI6HAFH9oxFNzmzCY9tWWWCRCmNYa-CKUkkylHKrJLIJoamaWMo3Fz2yfA7MJyNtxKZjJLArwkZ-t5LKmy_iFzOSlVXHWhe1dv7j5DA-OFsTsEEMa8o_RRqKzJBBn0tKTF9LP-gt6iDOoHkBH2dMPYMP6SE271rJuNkXqMQVFTKZxCruoe_2YG2EB58bo3H-FliK8pmE894rHSYXK44dPh9gqlYjnL8LarfTHSGQqwQOCS03DWrOegK85jaymVjigTr4LnE5YLlJDRcAhrNXRweD51GlCUKzZ3dWiSyQ6FU_2wdHadHpl1rB6vfXRaaNR4gSzrmAEpEaadkHB5HRjgIJtYxpx0lJ7-aAqJdSjwu3DQ-AAs2oyxnZndVS5ZwSOJi4dWC0eahIVbJlPl87Rgx4tPZTv44sN7UlG-yuB7uY36Qz_08jd0iLMjpT-fNNuObpCrtJvwy4h4ntzX-0Zi4o1sKR5IrOLg4lw1dvkJILncTMW2-KdpVsUL0BY8DvW9N7MGMLzEoC83Pqeu86Hoxz_zfzADJftnh-KiplrX3G6Yvhj2Bt575bIxUK1xi0VIxlRXLtz29BAPB_nxsCrX2hPOzUvP8xIKNjPyonn52rawYc7zr_r8jyM8eGCy60DfkYN_khpqd1kcXrMHhXibLHhk2WDlz3MonqdCpUcdAgHPJIhCfxaqF9PduMoH1koEwc9XnpGkiAYbMDkgR_PuKp1WphdfN_ITK6d01x2WkokmwXdN0cgnBi-bKcUSgEXZIhh0te4YoAA00huSTfP5FMEU7eOSr4PZChA7iaGyEzwz8h5wE62yGJA0yWJW-JhM9nJAMwrg9M9iOxIEphKgZtshG-1Ww7uoHNUTpYrCGjKoXQMYTbSsjPEoaAIclMOgIcuXR-CRnnLEJcDnwTV6F3Zd2ziRnqVaJ2ocCwBP2_FiwOeafePNN5HGrqdhv9RAdqXb0MCOIbV_HzvSIH46EReLVm7MtwIvYlo-hT_4EEPdKz9ZuLPDyH0FesjqEn0BqWtdS9igjoWzKrbHmN4ujEL9c5uzMrZlRoZxsunGCWQMgBrNHjV1YEyxkeMs1ak3Q_sdsiF3LzULeNWX6atUXl8E4T0ASy_TjdQopPiS9aWwg83HME0Nu2LcIf1qaSJC09HGfDzSdhsS0xYTtTNlSXggoC0RXGUhNpq_X8RB23alkPYNnahUoUZg739pg35NuRaP9SXihs9N2gCCXjSyJnlbnp5D32Ps-1jqbYVsdO03Clv5KYuPzud2JZyhHEZ1_Blv2EhGrR5i-1bYQNU4XO0PzTdkLq4lagZmGtwcLyI4L8BFyAVUznRMSxQ44RJ5N_qw1r1gwGsoYyJT7dUffVtdF27ZbkUglV9hMfvBmrngm_Eqr83u7D3e-_OlPy5qCOFhrOQ4WIErQDBW_Ddj7vnPec8WmiYZuD9COsJhWToK_Y6fDpW8OhrnB6hdpOHd-d1mqMyRwrGda0ZR_vMX49H4kLiuf-NvPdALciAN2suk6Kg415t5bjOC8bl7OdeeidmJM3NsupI-igxN7CBQ_eafOs_EdDarAWr4qTU01pCCNNKQY4wlCkIibdSrDSsaPtbZ_WK5Hc8mLYjKwFficgJrkE_d_e1uoKKSTc5p4PGQaM6Ra2DZI6p8O6pMzrsE_YvE-DHXrLAQTJyfPHHC2yeXha9_I5cLfetTZozuoIEUA6pSsvc8d7IzD57KkAFAZZ76aBcdx_RlK8iMf8yd1EA-GsluOQuuknS3PGOHeTdeJdoqGOhZxa8fG95nQ2AmLE_iivolwFMeAz22uk9rKNS1hn5HCZ8GwCTErV77UNErf9o5vfRb5-M6RR2SCpiQuBV0CxdLRbNM_z4ahf5brCLUiegEeWhGyj-6KRgbnyOcV68WnqSSyQn9FPqX2S7_LepqVZSupzUvQHzel8FuBCu-ftJsc6g-LyjPmWs5r6TxU6uAKfZ49c3-cTN1QHJW-mdCdI4xYUHYaRt5ESvhF0bYpmgUroS4LczHq-qvbFG66v0cQdJd3AoQQhdRKCy5pH2WtFs9DWCVZwGRU0rySZGAaOyzDcYAdXAyZctaz9FU9PVYzW_B9sZOFgVhT1yES4R4IQb8UNwZ1ekH3i1ZBeI4ZdrI-iMTHdNnuPUdoZ385ZAt2ZEKuc2b_UwZH_HY4pNXThXACIwu1uFOhNDerYfof0wyeGnsCCo77dfUBCJc1-wh2VuomUJg7MuPEG2KOYKivBd90td1pKYaa62-tWphTOu4pwL9HiNKOH2dWbuO20ZIcpwVMkg-oXkZRQdLYNpHuEdBVw-V7TLjYtelQccrFKdi3VInx_xhMF8J4icugtH1Bz8gpTT4ZKF16psMkgKa2qzQ4b6peHBMinEmRefO_37tqTgoJinCvPF0Anha8g1uwClD3-h2ao0Oq6wQ0bRR95QfjlXh0iU3LGcTmvG1o4je8GhZn61fqQ&cid=CAASFeRoyM_UFkFOc4-sK1x2cF91VrBdmQ&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88f6583046cd374aa1772bfb4ae60fb0f40324cd9fa728155cdf30dfa66cf93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25963
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BE6 42 B
63 B 30ms
28ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtmB9iGdkmZA0cqvYKQAiz0WINEpa9uZ_fNducEjrvVGXzxsFl3z_AkKhkPb0BzI_c8hVOaaA0UecaoADC4RfkzVWaIqeXtM09n4FTbFYQpNYRtVg

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5BE6 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE6 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5BE6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:49 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5BE6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCQYMVr7CL1FPaFwgf-2KiRDQdnkB_mwGI5jeaV3GetAtg5GRWB1G5_cEf25mCaRbmKw3kvNpBrCV_JNPnicOEhlHlyw
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 386A 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuoZ19csHYYyGBMeL7_UP4oG08A0AAAAAOAHgBAI&bg=!2dql2p7NAAals0SOpbM7ACkAdvg8WmUcL26UK9h6MBUt2KdlXU-JzZaG0fNV6kOs7ZZx0cno-FHMEAIAAACuUgAAACBoAQcKABeLEjJw5Wm6dIu-v7s7jF8yVtpZ-W7llJkC7KvHH5qDOrQ5NyQp6xiweMc3EY7twfxGP7aDSKiz03N4KTXWJSK-Ms4IrCd2SdQlLAzQEl0rC-wuoZJSFFDfSPa5Pe-yV8PA1Rk1WsOMA1j_-9AWVwmsJU-khYPst0rzq3rn8Fyh4JL_2WY-t_fSeweJogK4eewvi3AUUVN6qk1xNrxJX42aUsxb9oZvm9O3YWSeC7TeMue4xrJEo0VEW3kCW83EmaXD_a6jCHaUAyh02moxytTd_9qf89HQY7PA8sHUkWuENzyeLCGNOpzwSA2_WQqAVyJAOoL2qiYu0ZM9IOx8MK3aKnwfIWvZKmv_tnalbuh7km5xaNFb3IbIoi_CtpwoIBXTJ0uewGgVKCLBzqTYslsZacQtMeApSEW7YT-O6Uc_MqN13-g9pTvNPHnQSIEith-HIrHg0SK4gt-L2GxiqULaq9eq1TVqPhGDjyChqjAOJnhEw3mJ1qdTxFWRxtJ9HznvIT327lr05ppkVVSyyWN0sQwUmuUZN9D1OsFdhtpHbyGGbwsmK08KR3S5j4TEP13Bt1sz2tty1OjF3vsPPYMd2s0mMa48k1Pw2gFakoqkWGLmJ0cXRHm5kTc9eMPC-a7-FZAZpzBjsUsxxMzzUnvD6JegI5NuCOjDn7CorcAkevrLAPi1lpt9VSnroTFSojJ8Tp7QFdgIwDDBTu0NSMaAbXU2cxbaguYPdiiSV8KNEZffRet7J3LxQM8-BBCl3zGomLhnFI3naHyfOVj0UxeWoiimA41RtTo6SSixC3wmAkOHySEbR6NJ-ZJ2mwjpHbGLRePeE0QtPhl2OeY0N3AqZ58aGKUTLV7XlqkVa6zG41K74lI6BBNEqcMRKWHkCBvBSHbDMyZ8tcymxddSQCKBR-fgokaa1GPsF0Y9fdIfikcOVDQZo6pct1dc4LzvmN0Oif9VTOh2YLoQZhI0fI3_gH2d707VZVstzfKvTLffrck5FgzArHcEZ3KBqZBDvQNuJrOUxxk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7D72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYtMCTcDAB&v=APEucNUb59k1D4QWDm5g9-424IJgc6vefJot5JgI0j7W5kgvi-N7qc8qYDC9c5qzIYHlSw1XXur6O40kfqY-dHouboUfCVpllgdoRGoYv1ITxlogaFTMP_nMpcCOy1U4lxhPm2BbYRsELaWqMa7ta150sOp6lw4AJm7U8sNDQVaV0PIfDpAMhE8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7D72
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQfL9cEA0-lcWGug6pNL7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1

