urlscan.io logo urlscan.io
SecurityTrails logo

www.lebanonfiles.com Open in urlscan Pro
2606:4700:20::681a:b47  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-...
Submission: On March 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 153 IPs in 16 countries across 126 domains to perform 749 HTTP transactions. The main IP is 2606:4700:20::681a:b47, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lebanonfiles.com. The Cisco Umbrella rank of the primary domain is 511698.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time www.lebanonfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.157.179.180 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 12 2a00:1450:400... 15169 (GOOGLE)
1 52.217.110.86 16509 (AMAZON-02)
10 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
23 2a00:1450:400... 15169 (GOOGLE)
1 34.96.69.62 396982 (GOOGLE-CL...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 3.19.54.139 16509 (AMAZON-02)
27 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
17 2a00:1450:400... 15169 (GOOGLE)
6 151.139.128.10 20446 (STACKPATH...)
1 193.108.153.18 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.160.128.112 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 54.39.156.32 16276 (OVH)
2 69.20.43.192 27357 (RACKSPACE)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 35.214.223.115 15169 (GOOGLE)
15 146.20.132.125 27357 (RACKSPACE)
5 7 46.228.164.11 56396 (AMOBEE)
3 3 54.86.168.219 14618 (AMAZON-AES)
9 9 3.76.145.89 16509 (AMAZON-02)
9 48 142.250.186.66 15169 (GOOGLE)
6 52.29.235.130 16509 (AMAZON-02)
1 18.196.91.239 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
4 54.166.40.0 14618 (AMAZON-AES)
2 35.240.50.85 396982 (GOOGLE-CL...)
1 2a03:2880:f12... 32934 (FACEBOOK)
4 65 2a00:1450:400... 15169 (GOOGLE)
4 35.244.145.108 15169 (GOOGLE)
1 37.157.3.20 198622 (ADFORM)
2 34.98.64.218 396982 (GOOGLE-CL...)
4 17 185.89.210.46 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
27 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 69.192.160.199 16625 (AKAMAI-AS)
1 162.19.138.117 16276 (OVH)
4 162.19.138.118 16276 (OVH)
4 8 2a02:2638::1c 44788 (ASN-CRITE...)
7 178.250.1.11 44788 (ASN-CRITE...)
2 52.30.48.43 16509 (AMAZON-02)
2 99.86.4.64 16509 (AMAZON-02)
2 4 185.184.8.90 204995 (RTB-HOUSE...)
2 2a0c:5c81:514... 55081 (24SHELLS)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
2 147.75.85.234 54825 (PACKET)
3 185.86.138.16 201081 (SMARTADSE...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.106.140.18 7979 (SERVERS-COM)
11 2a00:1450:400... 15169 (GOOGLE)
2 149.202.152.44 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 178.33.54.87 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
19 2a00:1450:400... 15169 (GOOGLE)
4 4 34.91.62.186 396982 (GOOGLE-CL...)
2 2 135.125.160.160 16276 (OVH)
1 1 185.98.54.153 39572 (ADVANCEDH...)
8 19 185.80.39.216 27381 (CASALE-MEDIA)
3 5 213.19.147.44 3356 (LEVEL3)
1 35.72.102.203 16509 (AMAZON-02)
5 5 3.71.149.231 16509 (AMAZON-02)
11 2a02:2638:3::3 44788 (ASN-CRITE...)
5 146.20.132.189 27357 (RACKSPACE)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::f 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
5 185.29.132.242 30419 (MEDIAMATH...)
2 6 185.29.134.248 30419 (MEDIAMATH...)
2 2 70.42.32.31 13789 (INTERNAP-...)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 3 76.223.111.18 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 4 51.75.86.98 16276 (OVH)
17 185.180.220.208 49981 (WORLDSTREAM)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
8 88.99.219.174 24940 (HETZNER-AS)
2 2.18.233.201 16625 (AKAMAI-AS)
4 138.201.63.149 24940 (HETZNER-AS)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
3 138.201.84.252 24940 (HETZNER-AS)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
2 4 2a01:4f8:d0a:... 24940 (HETZNER-AS)
2 49.12.22.42 24940 (HETZNER-AS)
2 52.56.125.139 16509 (AMAZON-02)
2 4 216.58.212.166 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
2 54.76.176.197 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.66.49 54113 (FASTLY)
4 5 198.47.127.19 62713 (AS-PUBMATIC)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
7 35.71.131.137 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 4 69.173.144.139 26667 (RUBICONPR...)
1 2 104.75.89.75 16625 (AKAMAI-AS)
3 151.101.65.108 54113 (FASTLY)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a0c:5c81:512... 55081 (24SHELLS)
1 1 80.77.87.161 46636 (NATCOWEB)
1 5 185.239.172.77 55081 (24SHELLS)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 4 185.86.138.151 201081 (SMARTADSE...)
3 3.72.124.192 16509 (AMAZON-02)
1 3 37.157.2.234 198622 (ADFORM)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.183.112.155 60350 (VP)
2 98.98.134.242 21859 (ZEN-ECN)
1 35.244.174.68 15169 (GOOGLE)
3 3 3.122.34.231 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
1 3 2600:9000:211... 16509 (AMAZON-02)
1 1 95.101.196.17 16625 (AKAMAI-AS)
3 3 188.42.34.64 7979 (SERVERS-COM)
2 2 52.45.36.100 14618 (AMAZON-AES)
3 209.191.163.210 32475 (SINGLEHOP...)
2 2 104.122.24.29 16625 (AKAMAI-AS)
1 104.21.29.134 13335 (CLOUDFLAR...)
2 2 23.56.202.187 16625 (AKAMAI-AS)
4 104.98.130.104 16625 (AKAMAI-AS)
2 18.66.147.98 16509 (AMAZON-02)
2 99.86.4.53 16509 (AMAZON-02)
2 2 37.157.6.252 198622 (ADFORM)
2 2 52.48.197.145 16509 (AMAZON-02)
4 185.180.223.91 49981 (WORLDSTREAM)
2 4 52.46.143.56 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 8.2.110.113 46636 (NATCOWEB)
3 135.125.163.79 16276 (OVH)
9 2404:6800:400... 15169 (GOOGLE)
1 143.204.89.98 16509 (AMAZON-02)
2 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.59.47.75 16509 (AMAZON-02)
1 2 193.3.178.3 399668 (E-PLANNING-)
1 52.29.157.226 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 8.43.72.97 26667 (RUBICONPR...)
1 2a02:6ea0:c70... ()
1 2a00:1450:400... ()
1 2a00:1450:400... ()
4 13.41.33.70 ()
1 2a02:6ea0:c70... ()
1 167.71.9.19 ()
1 3 172.217.18.6 ()
3 142.250.186.162 ()
1 2a00:1450:400... ()
749 153
56    2606:4700:20::681a:b47 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lebanonfiles.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
tpx.tesseradigital.com
5    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
12    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.217.110.86 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
10    2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2400:52e0:1e00::1053:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.insurads.com
1    2600:9000:2156:c00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:225e:5a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
23    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.96.69.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.69.96.34.bc.googleusercontent.com
cdn.bidder.dev
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
htagpa.tech
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
27    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
17    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
6    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
1    193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
4    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net
s4.histats.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.exitbee.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
15    146.20.132.125 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
7    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    54.86.168.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-168-219.compute-1.amazonaws.com
sync.srv.stackadapt.com
9    3.76.145.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-145-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
48    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
6    52.29.235.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
a.vidoomy.com
d.vidoomy.com
a-prebid.vidoomy.com
1    18.196.91.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
fd.tesseradigital.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2606:4700:3035::6815:583 (United States)