43 B
894 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYtMCTcDAB&v=APEucNUb59k1D4QWDm5g9-424IJgc6vefJot5JgI0j7W5kgvi-N7qc8qYDC9c5qzIYHlSw1XXur6O40kfqY-dHouboUfCVpllgdoRGoYv1ITxlogaFTMP_nMpcCOy1U4lxhPm2BbYRsELaWqMa7ta150sOp6lw4AJm7U8sNDQVaV0PIfDpAMhE8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:41:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRJ2c848-BpJ83iG4NbTaw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7D72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK68dqxJA3BtX07T33oGQeI&google_cver=1

43 B
1004 B

14ms
13ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK68dqxJA3BtX07T33oGQeI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYtMCTcDAB&v=APEucNUb59k1D4QWDm5g9-424IJgc6vefJot5JgI0j7W5kgvi-N7qc8qYDC9c5qzIYHlSw1XXur6O40kfqY-dHouboUfCVpllgdoRGoYv1ITxlogaFTMP_nMpcCOy1U4lxhPm2BbYRsELaWqMa7ta150sOp6lw4AJm7U8sNDQVaV0PIfDpAMhE8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:58 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 23829030-8686-4932-8e3e-58af428bca60
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK68dqxJA3BtX07T33oGQeI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7D72
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:41:58 GMT
X-Proxy-Origin: 159.48.53.248; 159.48.53.248; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 030687f4-386c-4328-b89c-d58a131bde47
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU0MDE2MTA0NTU5MDM5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 5BE6 169 KB
58 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 14:30:06 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 5BE6 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtNTdncWCbc92Je3s94ADbCJp2EOU0JU5KRrQK63Iun-IXnAys7T1r3UEvWFp1S035ZpVuJaL4lellOwCcXK9ubie68fx2zzJl-yz8nXL1C_sID2NPyxPQL56FTp3m_l3CaMyXUxAOpcJhpTR2ec2tZdpgow&dbm_d=AKAmf-Bt01vRMcLW2g8valW2YRNqS0x8V_ceEc80a8-UkcPH5FqPYxyXQ-Lvdtw9dK7u5NWQ3HhKE_JwFT6Ry1VeTSO8H7o90qLQHoQBGbcQzgxr9KJ0y97j8LWMeei7fg5Ti7n1jhmUTRwRcDS9lfHL0UVi6vcEfWM-CLxZDQaq9R1-p3QT5d4DEezoN_tYRYelfTFHJRDz-GNXkJpPx9KgUT7ll2536BRh4s-gIPjLhGsqiSUzHHgR0_5fFlhZFvo4MU_4GC-rIYn12GesRFCOa4yUgkIlBTF24Afi6GuI13EZy74Pemw0S3T3oeTRpLBfiTonIRptA5EV_z3qqmpzdij-4aZRfeZJTFVTWGlPaqpyaIWCNIWJX0-0N_TpZ-N-LSssMc74_TsDs7Z31EuCWmxaMOlEKRVuSOxEizIeP6HYFhGEbNnrLD3dyVv-mNVsyXyE-mCJ2s42Uyszv2tq7jksjwsG6WH41rpZ80poWXkMrF9LiZq6RV-tU1PoOI2lW5NNu2wQGf-eilsqE4ZQrF7M2joed4PoMfJiAa13PLKSpF236NutW_B7l3Y6CmblK0D6z2l6DCnPeYcwYL8wTJ95iPsxFxh_Nx3qh235SLqmC7mL9Xv78E3rnz6pICSZyzJR4wbscgCfUbV5y29c4O2c6cbECuFgSjMKxLyDxkguOXK5hgkwR8EI6HAFH9oxFNzmzCY9tWWWCRCmNYa-CKUkkylHKrJLIJoamaWMo3Fz2yfA7MJyNtxKZjJLArwkZ-t5LKmy_iFzOSlVXHWhe1dv7j5DA-OFsTsEEMa8o_RRqKzJBBn0tKTF9LP-gt6iDOoHkBH2dMPYMP6SE271rJuNkXqMQVFTKZxCruoe_2YG2EB58bo3H-FliK8pmE894rHSYXK44dPh9gqlYjnL8LarfTHSGQqwQOCS03DWrOegK85jaymVjigTr4LnE5YLlJDRcAhrNXRweD51GlCUKzZ3dWiSyQ6FU_2wdHadHpl1rB6vfXRaaNR4gSzrmAEpEaadkHB5HRjgIJtYxpx0lJ7-aAqJdSjwu3DQ-AAs2oyxnZndVS5ZwSOJi4dWC0eahIVbJlPl87Rgx4tPZTv44sN7UlG-yuB7uY36Qz_08jd0iLMjpT-fNNuObpCrtJvwy4h4ntzX-0Zi4o1sKR5IrOLg4lw1dvkJILncTMW2-KdpVsUL0BY8DvW9N7MGMLzEoC83Pqeu86Hoxz_zfzADJftnh-KiplrX3G6Yvhj2Bt575bIxUK1xi0VIxlRXLtz29BAPB_nxsCrX2hPOzUvP8xIKNjPyonn52rawYc7zr_r8jyM8eGCy60DfkYN_khpqd1kcXrMHhXibLHhk2WDlz3MonqdCpUcdAgHPJIhCfxaqF9PduMoH1koEwc9XnpGkiAYbMDkgR_PuKp1WphdfN_ITK6d01x2WkokmwXdN0cgnBi-bKcUSgEXZIhh0te4YoAA00huSTfP5FMEU7eOSr4PZChA7iaGyEzwz8h5wE62yGJA0yWJW-JhM9nJAMwrg9M9iOxIEphKgZtshG-1Ww7uoHNUTpYrCGjKoXQMYTbSsjPEoaAIclMOgIcuXR-CRnnLEJcDnwTV6F3Zd2ziRnqVaJ2ocCwBP2_FiwOeafePNN5HGrqdhv9RAdqXb0MCOIbV_HzvSIH46EReLVm7MtwIvYlo-hT_4EEPdKz9ZuLPDyH0FesjqEn0BqWtdS9igjoWzKrbHmN4ujEL9c5uzMrZlRoZxsunGCWQMgBrNHjV1YEyxkeMs1ak3Q_sdsiF3LzULeNWX6atUXl8E4T0ASy_TjdQopPiS9aWwg83HME0Nu2LcIf1qaSJC09HGfDzSdhsS0xYTtTNlSXggoC0RXGUhNpq_X8RB23alkPYNnahUoUZg739pg35NuRaP9SXihs9N2gCCXjSyJnlbnp5D32Ps-1jqbYVsdO03Clv5KYuPzud2JZyhHEZ1_Blv2EhGrR5i-1bYQNU4XO0PzTdkLq4lagZmGtwcLyI4L8BFyAVUznRMSxQ44RJ5N_qw1r1gwGsoYyJT7dUffVtdF27ZbkUglV9hMfvBmrngm_Eqr83u7D3e-_OlPy5qCOFhrOQ4WIErQDBW_Ddj7vnPec8WmiYZuD9COsJhWToK_Y6fDpW8OhrnB6hdpOHd-d1mqMyRwrGda0ZR_vMX49H4kLiuf-NvPdALciAN2suk6Kg415t5bjOC8bl7OdeeidmJM3NsupI-igxN7CBQ_eafOs_EdDarAWr4qTU01pCCNNKQY4wlCkIibdSrDSsaPtbZ_WK5Hc8mLYjKwFficgJrkE_d_e1uoKKSTc5p4PGQaM6Ra2DZI6p8O6pMzrsE_YvE-DHXrLAQTJyfPHHC2yeXha9_I5cLfetTZozuoIEUA6pSsvc8d7IzD57KkAFAZZ76aBcdx_RlK8iMf8yd1EA-GsluOQuuknS3PGOHeTdeJdoqGOhZxa8fG95nQ2AmLE_iivolwFMeAz22uk9rKNS1hn5HCZ8GwCTErV77UNErf9o5vfRb5-M6RR2SCpiQuBV0CxdLRbNM_z4ahf5brCLUiegEeWhGyj-6KRgbnyOcV68WnqSSyQn9FPqX2S7_LepqVZSupzUvQHzel8FuBCu-ftJsc6g-LyjPmWs5r6TxU6uAKfZ49c3-cTN1QHJW-mdCdI4xYUHYaRt5ESvhF0bYpmgUroS4LczHq-qvbFG66v0cQdJd3AoQQhdRKCy5pH2WtFs9DWCVZwGRU0rySZGAaOyzDcYAdXAyZctaz9FU9PVYzW_B9sZOFgVhT1yES4R4IQb8UNwZ1ekH3i1ZBeI4ZdrI-iMTHdNnuPUdoZ385ZAt2ZEKuc2b_UwZH_HY4pNXThXACIwu1uFOhNDerYfof0wyeGnsCCo77dfUBCJc1-wh2VuomUJg7MuPEG2KOYKivBd90td1pKYaa62-tWphTOu4pwL9HiNKOH2dWbuO20ZIcpwVMkg-oXkZRQdLYNpHuEdBVw-V7TLjYtelQccrFKdi3VInx_xhMF8J4icugtH1Bz8gpTT4ZKF16psMkgKa2qzQ4b6peHBMinEmRefO_37tqTgoJinCvPF0Anha8g1uwClD3-h2ao0Oq6wQ0bRR95QfjlXh0iU3LGcTmvG1o4je8GhZn61fqQ&cid=CAASFeRoyM_UFkFOc4-sK1x2cF91VrBdmQ&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 5BE6 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:47 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BE6 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
DATA 200
OK truncated
/ Frame 5BE6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7fbc780b25e140e333cbb06b787f004770296bd43f52b9f5302f1f141adac94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 35 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d07e1a36666d910f9f94fe6dd48ef2246fccd59e17da16247f4cc1d4ebeee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5050
date: Mon, 02 Aug 2021 10:41:58 GMT
expires: Tue, 03 Aug 2021 10:41:58 GMT
cache-control: public, max-age=86400
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5BE6 0
24 B 26ms
26ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPqYsxCKr8shqfaR0w537kvkZwd1xIVRBHlBCjPPLg5KhQ1k4RtXghuLwCgeWs1e0mx2eC0Rk-FoBRhFZKUmpUbQoKvFRNK7z8gV41u7WagGDxEwLmGhnl2OIqhN7B0Bk-xA4ggYKof5oxeW5bAm3UpyYS3eRlP_RwUM5i6yky6Novjo8q1scG5p6pj61Was5UHKNOq2APB9yjSNW-lbIegqZRQgzJpvB6ew16b6DkFHVClNmukr1JdgeeTw6_f3A1XSuUQA_v2M90wkHE95FV9wovZSBYLgT57jbS86yK3Tkl6Mc5a2H6JyREOj0640DPu8WIuYCQciKfe7Yn2eFA4vF1RrzlFAOGySIdU9FZs2lCNWEO4fLEJrlb8rZFZj-XpXNV9ylpetCnOHA9WJtrcMDDrQbt-xRE8R8DohlUvkBgcA9AxXz2J4c3IFdru5WvFz42MXVlNx_6bHglXstVMXgUc3bfoeM5_wyhVo9VcsU4iAZUp6OP-dLCeJqyEIp4AdOZshYbyxdR2-BLihsdP3bOB70FYJsjVZDPZfMb9yNQ9RfGeHXs5woY-gJEENwZe558vYuP-Xy5_aGCRrR_Pc9NM4Wv0PatS-z8_cXgyKBksrn5URxEyJk7BPdcLVu_dfpWCTXpInPkwxZbNNoS9Sv6oX-10r3RBDxS3rLr3omFGhIp31VHG13b1iUjFPvuKpluBesMcJaiEf4lHwkq-RqJMO2cP8I2F7sbD352Hq62qod0mQMuv-p6ZPBWOqxdxGMqbtVaOMF6HD8QQapHcYYL5OZuUsQmdmshR0eaEnvK8QEd69TtGu9cKegD7iJIsPB3wFuNY6svrtWaogHfse3LHyLjpId1lewoQ55EdNqjzUlSRVQK9yyzgiPvEVxSSErLS6YXWRNED0KFfiaUOo1XYG2B_5xwfrTBcaZTPMRUdaiHfR6UUkGkXzGDdsmGS-j0qqDtKh8HTUTOrFGfS8YlrIvLMjNCTP5q2bnkl79ibKTShmBH6lUGUnDt7BphVY8sJ6QX7KW1CQbnAKLJPKIxA-7XP7RtRlrOzgknpwKErsn50kAbBsawUTTP2tlZY0jZ8IYZeeSa8PUbCF4qXHIuMNrh76NFpQ4Tt20gEwaMyhdNIZpsPX5pXvQRbbcRMb9HCyPFxkxwqaQLKue5-BzixTDoqsGLTtgM90dso1RF123M_gcV&sai=AMfl-YSsShSLlU7VNRvk996Txx1ZJj41fbDfP43ZpLvXRb8XmFFQ_R7HToxcoYu72QNPDuFPlYb1VTd2yyg5lk9NLJbNspsQY2GMUofwNQWJqsmAhcEKYg6yrXVrm2SaJb4IadfTkTQHz70FgW8h_8kUIHbdV7m8MeYFZBz41TI&sig=Cg0ArKJSzOS5G4ZwLH16EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=51&cisv=r20210728.30617&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 02 Aug 2021 10:41:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DD7A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 33ms
33ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210728&jk=387092612201918&bg=!7e6l7qrNAAals0SOpbM7ACkAdvg8WlSZtXWmf68invzWVLpXed98-UpBNsDII3YVm2bMTZIEOjaEKAIAAADQUgAAAC1oAQcKAQuzDV1wDFuJjfsqgPxh8MGEYeTBFT8pcQGcz4tb67eVXuL0epe5zeTrPE44w_TMiwgYYlUPeIuLs2kRo079TYlniZtYuCf0QtaymGmTLy9_Utma0x7w1oBB6dSoSUovfLae6G4zmviW5-DyMbKyo9ES0LekH0NzDBzboYUXG4XYwApgtFjXQXdVVzz3J-wTjfBtI5Rnc5gf4QLU8gY_yyCA1-7zp5ogtP7ibpm1q4cuHtx_xgFJWU4OnYcHk6A_nG6Gc5EVd5JJjnyiDRXK5iyHu5aGnfRqG6wWoDoNAQiHc_ibNQH1IRqacKRPTR02vI8djzsAseIaugYx8kqlUDus_Qp5MAx8T0bUC9KZAomAo8JpCgsbVO80UHGu4SAIdCVkhGBsqP4CglpQDJPnpfGokTIUOe3JXMhcGYM5EukN__RvPm-KPf4DhCFdemFofUpRsxJaV6w0Sau98C34UelhCEF19yioYUX9YMxAuUK61_y2X8gzqAVc8H21QtWYHgvOW3MBQTTmfFGaZPqonAQwj92jFHBnU96_51IXt1SI2-OW-etaCIfCyfgVtTfGBkb2zpBkVOsLp6-trpl364rEcWONT_-DKzPfwbpXL1iA4FCJMSE17FBNNEMb1KjmjoFWN-tMfMh1T31Kih_iDbULTZV2OBwDyjoY-T0LHnBEpm_UAcEr-CoT729sY9tszrNZv_ovugXlBR98PvNCEvbV7kBRd02xlcwyDe7zyFH-BFZeLb1EickRFtfu7UlVYaGuUMuEfeHpdwNxadf_VJjjR-pAZfVsFViOSmIUnIUX5EA7B1aCY8QIU7mj9AdS8B0i1497W_8b2S-t6Da42qKjmg74POzSrwohbNFnvdqGmrNzcN0Ah7O4yi2bLeaGfhIGv0JunwNYqNWp-1E2Jpp4cUVe0gtKAtbIw5ZKBCyU1vcYdTmxJTQIRPHqD5o6oZ4sX2hD21VaPitq964KDjGd_iGhpb1WRo0YbTzpji2uiQCcfNGrJpy2pUZAGX3zwClvl2fIBLzvKDGZrIf7rkQJp0KkK4xAUHVI2Jnuu4t4QVBJQoOLxkOvy2QByDl_fUv5ygS1VXaOcaGD77T-sxC0bNk4VibJc-a7LNIjKY6X3YwkCtp0RP9HtpUonCwt0epBglNwttCZ--yX7Hl4Bsb2IcljFsEbpmzCyLeN-Cm41rHrbcr6qCD8dBCqpXwALZbW10Mcq8sG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u2interference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 55 B
83 B 11ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 16:18:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
age: 66189
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Mon, 02 Aug 2021 16:18:49 GMT