ASN13335 (CLOUDFLARENET, US)
api.audiowat.io
4    54.166.40.0 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-40-0.compute-1.amazonaws.com
services.insurads.com
2    35.240.50.85 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.50.240.35.bc.googleusercontent.com
s.exitbee.com
1    2a03:2880:f128:83:face:b00c:0:25de (Sofia, Bulgaria)

ASN32934 (FACEBOOK, US)
www.facebook.com
65    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    35.244.145.108 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 108.145.244.35.bc.googleusercontent.com
analytics.leya.tech
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adsparc-d.openx.net
u.openx.net
17    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
9    2606:4700:3038::6815:eb89 (United States)

ASN13335 (CLOUDFLARENET, US)
img.rtbsystem.org
27    2606:4700:20::681a:f53 (United States)

ASN13335 (CLOUDFLARENET, US)
player.kwikmotion.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
6    69.192.160.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-199.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
8    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    52.30.48.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-48-43.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    99.86.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-64.fra6.r.cloudfront.net
optad360.mgr.consensu.org
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
2    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
16    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
11    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    149.202.152.44 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-k.of.pl
video.onnetwork.tv
9    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
3    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    178.33.54.87 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w16.of.pl
cdn.onnetwork.tv
cdnt.onnetwork.tv
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
8    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
19    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pubads.g.doubleclick.net
4    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
c.eu1.dyntrk.com
1    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
19    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
5    213.19.147.44 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
1    35.72.102.203 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-102-203.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    146.20.132.189 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
17    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidverto.io
1    2a02:26f0:780::5f65:36cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
8    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal9000.redintelligence.net
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    138.201.63.149 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
2    2a02:26f0:780::5f65:36d8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.projectagora-adtag-library.com
3    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
4    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
2    49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de
futalis.de
2    52.56.125.139 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
track.webgains.com
4    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
8019191.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
casale-match.dotomi.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
3    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2606:4700:e0::ac40:6605 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    185.239.172.77 (United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
1    2a05:d018:d29:3601:e064:ebd3:78e:3d3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
3    3.72.124.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-124-192.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    3.122.34.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-34-231.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
3    2600:9000:211e:3a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
cs.media.net
3    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    52.45.36.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-36-100.compute-1.amazonaws.com
ssp.disqus.com
3    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    104.122.24.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-24-29.deploy.static.akamaitechnologies.com
hbx.media.net
1    104.21.29.134 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.98.130.104 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-98-130-104.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
2    99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    52.48.197.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-197-145.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    185.180.223.91 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-91.hosted-by-worldstream.net
cdn.vidverto.io
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
3    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
user-sync.adxpremium.services
9    2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    143.204.89.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-98.fra50.r.cloudfront.net
cdn.kdaimo.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.59.47.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-47-75.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    52.29.157.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-157-226.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2a02:6ea0:c700::19 (None, )

ASN- ()
vid.vidoomy.com
1    2a00:1450:4001:827::2001 (None, )

ASN- ()
yt3.ggpht.com
1    2a00:1450:4001:18::7 (None, )

ASN- ()
rr2---sn-4g5edndl.googlevideo.com
4    13.41.33.70 (None, )

ASN- ()
api.webgains.io
1    2a02:6ea0:c700::10 (None, )

ASN- ()
vpaid.vidoomy.com
1    167.71.9.19 (None, )

ASN- ()
bgstats.mox.tv
3    172.217.18.6 (None, )

ASN- ()
ad.doubleclick.net
3    142.250.186.162 (None, )

ASN- ()
ade.googlesyndication.com
1    2a00:1450:4001:801::200e (None, )