GET
H3-29 200 gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 731 B
266 B 14ms
10ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 21:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 21:03:46 GMT

GET
H3-29 200 gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 24 B
52 B 13ms
9ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 18:21:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
age: 58854
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
expires: Mon, 02 Aug 2021 18:21:04 GMT

GET
H3-29 200 gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 281 B
190 B 13ms
9ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 02:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 02:16:52 GMT

GET
H3-29 200 gwdattached_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 26 B
54 B 16ms
12ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:56:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
age: 13514
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26
x-xss-protection: 0
expires: Tue, 03 Aug 2021 06:56:44 GMT

GET
H3-29 200 gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 157 B
147 B 15ms
12ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 07:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36DB 3 KB
756 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b886b0a2bca92fa6ddfa23737735e087bb5a0f49299a90ece18b1a2d199bfba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 10:34:16 GMT
server: ESF
date: Mon, 02 Aug 2021 10:41:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 googbase_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 247 B
229 B 20ms
16ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 01:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:24:21 GMT

GET
H3-29 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 21 KB
6 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a1aeb88ed58c56f3881c57c6b7a0233eb71f19beda42803f3dfd1de35d39f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 01:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6270
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:53:14 GMT

GET
H3-29 200 gwdpage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 3 KB
1 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 00:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 00:17:58 GMT

GET
H3-29 200 gwdpagedeck_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 8 KB
3 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8ea46ab2d6105379234115b9cf9a695b9fd85824524b95c43b46f83c8058dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 08:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3243
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 08:22:37 GMT

GET
H3-29 200 Enabler_01_242.js Show response
s0.2mdn.net/879366/ Frame 36DB 107 KB
37 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_242.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 11:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37452
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 15:49:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 11:00:13 GMT

GET
H3-29 200 gwdgooglead_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 13 KB
4 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

319df7260917176a874e840902c5576b028f4ed9e206ad595f8ce5b2c4a738b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4434
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 12:34:01 GMT

GET
H3-29 200 gwdimage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 5 KB
2 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af690ae6affa753d44d5ddcb7e024b7ae988c28dc6a10b8bcb250bc35842df22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 23:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 23:10:11 GMT

GET
H3-29 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 3 KB
1 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fabe68b63d6140786250c4aa8afb26bd1d69d2b7af3527be611e3e70ed2ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1285
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 07:45:12 GMT

GET
H3-29 200 gwdattached_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 1 KB
620 B 20ms
17ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 05:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 05:26:31 GMT

GET
H3-29 200 gwdtexthelper_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 7 KB
3 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d118591eca7d386c165d0c746a16a250be028528bb261ae78377794249f10b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2864
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 12:03:02 GMT

GET
H3-29 200 gwddatabinder_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 5 KB
2 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f94da61df33854f21c6df7a5ef4574368905bd23ac88229b69478bf87ea4a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 04:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2320
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 04:56:20 GMT

GET
H3-29 200 gwdtaparea_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 5 KB
2 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d477d1c8b478b0668d6378b66c6d5226c5fbb2f695304288d6c3e70ab2cb70fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 18:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 18:25:48 GMT

GET
H3-29 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 26 KB
10 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e39de12542590b5be053cdcf0ef6c0ab336ba1c66c6d344b27cc492a6688d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 01:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10230
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:24:21 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame DD7A 35 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ Frame 36DB 29 KB
29 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a0edd4f585d41eb0c9eec07d706bec3e0df65f9a9b59928a86157e565f10934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:23:30 GMT
x-content-type-options: nosniff
age: 512308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29972
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:29:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:23:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 36DB 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 576948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5BE6 0
23 B 18ms
18ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E61 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ0UkVXsHV4Oix7G0glcDIvJRZPtM3mzm6I90bBkyjPGvnSxvPr7-Ghhy85jaWinsucKc9RNWk57yQViR6ndZ3lxiggOhNOpGxhOb4WCQLuiBdjKDbOMHEkXQrMw&sai=AMfl-YQgCRC0NP_Bhstdv-0PIQAqyDdA8QR4ww4J30R6rZ8KRtyALkjcErl2FgkQvVfpdnHGrHfWh25WjkwJQk5YGeLEhxWsbtOCZJO-sNfPnVWxAbwzO6TRpCm9fj-tW6I&sig=Cg0ArKJSzEZUibHkfZdeEAE&cid=CAASFeRo29UzLjiZUK_vv3h4E9zvNYo-BA&id=lidar2&mcvt=1005&p=432,1084,682,1384&asp=432,1084,682,1384&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2415487666&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627900917094&dlt=16&rpt=191&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 23720825_20181114065030134_IB_300x250_transparente.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 36DB 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20181114065030134_IB_300x250_transparente.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebe8f283748feb2b802c1d6196f25f5e16c5e00dbc2bb419449fa2eceedcbd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 22:05:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Nov 2018 14:50:30 GMT
server: sffe
age: 45394
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1644
x-xss-protection: 0
expires: Mon, 02 Aug 2021 22:05:24 GMT

GET
H3-29 200 23720825_20210512034432891_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 36DB 11 KB
11 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20210512034432891_300x250.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c81860e6dc39db665fddd36f4afc70fb878709e8fd5486c1deaac3e4bceb013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 22:24:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 10:44:32 GMT
server: sffe
age: 44261
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
expires: Mon, 02 Aug 2021 22:24:17 GMT

GET
H3-29 200 23720825_20210128010521601_20_DE.svg
s0.2mdn.net/ads/richmedia/studio/23720825/__version__/1/ Frame 36DB 12 KB
3 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/__version__/1/23720825_20210128010521601_20_DE.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956ac0a82ae81e911ff3423e40a00bfdd6ee0e806e3410116e2f1a1aec836173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3194
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 11:21:48 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 10:17:24 GMT

GET
H3-29 200 logo_general_horizontal.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/ Frame 36DB 10 KB
4 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/logo_general_horizontal.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

275aed2ce653c9062e170f729d3a96d257116e2e279bc4a9759c43072f490216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 01:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3663
x-xss-protection: 0
last-modified: Tue, 09 Jun 2020 08:26:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Aug 2021 01:28:36 GMT

GET
DATA 200
OK truncated
/ Frame 36DB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 23720825_20210512034432891_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 36DB 11 KB
11 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20210512034432891_300x250.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c81860e6dc39db665fddd36f4afc70fb878709e8fd5486c1deaac3e4bceb013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473916/20200609012642468/index.html?e=69&leftOffset=0&topOffset=0&c=Hrfr0YAV6G&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 22:24:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 10:44:32 GMT
server: sffe
age: 44261
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
expires: Mon, 02 Aug 2021 22:24:17 GMT

GET
H3-29 200 container.html Show response
fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9694 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.u2interference.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.u2interference.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 02 Aug 2021 10:41:56 GMT
expires: Tue, 02 Aug 2022 10:41:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5BF0 640 B
318 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkhf1H_5_aLtJ-Y39eF0_hJqYJvmx9b9z3a-obMKlaogoiDtZM-5TflCE3u; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 02 Aug 2021 10:41:58 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9694 60 KB
24 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApPiN-KhKQ2HOjf13h8n7FcN-SQh6I68OY8on2juwqhQbMXxkzVYOthzcSitPnBUKo_sUF4DJCLvEZMd1Xsyi_NcCdSYbqnTTA7uopH7V7kw8KZ61VEFjtAlyzwvLK9E5tM2ySowFB3ArYAFJrxgMNYFySUw&dbm_d=AKAmf-AvNwOZC2-aZNPrA0DZGzn3Uyd43E4SeZFqaGsNo41QmjXV02aZBFk11eB140KoXpmLgV3vyW78xJfv-dhLK3G-pLGVES_3ItpoqHfXiqpnOIUmrO-Oun3HNHA6v8BrrUoC2RbcDNAgnhkapcdhCk_mCi3xyIR90-0x-U8wrbZQ0qIlC4-AgI8rqHrtXSY8GoE0wOhfSaIqZMkgqCh3JrgNrXaaalVPeRahUaF1KaRw9nRTRMun-ZyRKGM_AaxfHaEeTWJb7WMCpjnFf-8ESqX5PSCddlOYQReo3jWewrvymNjZwNspWmAtdILv6KazEnB2P3OCl8AoXT4plxqbIYEP2ukRsg5qqW4CAl44H6arkNjeML0Ed62TyvtsDG5x9CuZUFCTlBS0PoCdLjfMMCxW6iJ3oISAGwQbs6j9jFXigDXt12ROAaVuxion5w0LlLm6VkqEU1DqgVoxaD5nyqlsfUIBR9R1FvdFpj9y3VjIY6ZEdWiVLJB56qmdHxck0Ea24N_ltUtcS1wiInsLko6bsjf6RPJEtFsEd_720-BP2u3M_rMkaS5kJhasTtNevjkNFk-QJsB8ZUwAhT-hxjEQuXC8HXSmcg8cBSG9x17jo4gCGyS4nUreVlnf-aoB74EesLaEUArDwU7Bhsly_9CRpOcky0_Qh61hDS4Xuq9YoPQ29VyTsmep3vgMmgspI9x8U3Zcv71o-oW6_m05sLqhP-G95Kc-mj8jS2X8GmCWCJAbx7jiVEYHDcggPZGSb1vmwG-kGhmXG1g7PcMqu7DVNU7JrpTvW_HGAwslJph2KBJXiGtwjAvjMB3V_NjoaewlNvuW6UhGgXYwo5fsYmqULepNw7CRmXmQgA6RvkryKk5e0QRK7RbFQlK-fk2Woyw96G7daep5VSVvaLVvdbF1eOHN9qovTWklU1AO-nto2kUbvTx7Mn9YzUsedbaTzL38VBMpCUBifJe8o_IPpiBXavZbcQnk0iNK9iz4EKGfWZQEAFsky7Dka9C1i9Zd9EalH9QZv61hGzj84QXBdRKiU0U0AxSCRgO_gfv2NDQo4ZgAJ0f23I7pA6wL5YGRBTS8LwC0rNmkQVSuludwicCiY-RSegfTjTVZbheO1ocbZJ-0PcVqRIaJKAZ7um-GH55Dv5PnnN7mBLU-NYi0r7VwpI83ko-0AmoauEhE__uBe1vqKuZzyr9lnKvQQN912uXS3_KnUnxodRDF_064EJxcNoBdgrSCL52tHxTrIFIQCuf8_Bfo7S0vWRAbYhDC0Q3Ro41Bmju5FJDLA_FZZ-y4qkZs5pMeoOF4W3GxvlqmYKfWY7DuWxkTNPq0MVFlOrlXI7L3CFL69IZ5vFZUAzKJQgxU_rrrb8GC2y9LLogWZOMobQb2H0JL4PT1RZDARajs41gj75XJylTMWuby0bWDSV-b4zZEEs95PRuBaI3O6lKwYtTryY8wf9MOmf_-aZeGYFTM5qJEPtwMu_i9HO18U4XiFWMedCMmO49P9uEnKmGt8lrapSdhc1rj16QCjpa29cE2R-2hK_p-FohwIPE-OvZ5-6jXqK_OJTIjpGFlWhLcWqB80ARgmLddygPVpBK697_hDDtb3-u3TEksW7IENm65CMFZpJUAyCJfgff_jBX2De5VkuO8bz0IfYqBXRXPbsou28CHc-FKqNi8aNQlcoNm7AYs1cE2bgDzmfzwLXVocbEZ7Ezr1BxxsccmIGrvIfnfqa-xi4BBfzhE3NsqlSNiVL5evlOD0YUDrehX7KOpjNAm6EWDv5OAKHq9SPGxEAZg198xfjAY8UjzEt09pRGP_vZh6-JoqKryXKUsSA7Pt55nt7AjJxZZnXRugO_QzdDOoW92OkwOkVnFglZOZm-ZvEEv4cbm46aAYmln-ZyaEphvq21qFowwTh6JBMaS5Mv6Vh4UrsdXqjAA06pdblUFCIj2mEWT3axwVArVj3a0ajp2RAE30-cFZzr_IWJKLyj3z7CHboVd3mVIeEBphAFKq4beYYSJ6HX3PuiVZV3EG3sGMyyw_5Vd3mhySs9eqfHcAXos0kxenmFvkesxjB4qGRB8OZ-RJQr7J6xwI9r_vQ3wsMVUIHN5rkH2OwebUraomXVKPAQFl9cDyJkI7o6p-M4Ibt0Qz7TD7bteY3O2Az-ht4MaTZv82RFNGlUJM0VaXKoYSdQ5KT5SbAfs97gQ-ZmKWxK7ocGQSGtWuADFfmHcGBEgbn_7eawtQIQ606rzZFk-eEe_i_f69Cx6KUGZB-F9H8ui9g43afPyHhA_nM_ZQ2L-cjBdPTsQcokEGymkHR0E5WdwyKvv90giySvMOXFZPqTlh-MvPo6z57ay05TKA15InZfy_L3W3dF07skLlFkO7PFIElOj4yZR0x6Yd61K2yEngqemPXGokJJaXkraR7UVTcO09bKgtdPTrq-Xm_GFHDGKnKO7A7TYE0ra87jmanb9WY56D3x6LFRQNmyPFJ7vHuWJ69OINx590w9Q4ERjKY4uMwfK2ShezAfex6QCz5bSHRSbjt7QrEBRKaj8FQRMgos6nEpaB0Cs_gdeY6gPTOKhJ8ivgFK96q0xsccIGeBR6UFYSt2Es1w4hL1eMlQv_7MjGiAtkEdtCQaoeRaKb7vStw36bZQnaRQzOx_3zck2L_Bo_PZt_ccjpf0vk-J_aoZugo6oj0BC_1SGhLvoQbRmoSxSk69skvcbQACS3ZWH5nWJYfwuLL15g8ARMUQm4VvE7F1uKQF-tBhHl2HicBxuzObQgf-tG0SMHDxJQlwzx7GqUWIqjZjEfknNYp6dMsPkStw1j-qeq-97NDyUu45sYtu0jjobv099BOkNHz1frr8FTkcejgKAFNm0RPD0QUYxkqoMM-3LpTRkWlU-CN2eYR3z_0ksKNaMUzL6bLWfRtpbxCKMeKfLmQ6Fl-zCY1A6mqicVHLhKe1_tfLE-yzcZ7EvzXs8nhyUeVO4qoFSnUbxaQGParhCFqD_G6b9kQUqlufcX3WoVCASqeKCSEsoqWruUuKnSOBqOJEXihXlR5zmjCOMeULt986VFyy8nmYppZMMCaGXTBmb0j35EShvdNib6HXc8s2xlnkheDywBry5cv9D25LuJaOg5nJQrYjvANSkUiJxNjzT6DTVSrtrmA8Qeaq-v1s7RDxZEn-pYMufyxRGwUpbkrJRvoexHimVuD0fvIItKWK8&cid=CAASFeRorq6ItuYggvgmjGRtJjY-DeXxaw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bfa9e3604da501ebaaa73ea2a6368f78481e6b8407288e219c65037f86e0416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9694 42 B
63 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRbSUc4ptWXMjHMs5xJ8yqLNiOL0z6VH0IjF__tw3dv8IdZpXrRjW9UqcREV0wQVe9TN0w8MgoUL8iPEHY1-Az2_OnlDqfZQUGonXmT1V4mlajEcU

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 9694 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9694 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 9694 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:49 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5BF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1woIFG5pwXFLKEsNvU_rU&google_cver=1

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1woIFG5pwXFLKEsNvU_rU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1woIFG5pwXFLKEsNvU_rU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5BF0
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NkMDVjMGYtNDc1Yi0yNTY3LWZiMzYtMTNmNmYyYWMzNjI4