ASN- ()
www.youtube.com
Apex Domain
Subdomains		 Transfer
104 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
ade.googlesyndication.com
793 KB
97 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 213139
pubads.g.doubleclick.net — Cisco Umbrella Rank: 428
ad.doubleclick.net
519 KB
56 lebanonfiles.com
www.lebanonfiles.com — Cisco Umbrella Rank: 511698
737 KB
28 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 25090
v.lkqd.net — Cisco Umbrella Rank: 17643
cs.lkqd.net — Cisco Umbrella Rank: 2861
t.lkqd.net — Cisco Umbrella Rank: 21089
144 KB
27 kwikmotion.com
player.kwikmotion.com — Cisco Umbrella Rank: 310585
239 KB
24 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
408 KB
21 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 38782
cdn.vidverto.io — Cisco Umbrella Rank: 61408
322 KB
20 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
dsum.casalemedia.com — Cisco Umbrella Rank: 1223
htlb.casalemedia.com — Cisco Umbrella Rank: 469
ssum.casalemedia.com
17 KB
20 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 386
mug.criteo.com — Cisco Umbrella Rank: 2753
bidder.criteo.com — Cisco Umbrella Rank: 713
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14588
ads.eu.criteo.com — Cisco Umbrella Rank: 8089
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9155
57 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 527
67 KB
19 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 444
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 MB
18 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
3 KB
16 onnetwork.tv
video.onnetwork.tv — Cisco Umbrella Rank: 45121
cdn.onnetwork.tv — Cisco Umbrella Rank: 42607
cdnt.onnetwork.tv — Cisco Umbrella Rank: 55840
147 KB
16 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 15732
sync.quantumdex.io — Cisco Umbrella Rank: 6576
4 KB
15 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32214
hal90009.redintelligence.net — Cisco Umbrella Rank: 250896
hal900024.redintelligence.net — Cisco Umbrella Rank: 282712
75 KB
14 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 317
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 939
eus.rubiconproject.com — Cisco Umbrella Rank: 526
token.rubiconproject.com — Cisco Umbrella Rank: 531
fastlane.rubiconproject.com — Cisco Umbrella Rank: 440
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 949
25 KB
13 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4194
sync.mathtag.com — Cisco Umbrella Rank: 460
pixel.mathtag.com — Cisco Umbrella Rank: 975
10 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 629
pix.eu.criteo.net — Cisco Umbrella Rank: 7820
csm.eu.criteo.net — Cisco Umbrella Rank: 8170
242 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
533 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 717
150 KB
10 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8722
c.mgid.com — Cisco Umbrella Rank: 6529
cdn.mgid.com — Cisco Umbrella Rank: 11870
servicer.mgid.com — Cisco Umbrella Rank: 8820
cm.mgid.com — Cisco Umbrella Rank: 1372
79 KB
9 rtbsystem.org
img.rtbsystem.org — Cisco Umbrella Rank: 31921
205 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
3 KB
9 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 25113
a.vidoomy.com — Cisco Umbrella Rank: 3160
d.vidoomy.com — Cisco Umbrella Rank: 9796
a-prebid.vidoomy.com — Cisco Umbrella Rank: 12634
vid.vidoomy.com
vpaid.vidoomy.com
27 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1613
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 582
ssbsync.smartadserver.com — Cisco Umbrella Rank: 743
6 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3354
3 KB
7 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 19065
services.insurads.com — Cisco Umbrella Rank: 16194
53 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18328
api.webgains.io
63 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44542
medialead.de — Cisco Umbrella Rank: 44208
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 271
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
2 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4209
cm.adform.net — Cisco Umbrella Rank: 1337
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3531
onesignal.com — Cisco Umbrella Rank: 1362
img.onesignal.com — Cisco Umbrella Rank: 6957
90 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 752
s.tribalfusion.com — Cisco Umbrella Rank: 1848
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 384
110 KB
5 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8513
user-sync.adxpremium.services — Cisco Umbrella Rank: 11583
6 KB
5 connectad.io
i.connectad.io — Cisco Umbrella Rank: 8678
cdn.connectad.io — Cisco Umbrella Rank: 5659
sync-eu.connectad.io — Cisco Umbrella Rank: 3915
2 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 896
id5-sync.com — Cisco Umbrella Rank: 408
20 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2388
20 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
3 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 515
btlr.sharethrough.com — Cisco Umbrella Rank: 916
265 B
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 17852
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 17983
2 KB
4 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 98095
11 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 706
489 B
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 354
tlx.3lift.com — Cisco Umbrella Rank: 485
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 736
2 KB
4 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5915
ghb1.adtelligent.com — Cisco Umbrella Rank: 7467
sync.adtelligent.com — Cisco Umbrella Rank: 4876
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6092
creativecdn.com — Cisco Umbrella Rank: 538
1 KB
4 leya.tech
analytics.leya.tech
562 B
4 audiowat.io
api.audiowat.io
40 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 857
943 B
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8720
940 B
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
115 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1885
mp.4dex.io — Cisco Umbrella Rank: 1958
25 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
831 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1603
2 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1370
hbx.media.net — Cisco Umbrella Rank: 1429
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 708
919 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 729
3 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2706
casale-match.dotomi.com — Cisco Umbrella Rank: 2579
387 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1068
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3812
574 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 272
50 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 635
2 KB
3 exitbee.com
cdn.exitbee.com — Cisco Umbrella Rank: 41218
s.exitbee.com — Cisco Umbrella Rank: 44372
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
158 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 53562
get.optad360.io — Cisco Umbrella Rank: 36066
214 KB
3 tesseradigital.com
tpx.tesseradigital.com — Cisco Umbrella Rank: 161135
fd.tesseradigital.com — Cisco Umbrella Rank: 164279
27 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 9762
1 KB
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9918
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
747 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43375
4 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1460
603 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4704
745 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 608
382 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1230
459 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 595
678 B
2 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 89227
624 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 36521
4 KB
2 futalis.de
futalis.de — Cisco Umbrella Rank: 139497
801 B
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 107238
2 KB
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 44237
785 B
2 projectagora-adtag-library.com
cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 69181
157 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 530
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 4627
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 926
514 B
2 consensu.org
optad360.mgr.consensu.org — Cisco Umbrella Rank: 59638
6 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1424
642 B
2 openx.net
adsparc-d.openx.net — Cisco Umbrella Rank: 85709
u.openx.net — Cisco Umbrella Rank: 609
projectagora-d.openx.net Failed
473 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 7678
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 19524
s4.histats.com — Cisco Umbrella Rank: 16058
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
90 KB
1 youtube.com
www.youtube.com
1 mox.tv
bgstats.mox.tv
66 B
1 googlevideo.com
rr2---sn-4g5edndl.googlevideo.com
2 MB
1 ggpht.com
yt3.ggpht.com
2 KB
1 kdaimo.com
cdn.kdaimo.com — Cisco Umbrella Rank: 63969
3 KB
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8022
484 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 22045
269 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 13774
1 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 613
api.rlcdn.com Failed
98 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1558
712 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
602 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 951
672 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12292
3 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444
586 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1500
173 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649
464 B
1 projectagoraservices.com
ads.projectagoraservices.com — Cisco Umbrella Rank: 53182
2 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12904
519 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 961
1016 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5043
233 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
5 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5545
44 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10851
288 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 983
407 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
608 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 45582
93 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 617
541 B
1 htagpa.tech
htagpa.tech — Cisco Umbrella Rank: 287196
3 KB
1 bidder.dev
cdn.bidder.dev — Cisco Umbrella Rank: 304519
48 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 886
6 KB
0 emxdgt.com Failed
hb.emxdgt.com Failed
0 effectivemeasure.net Failed
t.effectivemeasure.net Failed
749 126
Domain Requested by
65 tpc.googlesyndication.com 4 redirects pagead2.googlesyndication.com
tpc.googlesyndication.com
www.lebanonfiles.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
56 www.lebanonfiles.com www.lebanonfiles.com
static.cloudflareinsights.com
48 cm.g.doubleclick.net 9 redirects 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
27 player.kwikmotion.com api.audiowat.io
player.kwikmotion.com
27 pagead2.googlesyndication.com www.lebanonfiles.com
pagead2.googlesyndication.com
cdn.exitbee.com
tpc.googlesyndication.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
www.googletagservices.com
23 securepubads.g.doubleclick.net www.lebanonfiles.com
securepubads.g.doubleclick.net
www.googletagservices.com
17 ad.vidverto.io www.lebanonfiles.com
ad.vidverto.io
imasdk.googleapis.com
17 ib.adnxs.com 4 redirects cdn.jsdelivr.net
get.optad360.io
acdn.adnxs.com
cdn.projectagora-adtag-library.com
15 cs.lkqd.net ad.lkqd.net
14 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
13 cdn.onnetwork.tv video.onnetwork.tv
cdn.onnetwork.tv
www.lebanonfiles.com
12 www.google.com 1 redirects www.lebanonfiles.com
tpc.googlesyndication.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
11 static.criteo.net get.optad360.io
ads.eu.criteo.com
static.criteo.net
11 www.googletagservices.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
11 imasdk.googleapis.com player.kwikmotion.com
imasdk.googleapis.com
www.lebanonfiles.com
ad.vidverto.io
10 fonts.gstatic.com fonts.googleapis.com
ad.vidverto.io
9 csi.gstatic.com imasdk.googleapis.com
9 ssum-sec.casalemedia.com 5 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
9 30f6810583110272790456a336f56061.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 img.rtbsystem.org
9 x.bidswitch.net 9 redirects
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 hal9000.redintelligence.net www.lebanonfiles.com
hal90009.redintelligence.net
hal900024.redintelligence.net
8 fonts.googleapis.com securepubads.g.doubleclick.net
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
tpc.googlesyndication.com
hal90009.redintelligence.net
hal900024.redintelligence.net
8 gum.criteo.com 4 redirects static.criteo.net
7 match.adsrvr.org 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
get.optad360.io
ssum-sec.casalemedia.com
7 mug.criteo.com
6 sync.mathtag.com 2 redirects tags.mathtag.com
sync.mathtag.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
6 ads.pubmatic.com jsc.mgid.com
cdn.projectagora-adtag-library.com
get.optad360.io
sync.quantumdex.io
adxbid.info
6 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
8019191.fls.doubleclick.net
6 ad.lkqd.net www.lebanonfiles.com
ad.lkqd.net
5 image6.pubmatic.com 4 redirects ads.pubmatic.com
5 tags.mathtag.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
tags.mathtag.com
5 t.lkqd.net ad.lkqd.net
5 ups.analytics.yahoo.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.gstatic.com www.google.com
30f6810583110272790456a336f56061.safeframe.googlesyndication.com
5 ad.turn.com 5 redirects
4 api.webgains.io analytics.webgains.io
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 cdn.vidverto.io
4 eus.rubiconproject.com sync.quantumdex.io
eus.rubiconproject.com
4 pixel.rubiconproject.com 3 redirects adxbid.info
4 8019191.fls.doubleclick.net 2 redirects www.lebanonfiles.com
4 cdn.retailads.net 2 redirects futalis.de
4 pv.medialead.de 4 redirects
4 hal90009.redintelligence.net hal9000.redintelligence.net
hal90009.redintelligence.net
4 onetag-sys.com 1 redirects sync.quantumdex.io
4 um.simpli.fi 4 redirects
4 id5-sync.com cdn.id5-sync.com
sync.quantumdex.io
ads.pubmatic.com
4 analytics.leya.tech cdn.bidder.dev
4 cdn.mgid.com jsc.mgid.com
4 services.insurads.com cdn.insurads.com
4 api.audiowat.io api.audiowat.io
4 csync.loopme.me 4 redirects
4 www.google-analytics.com www.lebanonfiles.com
cdn.onnetwork.tv
www.google-analytics.com
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 cdn.jsdelivr.net cdn.bidder.dev
cdn.jsdelivr.net
get.optad360.io
cdn.projectagora-adtag-library.com
3 ade.googlesyndication.com
3 ad.doubleclick.net 1 redirects
3 user-sync.adxpremium.services adxbid.info
3 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
3 ap.lijit.com sync.quantumdex.io
adxbid.info
3 ads.betweendigital.com 3 redirects
3 s.ad.smaato.net 1 redirects sync.quantumdex.io
3 pm.w55c.net 3 redirects
3 cm.adform.net 1 redirects s.console.adtarget.com.tr
3 match.sharethrough.com sync.quantumdex.io
3 rtb-csync.smartadserver.com 1 redirects
3 acdn.adnxs.com get.optad360.io
cdn.jsdelivr.net
3 a.tribalfusion.com 2 redirects 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
3 hal900024.redintelligence.net hal9000.redintelligence.net
hal900024.redintelligence.net
3 eb2.3lift.com 2 redirects adxbid.info
3 s0.2mdn.net imasdk.googleapis.com