170 B
188 B

17ms
17ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NkMDVjMGYtNDc1Yi0yNTY3LWZiMzYtMTNmNmYyYWMzNjI4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2NkMDVjMGYtNDc1Yi0yNTY3LWZiMzYtMTNmNmYyYWMzNjI4
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 5BF0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMswd0v3pqiB9TWevEBfU_A&google_cver=1

23 B
172 B

49ms
49ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMswd0v3pqiB9TWevEBfU_A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 Aug 2021 10:41:58 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMswd0v3pqiB9TWevEBfU_A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5BF0 23 B
172 B 36ms
35ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCKstiMAhjh88mvATAB&v=APEucNWvzL40tNSp9b8VkJMTCLinKxV8Ic22g2ss8xV9If8sKMlyw5dlRi47Pr2AYP6AW2Ws5uF1aNl1MHS3ipIo6tU96heKQCqLwAXGKCPg5sypmb6DhMXWBehQU2on5edZZkAzO8cOBkTvzIkNGWzjfFavDwYd0Tuq4rTIX_rb2vOhZ-rjQ0M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 Aug 2021 10:41:58 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD7A 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkNej9ssHYaCCBozX3gP13LmQAgAAAAA4AeAEAg&bg=!BQalBkLNAAals0SOpbM7ACkAdvg8WsTMY6Af8PBK_m1ZBYdEYSYzDgMts2n1xS_dWHEr9sK6ZIiliQIAAACRUgAAABFoAQeZAuPZgduJ4isPsNpHJU_wAjUKh-_hgnExJ_hLu3wgThbI1foyVQha68AK9l-4o9aI9ef0xW5v_NhRyr5TbJ-sP8xvgghlzRJRg5Z5McspFbGEhH6EchwWWVPb19mGamswkwMCXif6oh8g2bLef-Csi5xp88ITYZm87Vsz3qNeBBVV5KCYHjUhjHelKWdd7W4zDX1BE7O2syhrvMt-CIiJtquzzhPb5GnEvxcarEFtuprV8ArIsfU_Tz9NAKUBakPy38P_IF-FsV9GrKSKyeJPkeUKdLiuf88Yz0ce0TZuRioNSiURn0OohZo90pTtMJrjIY9XCpp_ZEA2TLbUx6BCAIWW5qnJrgzJJR0wqRBSTaIiFVzEO2IqXCXnPpyVXlDcMsEgb2bY0xFL5kxYA5A6siHJcpwpBIQ5oAG2Y-uy9RNCWgk9RMtMHw_nM18OEHArmyNSIdSqB3SaRy_xA2zeVuHnyUq3liwNMyrJiL_DADFeJ15Q90y24owNA0dMuIQrGTfDdo9y1bH3nnsUWy9oXwpdcW5xVY5wTAy5CfWPy-34zvhFVcBhktMOmHn9UiAlAYwW3EwdsL-e5M-nq1rcY9qVtM2bo2T727y9ETA442Gu5h_4oluPKXFwAGxiWtSlNChYuuEE5U9yAvB5-EvdTkuDVREt9Ybv_7iewQKfFNAxR0hGF_A8YYGcghrYCTSVww9RlFK3RdMmuT0BMzSYL25dTjCs-Rngnj-9pjTC6jAM3Hy0LlVqCWG6rM3_X7jD6VHswfQtywQNHPIHUTVJpwgDk20MpjEb2-bWzwZcokelJPmtd3cmZznEGaHyBbA9EwzUpeLLMidj4T8Z-k-MQ5wKXjCAh7KT9mNPb0KJI3S7NimBp-Q_HltRK_4ajAjKbUH2VUj9DVZK0nWSnGVwEcaLNQAmamV19NdsX92zwJJogd76sfpPG5Z4xNRemVmhpQ7hEx4q40gcX-135E7jhOly8u8b

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 9694 114 KB
39 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 9694 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApPiN-KhKQ2HOjf13h8n7FcN-SQh6I68OY8on2juwqhQbMXxkzVYOthzcSitPnBUKo_sUF4DJCLvEZMd1Xsyi_NcCdSYbqnTTA7uopH7V7kw8KZ61VEFjtAlyzwvLK9E5tM2ySowFB3ArYAFJrxgMNYFySUw&dbm_d=AKAmf-AvNwOZC2-aZNPrA0DZGzn3Uyd43E4SeZFqaGsNo41QmjXV02aZBFk11eB140KoXpmLgV3vyW78xJfv-dhLK3G-pLGVES_3ItpoqHfXiqpnOIUmrO-Oun3HNHA6v8BrrUoC2RbcDNAgnhkapcdhCk_mCi3xyIR90-0x-U8wrbZQ0qIlC4-AgI8rqHrtXSY8GoE0wOhfSaIqZMkgqCh3JrgNrXaaalVPeRahUaF1KaRw9nRTRMun-ZyRKGM_AaxfHaEeTWJb7WMCpjnFf-8ESqX5PSCddlOYQReo3jWewrvymNjZwNspWmAtdILv6KazEnB2P3OCl8AoXT4plxqbIYEP2ukRsg5qqW4CAl44H6arkNjeML0Ed62TyvtsDG5x9CuZUFCTlBS0PoCdLjfMMCxW6iJ3oISAGwQbs6j9jFXigDXt12ROAaVuxion5w0LlLm6VkqEU1DqgVoxaD5nyqlsfUIBR9R1FvdFpj9y3VjIY6ZEdWiVLJB56qmdHxck0Ea24N_ltUtcS1wiInsLko6bsjf6RPJEtFsEd_720-BP2u3M_rMkaS5kJhasTtNevjkNFk-QJsB8ZUwAhT-hxjEQuXC8HXSmcg8cBSG9x17jo4gCGyS4nUreVlnf-aoB74EesLaEUArDwU7Bhsly_9CRpOcky0_Qh61hDS4Xuq9YoPQ29VyTsmep3vgMmgspI9x8U3Zcv71o-oW6_m05sLqhP-G95Kc-mj8jS2X8GmCWCJAbx7jiVEYHDcggPZGSb1vmwG-kGhmXG1g7PcMqu7DVNU7JrpTvW_HGAwslJph2KBJXiGtwjAvjMB3V_NjoaewlNvuW6UhGgXYwo5fsYmqULepNw7CRmXmQgA6RvkryKk5e0QRK7RbFQlK-fk2Woyw96G7daep5VSVvaLVvdbF1eOHN9qovTWklU1AO-nto2kUbvTx7Mn9YzUsedbaTzL38VBMpCUBifJe8o_IPpiBXavZbcQnk0iNK9iz4EKGfWZQEAFsky7Dka9C1i9Zd9EalH9QZv61hGzj84QXBdRKiU0U0AxSCRgO_gfv2NDQo4ZgAJ0f23I7pA6wL5YGRBTS8LwC0rNmkQVSuludwicCiY-RSegfTjTVZbheO1ocbZJ-0PcVqRIaJKAZ7um-GH55Dv5PnnN7mBLU-NYi0r7VwpI83ko-0AmoauEhE__uBe1vqKuZzyr9lnKvQQN912uXS3_KnUnxodRDF_064EJxcNoBdgrSCL52tHxTrIFIQCuf8_Bfo7S0vWRAbYhDC0Q3Ro41Bmju5FJDLA_FZZ-y4qkZs5pMeoOF4W3GxvlqmYKfWY7DuWxkTNPq0MVFlOrlXI7L3CFL69IZ5vFZUAzKJQgxU_rrrb8GC2y9LLogWZOMobQb2H0JL4PT1RZDARajs41gj75XJylTMWuby0bWDSV-b4zZEEs95PRuBaI3O6lKwYtTryY8wf9MOmf_-aZeGYFTM5qJEPtwMu_i9HO18U4XiFWMedCMmO49P9uEnKmGt8lrapSdhc1rj16QCjpa29cE2R-2hK_p-FohwIPE-OvZ5-6jXqK_OJTIjpGFlWhLcWqB80ARgmLddygPVpBK697_hDDtb3-u3TEksW7IENm65CMFZpJUAyCJfgff_jBX2De5VkuO8bz0IfYqBXRXPbsou28CHc-FKqNi8aNQlcoNm7AYs1cE2bgDzmfzwLXVocbEZ7Ezr1BxxsccmIGrvIfnfqa-xi4BBfzhE3NsqlSNiVL5evlOD0YUDrehX7KOpjNAm6EWDv5OAKHq9SPGxEAZg198xfjAY8UjzEt09pRGP_vZh6-JoqKryXKUsSA7Pt55nt7AjJxZZnXRugO_QzdDOoW92OkwOkVnFglZOZm-ZvEEv4cbm46aAYmln-ZyaEphvq21qFowwTh6JBMaS5Mv6Vh4UrsdXqjAA06pdblUFCIj2mEWT3axwVArVj3a0ajp2RAE30-cFZzr_IWJKLyj3z7CHboVd3mVIeEBphAFKq4beYYSJ6HX3PuiVZV3EG3sGMyyw_5Vd3mhySs9eqfHcAXos0kxenmFvkesxjB4qGRB8OZ-RJQr7J6xwI9r_vQ3wsMVUIHN5rkH2OwebUraomXVKPAQFl9cDyJkI7o6p-M4Ibt0Qz7TD7bteY3O2Az-ht4MaTZv82RFNGlUJM0VaXKoYSdQ5KT5SbAfs97gQ-ZmKWxK7ocGQSGtWuADFfmHcGBEgbn_7eawtQIQ606rzZFk-eEe_i_f69Cx6KUGZB-F9H8ui9g43afPyHhA_nM_ZQ2L-cjBdPTsQcokEGymkHR0E5WdwyKvv90giySvMOXFZPqTlh-MvPo6z57ay05TKA15InZfy_L3W3dF07skLlFkO7PFIElOj4yZR0x6Yd61K2yEngqemPXGokJJaXkraR7UVTcO09bKgtdPTrq-Xm_GFHDGKnKO7A7TYE0ra87jmanb9WY56D3x6LFRQNmyPFJ7vHuWJ69OINx590w9Q4ERjKY4uMwfK2ShezAfex6QCz5bSHRSbjt7QrEBRKaj8FQRMgos6nEpaB0Cs_gdeY6gPTOKhJ8ivgFK96q0xsccIGeBR6UFYSt2Es1w4hL1eMlQv_7MjGiAtkEdtCQaoeRaKb7vStw36bZQnaRQzOx_3zck2L_Bo_PZt_ccjpf0vk-J_aoZugo6oj0BC_1SGhLvoQbRmoSxSk69skvcbQACS3ZWH5nWJYfwuLL15g8ARMUQm4VvE7F1uKQF-tBhHl2HicBxuzObQgf-tG0SMHDxJQlwzx7GqUWIqjZjEfknNYp6dMsPkStw1j-qeq-97NDyUu45sYtu0jjobv099BOkNHz1frr8FTkcejgKAFNm0RPD0QUYxkqoMM-3LpTRkWlU-CN2eYR3z_0ksKNaMUzL6bLWfRtpbxCKMeKfLmQ6Fl-zCY1A6mqicVHLhKe1_tfLE-yzcZ7EvzXs8nhyUeVO4qoFSnUbxaQGParhCFqD_G6b9kQUqlufcX3WoVCASqeKCSEsoqWruUuKnSOBqOJEXihXlR5zmjCOMeULt986VFyy8nmYppZMMCaGXTBmb0j35EShvdNib6HXc8s2xlnkheDywBry5cv9D25LuJaOg5nJQrYjvANSkUiJxNjzT6DTVSrtrmA8Qeaq-v1s7RDxZEn-pYMufyxRGwUpbkrJRvoexHimVuD0fvIItKWK8&cid=CAASFeRorq6ItuYggvgmjGRtJjY-DeXxaw&rfl=1%2Chttps%253A%252F%252Fwww.u2interference.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 9694 24 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Aug 2021 10:40:47 GMT

GET
H2 200 vltjdv095.js Show response
cdn.krxd.net/controltag/ Frame 9694 11 KB
4 KB 6ms
6ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/vltjdv095.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5125bc37d894d2eac87c22e71d370e6257984fbc8f0648010fbe4fb7a3258427

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Mon, 02 Aug 2021 10:41:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 80
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3700
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5128-BWI, cache-fra19151-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1627900918.490310,VS0,VE0
etag: "cef590481e717881454a3a870c3b7f315eca98a8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 22

GET
H3-29 200 index.html Show response
s0.2mdn.net/10149477/1622811440852/ Frame BDD2 7 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10149477/1622811440852/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ac6bc7c2fb50a157c93d59d7eb19645ca6b110b353df767379587dbec4d432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10149477/1622811440852/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2804
date: Mon, 02 Aug 2021 09:48:38 GMT
expires: Tue, 03 Aug 2021 09:48:38 GMT
last-modified: Fri, 04 Jun 2021 12:57:20 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 3200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9694 0
24 B 25ms
24ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOZ9LZGD3dm4FWxbCM97558wOLRjHd9ROPeuM6wxElbTC2Ee2DLPwVfuOl4a0HzJItFSUSFweYn7eCeU2QrW8NZOur9_T4XViJeZMBN_EDz0c4L12lj7toVPSMkAPqXcLDVefzbbziWW_QgO6B3spEIR6xnoYdYt4ThJEgSu9o3X6hz_5w1ViLw1gGQXItriRstLAkAuoxfqjICzan7wecdVZGfpfeVSk0fvBQpZrpjlcdERZtg3bZDESUKa8ApnTjgj7EU9jdjj0b1zlxIYqtk4d2Ka9ACJpcsHQDp5Ys7m4Dm4FxYINHGkV3AIIwbJ0R6YiAldqe10U7aPj3_Cg92IAzP3df6Gz9JlwJG7v5XCbwMjaq8D1iKQmmQL2ysLSJoEqZL5LEm-PSUvKtYr_HHa0pL9dhS_DzqDc7QY1XPWjs0ICPChbfj1h6DaChAfnVJ-OufcMqeqp4eBmujdFPb2uRTYFCD8l_x59CZDDStuS_6inNkPDJw6gPJkwGprPNrBsWoEa-gDP6d7gF-cpVRPLDOPQ7mVxmAp8JjchpdzolbqsqF_4QXu9eFuJL17B58UdYCEP67BdUOJJe5U8qWdFSOfd_wUMMc36saTJ21H1WMXtF8mgorCLJQUGv7L37t_4OeRgp3ya_9_lXu6ChpuuaM75KDKhpDU3IsDHB9ucYZ4NGmnkYTfO6AZbWfTcO-6jQQ_miqj8AQiibIbbi4NgXp26wIUGSJ3uONvc5TaSc_2Wg-HGCC_t3wmg-gYx2shi7W-gBKymoJrRx4Y5a68cw1aU-RBJyhpscNMt_vgSGCcEObjqWDu_QC4Z25NCjRujDmNO5Tx0Y_nWQjK68jusUPe437AKBq7VkFLRgqSXFvAXmEvgobDgIcY5o2Ff8dl9tP6mM8ReMXJCnQzaVpmvZ6Tbmrh9kGfs-TOCjWQ8nYNvci5w31-9dKqTcuVqXddh5JyMB3frE1m6ZNB4IvtNAIc8pdzC3uOTq1Q5rz98CXB-0EiReaOY_FeMTJWtTDYn4LJI3oS0BPRJgUzZtg3LuGicpQsPqr5j3C0_96mmhJgPsmOnBl7htlE8AILHzKLfmdC0E2Q_A3aW_JK5Iho2DoO1CZyZSO5HahYkdsZJ4UzuPrhbNbqRhOkcTtM6juKXUlp9N6UF4_fpLobcTel2e1OOl6vFOHCg-YCfLshSSyoq2KwfjC0sdh_xtc5210SXgIPQw-i463LaeF4xDcDrp01X7Ceo&sai=AMfl-YT5YOjlBIz7ULN2FJh2ljijoJ08Fs1va0GQJXLE2tmK0WiOCaISmoE590AdVx20fvZHQCthGtYi6JWZnt0PQqZTQFQsHwcHQEMXBDSIMNYZPXou0VQbwId6qtJwHGo35OcFdFQzm8lyceZQ9DK4Wye9vjMaJgPUxfteYIg&sig=Cg0ArKJSzCcH3waNTHFFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=17&cbvp=1&cstd=16&cisv=r20210728.70065&adurl=

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 02 Aug 2021 10:41:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9694 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
DATA 200
OK truncated
/ Frame 9694 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea7ca57eda939c0eaf7f67d71064eb9c0413aebc224ebec9a9c5b3587f598543

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 473F 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf Show response
cdn.krxd.net/ctjs/ Frame 9694 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vltjdv095.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7cce63ddd80fca5a56ff41093c0629756d4536b772b355ab4919be7f4695a7d7