3 prg.smartadserver.com get.optad360.io
cdn.projectagora-adtag-library.com
3 onesignal.com cdn.onesignal.com
3 sync.srv.stackadapt.com 3 redirects
3 www.googletagmanager.com www.lebanonfiles.com
adv.office-partner.de
3 cdn.insurads.com www.lebanonfiles.com
services.insurads.com
2 pbjs.e-planning.net 1 redirects
2 script.4dex.io cdn.projectagora-adtag-library.com
script.4dex.io
2 token.rubiconproject.com eus.rubiconproject.com
2 ad4m.at ssum-sec.casalemedia.com
2 ad.360yield.com 2 redirects
2 creativecdn.com 2 redirects
2 c1.adform.net 2 redirects
2 cdn.track.production.webgains.team 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
2 analytics.webgains.io track.webgains.com
2 secure-assets.rubiconproject.com 2 redirects
2 usermatch.targeting.unrulymedia.com sync.quantumdex.io
2 hbx.media.net 2 redirects
2 ssp.disqus.com 2 redirects
2 pool.admedo.com 2 redirects
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
2 a-prebid.vidoomy.com
2 sync.adtelligent.com get.optad360.io
s.console.adtarget.com.tr
2 cdn.connectad.io get.optad360.io
2 sync.teads.tv 1 redirects
2 s.tribalfusion.com
2 r.turn.com
2 sync-tm.everesttech.net 2 redirects
2 dclk-match.dotomi.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
2 ad-server.eu 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
2 medialead.de 2 redirects
2 track.webgains.com www.lebanonfiles.com
2 futalis.de hal90009.redintelligence.net
hal900024.redintelligence.net
2 adv.office-partner.de hal90009.redintelligence.net
hal900024.redintelligence.net
2 pb.media01.eu hal90009.redintelligence.net
hal900024.redintelligence.net
2 cdn.projectagora-adtag-library.com ads.projectagoraservices.com
cdn.projectagora-adtag-library.com
2 pixel.mathtag.com tags.mathtag.com
2 b1sync.zemanta.com 2 redirects
2 sync.1rx.io 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 video.onnetwork.tv get.optad360.io
cdn.onnetwork.tv
2 rtb.adxpremium.services get.optad360.io
2 i.connectad.io get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 d.vidoomy.com get.optad360.io
2 useast.quantumdex.io get.optad360.io
2 bidder.criteo.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 optad360.mgr.consensu.org
2 id.crwdcntrl.net ads.pubmatic.com
2 cm.mgid.com jsc.mgid.com
2 s.exitbee.com cdn.exitbee.com
2 a.vidoomy.com
2 stats.g.doubleclick.net www.lebanonfiles.com
www.google-analytics.com
2 v.lkqd.net ad.lkqd.net
2 api.floors.dev cdn.bidder.dev
2 get.optad360.io www.lebanonfiles.com
get.optad360.io
2 connect.facebook.net www.lebanonfiles.com
connect.facebook.net
2 jsc.mgid.com www.lebanonfiles.com
jsc.mgid.com
2 cdn.onesignal.com www.lebanonfiles.com
cdn.onesignal.com
2 tpx.tesseradigital.com www.lebanonfiles.com
1 www.youtube.com
1 bgstats.mox.tv
1 vpaid.vidoomy.com vid.vidoomy.com
1 ssum.casalemedia.com 1 redirects
1 rr2---sn-4g5edndl.googlevideo.com
1 yt3.ggpht.com
1 vid.vidoomy.com adxbid.info
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 fastlane.rubiconproject.com cdn.projectagora-adtag-library.com
1 htlb.casalemedia.com cdn.projectagora-adtag-library.com
1 mp.4dex.io cdn.projectagora-adtag-library.com
1 tlx.3lift.com cdn.projectagora-adtag-library.com
1 btlr.sharethrough.com cdn.projectagora-adtag-library.com
1 cdn.kdaimo.com cdn.projectagora-adtag-library.com
1 as.ck-ie.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 u.openx.net cdn.jsdelivr.net
1 biddr.brealtime.com cdn.jsdelivr.net
1 ssbsync.smartadserver.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 id.rlcdn.com
1 sync.adotmob.com 1 redirects
1 bh.contextweb.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 s.console.adtarget.com.tr get.optad360.io
1 adxbid.info get.optad360.io
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 cms.quantserve.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 ads.projectagoraservices.com securepubads.g.doubleclick.net
1 im.bluevoox.com 1 redirects
1 tg.socdm.com 1 redirects
1 dsp.adkernel.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 cdnt.onnetwork.tv www.lebanonfiles.com
1 cc.adingo.jp 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 ads.eu.criteo.com 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.lebanonfiles.com
1 ghb1.adtelligent.com get.optad360.io
1 ghb.adtelligent.com get.optad360.io
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 img.onesignal.com
1 cdn.id5-sync.com jsc.mgid.com
1 adsparc-d.openx.net cdn.jsdelivr.net
1 adx.adform.net cdn.jsdelivr.net
1 servicer.mgid.com jsc.mgid.com
1 www.facebook.com connect.facebook.net
1 c.mgid.com jsc.mgid.com
1 fd.tesseradigital.com tpx.tesseradigital.com
1 cdn.exitbee.com aghtag.tech
1 region1.google-analytics.com www.googletagmanager.com
1 s4.histats.com s10.histats.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 aghtag.tech htagpa.tech
1 ads.stickyadstv.com
1 s10.histats.com www.lebanonfiles.com
1 ads.vidoomy.com www.lebanonfiles.com
1 htagpa.tech www.lebanonfiles.com
1 cdn.bidder.dev www.lebanonfiles.com
1 cmp.optad360.io www.lebanonfiles.com
1 s3.amazonaws.com www.lebanonfiles.com
1 static.cloudflareinsights.com www.lebanonfiles.com
0 api.rlcdn.com Failed ads.pubmatic.com
0 projectagora-d.openx.net Failed cdn.projectagora-adtag-library.com
0 hb.emxdgt.com Failed cdn.jsdelivr.net
0 t.effectivemeasure.net Failed www.lebanonfiles.com
749 211
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-27		 a year crt.sh
tpx.tesseradigital.com
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-25		 2 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2022-04-29 -
2023-05-31		 a year crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-03-01 -
2023-11-15		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
cdn.bidder.dev
GTS CA 1D4		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
ad.lkqd.net
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
*.exitbee.com
GTS CA 1P5		 2023-02-19 -
2023-05-20		 3 months crt.sh
fd.tesseradigital.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
analytics.leya.tech
GTS CA 1D4		 2023-02-14 -
2023-05-15		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
optad360.mgr.consensu.org
Amazon RSA 2048 M02		 2023-02-22 -
2023-06-21		 4 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-02-01 -
2023-05-02		 3 months crt.sh
*.a-mo.net
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2023-03-16 -
2024-03-15		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-02-04 -
2023-05-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
onnetwork.tv
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-18 -
2023-05-20		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
ad.vidverto.io
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
paadserver.projectagora.info
R3		 2023-01-26 -
2023-04-26		 3 months crt.sh
redintelligence.net
R3		 2023-02-08 -
2023-05-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
cdn.projectagora-adtag-library.com
R3		 2023-02-10 -
2023-05-11		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.futalis.de
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-02-12 -
2023-05-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-01-23 -
2023-04-23		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-01-24 -
2023-04-24		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02		 2023-02-27 -
2023-09-20		 7 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2023-01-23 -
2024-02-24		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-06-11		 4 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-01-22 -
2023-04-22		 3 months crt.sh
cdn.vidverto.io
R3		 2023-01-26 -
2023-04-26		 3 months crt.sh
cdn.kdaimo.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-10-27		 8 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-03-07 -
2023-05-16		 2 months crt.sh
bgstats.mox.tv
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh

This page contains 95 frames:

Primary Page: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Frame ID: EFC82B8F494EF69D91C38B251B146794
Requests: 223 HTTP requests in this frame

Frame: https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679068800
Frame ID: 0F0EC57DEE1E15F735B1A68527DCA7A2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: A1FB11E3E4B0F2D59397E89A4EA0A75D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 22FBFF27EB645A054F4926E05FE68B81
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: E26758D41DB244FFDEE320C3CA07F5CF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1679074753&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679074752818&bpp=7&bdt=698&idt=352&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8250620160083&frm=20&pv=2&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44777877%2C44759876%2C31072952%2C31073058%2C31073098%2C31073104%2C44786499&oid=2&pvsid=667768734399428&tmod=1824094892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=386
Frame ID: 1AEEF3D622A88C1BE615CDDF07A00D0F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 191F87119DF5E27899B14B10A0C5B337
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 40C035D89616B84AA51BB959C3146667
Requests: 6 HTTP requests in this frame

Frame: https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Frame ID: F8A964FCC29F04905FA9D85A7D1A145C
Requests: 35 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164a1fecb0d748%26domain%3Dwww.lebanonfiles.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.lebanonfiles.com%252Ff28f4cf19884174%26relation%3Dparent.parent&container_width=650&height=100&href=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&locale=ar_AR&sdk=joey&version=v7.0&width=
Frame ID: 341AB4DB868AFD1BFD7C18F9198DBE0C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E43DB2AE43FC13ACA05B2D3419204354
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34DBE6A2584DEC78B94DFECBB3576289
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1679074754042223239411
Frame ID: CF716EA55A04CE958AA61F3B68F4C162
Requests: 1 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D39404CDB081BEE599EC4B11A89D84B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: 527516D8E153293C9E1FD7F687E95DB3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/052302271541000/amp4ads-v0.mjs
Frame ID: 3C11EDFFFE182A2035AAED30EB656FA5
Requests: 16 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78E15FC2BEF9E49EAE36FCA4A5E8A086
Requests: 10 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1678730599
Frame ID: FC968B788937049A83BFCFBA2F81E5DC
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Frame ID: 970C1FCECF730DB181A268849A85290F
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D5D19ADE431B1050316D5435F9F192A
Requests: 9 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0FE0EE3883978589582CFD3CDA57F7D7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 02DECEA7492EF25D2F5CE4312CED764E
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8A09D4D8E102F31E89AA76C22ED02363
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_pl.html
Frame ID: 7CE8590E3EEA22B3B2E52EF94CBA406E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_pl.html
Frame ID: 15548B524F1328DBC737EDE5BDAB9862
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: D9F9791625258B27DEB60FF05C61075D
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: BF96F2C8980F20DC0D63D658CA96CDB3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lebanonfiles.com
Frame ID: 1BE8011B99AC5009C7E67D08C5D230C5
Requests: 2 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDDC5EB52A93076E7ADD7B1D7899802E
Requests: 20 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 998D2FC8B97619771C1DCDE4138D8710
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8CFBB8D7B93ACC550F62E002D958CE5
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgZAwAfYlB_IA-ikGLNwAxCmKAOdBQG0-gIsSsK--1Ioblva83JzII9eTHsX78wNQAywjrsVZGtvgStrzQ6_TucKMPzYLPPswaS9YIgHTwl5Mf0L0vFLqdg0SP3Aax952AI10W63YhFq_RzIksDyFZqf-_lQhQ0ujcK1feqEkK77uVP_3DoRrHR-LogyDV_owHNwYKBjYPk3lOdcG-87v3C14s4S3OGrebgpnZmsSj_r7BelptuUWeUM9ZLSw9tEn_VV0lCSXicAqX4nyEXAaZ2JETo1zh7u9y-6dr1KxPTjuwkTnupDhF02WXFOHIWUWVibSnWNe2f6YtuYRvkibOxiMyHg&sai=AMfl-YRkXfU0djnSJugyGN7xE0XXmGsa5610q57J0nBirnk4NMLirQ38exNTv_fpoHrA_GXUfPWhufO31aZvkDCm9RPiXiJhlbp3h6VQFfSUTTMuGBE-odnq8o-USBX-6aM&sig=Cg0ArKJSzPTGjrywo0qxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 015BF85280CDF72ADD9A6C687A6BE859
Requests: 5 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C4CA833796292C8092B9B4D0EF354BD
Requests: 15 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF8C1517BA1A08B9D28EE17C8CEC1F70
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxEvx-0fqgrUCuYJuEbUXIm85G9rpT_i0vjJ4DIvK7p7qyeiU7iWMqAxWWFQcChL3r62Pv8LIUh3L96G2Z-EEREFvbXQYufUSGKTJ7NrwrOd7MZDFqfW68FrrNcvqSe4fmJTA_eVvlYoXTBveSZDzd3DzVMXuH02jR17eALbbrXRH3ITVEA_d9OwK1qUI7IWDxD4SnwwXHzEfoyfyV0sX6LZB3seESVEjcFuQN8e1ya8Fnzo9MCVYr8VTrSdbcY00wAr6r0Rh0ZRK801Nydr-oYNAXiLpE2zkmWBRvs9Epw2M3vkIYLMANMdHuVCORUQpb7ybd_k4A7siULg&sai=AMfl-YTY8hsWEvt6qdRhLbddS0Jg6OhxfcTmayZiEsWvD42LzWqmuiBbm7PDBkVnov8-uOgtoJq57S27pJzTIaF8R2cWOzjhF8raVR6POg-B5q2G4dhL-srrCljj5r4DfXY&sig=Cg0ArKJSzMSmVmD9k_KjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 450B6565B364E71DD2E3B77CC80535EF
Requests: 24 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 885F0A00D34A79054E5D32D2AEF5C48D
Requests: 14 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42E41782349F1FB4A64123AFFDF0BD11
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoq8QlhjznjPS95wtrIQRacaUB7_iXxLu5pKL9rjA_W6bHjw_0sq0yG-fzC_Dh1w5VB7XvQHm4iQB5I5fL0hDN6IWvYYWzCL9D7fPy_XgZFzf6TDebN7KbjHT2ewFemUtFsUHPBGVP37yYPVOtsRe5_AlhJrFCzuiFM5FJ6ro5MU6AAM9LnTHppGfn_d3sNjUDNwUwdSHIxHJXG3uNX_MHF30xuqdqQDSKWut_2noDA2DyJOiC0B_Ov_wIKVJk_H4crzt3TzNAZIWWW6IJIhvftHnkbR5KPjmfaBBq1M5Ep-KwCXqSPdYOKs_STvz0_pviSjFGEByW2l9EVRXmGEp3kSM-yJ4&sai=AMfl-YTOLbY2Z5e8Ds4EyIKnuleEzZzA_Xff_ZYvhn-n8VazP-TMpW4VQdM-1IZNeAyBmsRyys8IxcWt70uPMo_pavOAucPKMsW-VSGVRmM3ARV5gnM5cTYOuC-vA4vdKmg&sig=Cg0ArKJSzEble4goXePrEAE&uach_m=[UACH]&adurl=
Frame ID: 3527E08713D87F78334D51A0C1D9F154
Requests: 7 HTTP requests in this frame

Frame: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 484B0C1D6A445D09B0B5E62461A3EE1F
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html
Frame ID: 672C885D48AE1CB49A07BCE37A6BB874
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94E24D8E1FE8B9BED1EFA1DFFDFA5A93
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: B35D726B5421AFC5F4CDC614E6D5F47F
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_300x250(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(1)%22,%22eoid%22:2725352768,%22eolid%22:5436026142,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:970,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(1)%22,%22eoid%22:3026232221,%22eolid%22:6012624441,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90(1)_0%22}]&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Frame ID: 63550F62AC0CB7D258BA34E93D2980DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EFF3FA9375E2148C70334E39ECB41AB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F39C62FC0B58A7386399396143E63FC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D2D615213C26BBDDB53DBAC4BDF20F4
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=87914300138108400951389012266009&actionid=981741&produktid=&dt_url=
Frame ID: B98F50722D76230862230EF3E9100DAF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 292C8BAB40DB43056330859FE62550F6
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
Frame ID: D251C4C9979C3E5CF339CD3F4828E359
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995
Frame ID: 7E4A900B8B084DA19FF22B6E593D3329
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Frame ID: B6E60C3AFFD8F3C77263BF5DB64EA218
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3426BDDAB19954E22E3D18BD414B1551
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 7716F9CC8DD551AD890876D457E02792
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 24CC7C68BA3CCFB52C37899E35B0842F
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 952462718F3482ECAB256AC013F59443
Requests: 7 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: F8B507A82411AEF36E0913F7A7DE3C6A
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 2E65DD5E4AD1D510984E40C937C02DB3
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 725740BD733BF333F5BD09DDECE4CB5C
Requests: 10 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D7FEF11B2A44875879C46199CB520DA2
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=c307389e-e069-4131-aa38-4ef8669b305c
Frame ID: 68E58665F6DD08F9CB3E9F8757870CA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 93FD2BCEF102F747BBD6607866485E14
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 734F6C2779F7CB2ACFC7DEF1612D6CFF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: E7DF0C5FC8B29D2244B6757E71D7E517
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 17DFC962DEC737A440A406261D7B9C65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 4A8C26FFFA4469E8627D1881B9F88256
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: 38497BEEF7DA71AFA88D528CF76DAAC1
Requests: 38 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=42599400123205300951393012266024&actionid=981741&produktid=&dt_url=
Frame ID: 4AF9FCFB990FEFA2AE67DB53CAAC33E4
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BC934125296FCE3CAA0AC049FB4356F0
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
Frame ID: 4BD8892596D4C99F2FAA6E4C848BD52F
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123
Frame ID: 6CBBE4D9E08F5AA5C4270448C20C01BE
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Frame ID: A3D498FA19E45EA9C8E5A489CCFF42CA
Requests: 8 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=986d6414-a5c5-4600-8d41-10e13b984dd6&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Frame ID: 1FC9EEFF30675EE2EE5A263DBD85EFE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 292C5F7DC335FEA756A1C8152A18EC8B
Requests: 9 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7FED35565DBB49889D1CA912A1ABCB73
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9D1B5C07EA72E9F345C073C1E7E2F175
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7D74323BCC0212F8359455F217556F2E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: A01D7232D58FA59FFD1A52206933902B
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 12923BAD4D21BC3B424485AD9DD60457
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D03340A332C4D90CCD3413F77FA14AB9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 6C620E118BDF4915A35E566FB67E9F4A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C9AE08AA9FD5EA38F63BDEF411AF843B
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: DBC88D2DE85EBBC50177FAFCEC719307
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 8CE49FBBF43F25A9226E5CB72A79FF46
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 93EB29548EDCA927DC6C7CBF6ABD1C33
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 2D799A291C21C666311ED2D3DBDDF90A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 0C501BE737D4885A3508962110F43B8A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 4759EA821C73E291BD8BA5F9EC9C1F87
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dmRE2ng2WecU0QRM4qnJ&pi=admatic&tc=1
Frame ID: 99CE1D3EDE981C9B2B1B24344A4020CF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 5AB5300D95A8FB9CE541DA99C3685B1D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=e43c1a69-4fc5-4256-916a-8f086c5192cd&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: 230820AA063909A421802F70213A9409
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Frame ID: DCC6C08275D83927DD0AF48473FF7542
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_1x1%22,%22eoid%22:2761469273,%22eolid%22:5507213652,%22advid%22:4830452331,%22w%22:1,%22h%22:1,%22eId%22:%22main_lfiles_1x1_0%22}]&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Frame ID: 535160905C63095C3B31D230CBFD0A4C
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: C57CAEFF614F0F89D0A812E1CAAEC23A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: ED06C7CE51F34349930AB5C632E1C46D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FA73588D5AACAACF4E8B75B158B89872
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بعد إخلاء سبيله.. وليام نون يؤكد: التعامل معي من قبل امن الدولة كان محترما | LebanonFiles

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

749
Requests

86 %
HTTPS

38 %
IPv6

126
Domains

211
Subdomains

153
IPs

16
Countries

9929 kB
Transfer

25296 kB
Size

134
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=abf2b596-47bc-4b7b-a970-3fec4f1212de
Request Chain 103
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2729649020676050453
Request Chain 104
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Request Chain 105
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
Request Chain 108
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
Request Chain 109
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Request Chain 112
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=935320056.83480731937808639.560667 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=935320056.83480731937808639.560667 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f&google_hm=MTllYWI3N2MtZWZmOS00MDI2LThlNjItNTNlNTFjYzQzZTRm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECy-CBmyFj0pndjHwS79TRI&google_cver=1&ssp=vidoomy&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
Request Chain 179
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=O6MgL3xMVHVMaXBFRUh3bVJKam14TlY5MXhhdWVRT28xOUh2dGR5VlVkNDJiSDJqa0VnbmcydEdZTFdBdXpjcHY5TFNqSW5NV2s4VnVjT2pBKytrcC9OUkhVRHE2QXNGM0YwZS9ncUJXdGdSbW50MkVoV1BSUmJIYmZQT0FwZTBYNnFYY3RSS2s2RFJDbVl5NHFGSVFuRXFaSnlkQzNpZnZkRkp5S1RIZEF6TjhuRzQwUFdnTVdjdEpmUkFjaS9NQzlIOXllVzA4MERKeEtWOWZsTjhlZldYVFovTTVPMHFYd1pkclRtTEpkMEEwSXZMZndseml4VVJTYWRUT1pGb2ZCNHpQfA&cppv=2
Request Chain 276
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm3efxSSBOeXJMCyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm3efxSSBOeXJMCyQ
Request Chain 277
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFzYBnVx_MRwUsSkIZ00hyw&google_cver=1&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFzYBnVx_MRwUsSkIZ00hyw&google_cver=1&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg&google_hm=
Request Chain 278
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEHsKorIRKWm0ZLTmj_yTrFY&c_param1=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L46FYGELlSL2wVs7i2yabhkbEoIb3BfkHgkkFvcRECv5YWhw906JdCMQTmTHWv_Ykw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L46FYGELlSL2wVs7i2yabhkbEoIb3BfkHgkkFvcRECv5YWhw906JdCMQTmTHWv_Ykw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L46FYGELlSL2wVs7i2yabhkbEoIb3BfkHgkkFvcRECv5YWhw906JdCMQTmTHWv_Ykw
Request Chain 280
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKFRXxeUfPq6Ac6qae7-eEs&google_cver=1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1679074755589 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1953de86-5e53-4be9-8d81-81beb5838526-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a%26google_hm%3DAxlT3oZeU0vpjYGBvrWDhSY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&google_hm=AxlT3oZeU0vpjYGBvrWDhSY
Request Chain 282
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLydCLPJfcyCL2ry5_4uY4&google_cver=1&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b768seKhdZz62IptYCqGDdjf_GZP5PI HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLydCLPJfcyCL2ry5_4uY4&google_cver=1&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b768seKhdZz62IptYCqGDdjf_GZP5PI&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zdlo4ei5GRTJ1RzBybHkwVU9NQnVfcWxuaEUzczhGNX5B&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b768seKhdZz62IptYCqGDdjf_GZP5PI
Request Chain 326
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
Request Chain 327
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
Request Chain 330
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Request Chain 331
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lebanonfiles.com&sn=ChromeSyncframe&so=3&topUrl=www.lebanonfiles.com&bundle=27lKTF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdsNXBLbUxXRzQwZVZTNjQyN2ltZXZQTlpFRlVlbjRmVlpUSndnYkREbVJmMm1PakFnWEc1eFVSdWNhbU84Z01KWHJsblh4OVRtNFlzbmdpUk1kUjJnSDBvNmtEJTJCSyUyRjh0S3lJSTRkTmxyUU8&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OEFcFXxVanNvanhCSTJhbWtXVCsvaUxlWVB1QnRHYmF1VHh4UDNFeVoxWERKdENiSHdmNVFOckxGcGcxbTNGRUtzL0E3dmpIdGhtNnAveElnSlV5QnBJU0F3TGNKL0tvV0JseVQ0bWZyZCtTM1RKZFdYaFB5OEVnK0xXNC9QL2J2NnkzYlhKRndqalVFQ0psclByL0hhb1NSQWdCamJsMmsvMU5qa3Byc2FXbHJtNlVNaXUxbk9aRHoxOWZuaGtZSzV5R3N2YUluRGxqK0ZWNFIyYyt5clh3YkpXZkI2MlJ4MGZLOVpiTGd2WnI4ZEZYdklPeXpEVEJ1emtQakY5cEhic0xPVUxQc2VpMlhHWm1nV01MMUxvQVNaUGVkUTFEdGlkNlNnek1ITEdsNUplST18&cppv=2
Request Chain 357
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 360
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEZF4Hiug22l5zgaeul07-0&google_cver=1&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8umU3zZmhBWxcmS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8umU3zZmhBWxcmS
Request Chain 361
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEjvTHq0LFXA_aD1H8cMGOo&google_cver=1&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEjvTHq0LFXA_aD1H8cMGOo&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD&google_hm=dUIxYWhtSFU2ck44MzNlRWo1T1k=
Request Chain 363
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELFBE3pJYIx_Y50cWQ2luEg&google_cver=1&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540&google_gid=CAESELFBE3pJYIx_Y50cWQ2luEg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MjMzMjYzNjU4MzUyOTU2MTY5OA%3D%3D&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540
Request Chain 364
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMOL6PqPyuivjUEtLxWv2wc&google_cver=1&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_&google_hm=WkJTbHhjQ284WHNBQUpMckZwVUFBQUFB
Request Chain 365
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