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: gzip
age: 236472
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 289836
content-length: 84507
x-served-by: cache-fra19151-FRA
last-modified: Wed, 28 Jul 2021 13:34:50 GMT
x-timer: S1627900919.536848,VS0,VE0
etag: "2b7bf9f4c301d43b3b0e0a564e9050cf"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 26 Jul 2031 13:34:49 GMT

GET
H3-29 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BDD2 236 KB
63 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10149477/1622811440852/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10149477/1622811440852/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Aug 2021 10:41:58 GMT

GET
H3-29 200 min.js Show response
s0.2mdn.net/10149477/1622811440852/ Frame BDD2 59 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10149477/1622811440852/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10149477/1622811440852/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85bfbc5f16d4163510bee4860e3a2a669187bd39e0ead823aa8124f0bf81a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10149477/1622811440852/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 12:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12560
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 12:57:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 02 Aug 2021 12:01:53 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 473F 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 10:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 10:41:10 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 9694 0
336 B 32ms
30ms Image
text/plain 52.31.20.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=24653276&advertiserid=10149477&placementid=308526903&adid=499017505&creativeid=152362185&siteid=1729994&kxbrand=fraenk-Programmatic&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=vltjdv095
Requested by: Host: fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com
URL: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.20.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-20-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1627900918
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9694 0
23 B 19ms
18ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.u2interference.com
URL: https://www.u2interference.com/forums/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 9694 81 B
239 B 30ms
30ms Script
text/javascript 52.31.20.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.20.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-20-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6a472852f698369035cf4216a7ae7de2d1b0f2407fdfc3f172656b6778998c98

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=29 t=1627900918
x-served-by: beacon-n012-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 9694 286 B
344 B 36ms
36ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.2b7bf9f4c301d43b3b0e0a564e9050cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 81dfdf00c72cf2188462783d05d24b9a0134ee7b983143c9554aab1499d4035a

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:41:58 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a001-dub-prod.krxd.net, cache-fra19170-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1627900919.626850,VS0,VE30
content-length: 221
x-cache-hits: 0, 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 473F 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGOjo9ssHYYDNGpT03gPN6oWYBgAAAAA4AeAEAg&bg=!-fql-r7NAAals0SOpbM7ACkAdvg8WoFikdcHeQfGcJJ7Sbwegax_HHmbIZzJHZAZ8gOgZjEzPZ3FIwIAAAB9UgAAAA9oAQcKAJGSv_B1UCRHFEsWbuahG1BAEq0mJHpveho6f_aBu_yEIEVdoFkHnUoy28Z1-yeGD9MjhBZaOvJN6vzvK5-v1mT41GQztpoJ9JSSE1jIRuAHg46sbE3XykkQ6lGUY1qxOfQMolS1IyLWZdvxXB9iUKB8X3xitkskrZXcGhvDI3Ka0pr1w4PNYnOv1HojoS4RFpH7mQLFx7IVNq6zdCkZwBHxdtdCnJ5UNgrhnuUZ3mgsod8Y3xqN1sDxGW2canXiVzZWtDjqnppLJmybfI9oIelmzSRgFQqS68xI5gXu1hNd51EY0GT09IlEBQ5kwRr2d1ZHMKa0uvDgMX-o--w_vpQ7c3AabSZn8EWXGpCHWSGchJUdD-9a0VoHUC9J1BneORnqTmNnXponrFu72tswnChxkILT0mGSbsSYRuMyB-ejLNONEtLQKeseFZn26d_nOVJtq96IayFmcUZY0Ep-wikH-vn2af6JYCs7OWDxwvhZkULdsP_WHKumlR_VdHoYxW8YJXrxA6Zgo1RE7PRrJWl8inwfNWm5jhnv5Pj4KNJZOB4MPNpmDaOfV47Rs9dGMD7d3ULE55JOJmVZHI3YZ3tDeR62pT2OY1sShs5-DViUeHcvhjyyzaslMEaZ8lhkWkWzhWHPfNT4CECOKBormqIJOTmp5ncTaBV0EeKQvFAVOh4B8epEyzhJN5Dnqwu5Rs5zf5MPRoJ9Du3ozCHF_8nCXnxnmySFVRi5531HpszELJaHUa1ZRY9c3nczOSeM_J-KuWnzninQCfmMJpbnStf9c6C4jKyMZ7ehSXXGWH1fC3N3NDVx5u7aYJkJdoUlRqsqym1GXmcMMCGOWHPn6wVpfpiKqyW3FLK2SARPIWr3gWI7QguuV2bjeoBsS5zvG-yfy0c8pXGw2W0JsQf26STY8H4YlKUjLOdNp1cNHR9TFYE3A9C-IP8uxnsS9n0CI4BkEb1m9v2WS9vNCGxsLNz_XYJHT53kv7417CxWgwgAgFeBK8TXUMgGT_aud4O1Trg7WJ9bt74q6RLVQNQa98jpcZRAA5QzxT9L5EB-AbmhUaGVQaJsDsmmZ1vzAHZIFs5vixJNcGjLlR-wvdFDzYoZYOzSxgF1xsK47U-kqjyys-rnaRg0Pt4feQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9694 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT2ePxHAO7wBWMgUUPx3kiaJ1VlNf4eLjuWifZoXGSEj2AuFm-3dtdxXKjMHM9E5asacsDP4IEf6x_50vOvomHWXjuKJGJ_xKuNPA0VFs2UFturlY8e_szCkGjCQ&sai=AMfl-YRFKIFNI9hMlzAHKiaV4OE7wd6uE6BWWynniKjf9_2clp-PHOCuh6zTMDSSRZX0wkLLX7BORi9fy8t8MmiQXUsduxIJrj_L1ecWwmDWnD6Yx-Y_xLpGBEAGMtkY-SU&sig=Cg0ArKJSzBzoSqnZDuR2EAE&cid=CAASFeRorq6ItuYggvgmjGRtJjY-DeXxaw&id=lidar2&mcvt=1001&p=1104,436,1194,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1600680585&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627900918402&dlt=8&rpt=0&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:41:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 72B5 57 KB
57 KB 7ms
7ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128510631811208/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/4528516/2128510631811208/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:30:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
age: 680
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
expires: Mon, 02 Aug 2021 10:45:41 GMT

GET
H2 200 dc_oe=ChMI66SDv5OS8gIVFLp3Ch1NdQFjEAAYACDGts1EQhMI0-zYvpOS8gIVR9C7CB08ZQ9-;met=1;&timestamp=1627900927194;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 30F1 42 B
515 B 64ms
42ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI66SDv5OS8gIVFLp3Ch1NdQFjEAAYACDGts1EQhMI0-zYvpOS8gIVR9C7CB08ZQ9-;met=1;&timestamp=1627900927194;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:42:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMI2s2Wv5OS8gIVhYl3Ch11dQ5oEAAYACD544A_QhMIhM7-vpOS8gIVPYn9Bx2NXAFa;met=1;&timestamp=1627900927454;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6E61 42 B
63 B 68ms
53ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2s2Wv5OS8gIVhYl3Ch11dQ5oEAAYACD544A_QhMIhM7-vpOS8gIVPYn9Bx2NXAFa;met=1;&timestamp=1627900927454;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:42:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIzNSQv5OS8gIVx8W7CB3iAA3eEAEYACD0xP1J;met=1;&timestamp=1627900927809;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A4F2 42 B
63 B 42ms
42ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzNSQv5OS8gIVx8W7CB3iAA3eEAEYACD0xP1J;met=1;&timestamp=1627900927809;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:42:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIoNXPv5OS8gIVjKt3Ch11bg4iEAAYACDDnc4_QhMIveKnv5OS8gIVyfK7CB2XagRZ;met=1;&timestamp=1627900928338;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5BE6 42 B
63 B 42ms
41ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoNXPv5OS8gIVjKt3Ch11bg4iEAAYACDDnc4_QhMIveKnv5OS8gIVyfK7CB2XagRZ;met=1;&timestamp=1627900928338;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb92fa89cbcfb34546e626ac68fb033c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:42:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIgKDkv5OS8gIVFLp3Ch1NdQFjEAAYACDJudNIQhMI2_jJv5OS8gIVOuG7CB0CUghY;met=1;&timestamp=1627900928624;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9694 42 B
63 B 41ms
41ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgKDkv5OS8gIVFLp3Ch1NdQFjEAAYACDJudNIQhMI2_jJv5OS8gIVOuG7CB0CUghY;met=1;&timestamp=1627900928624;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS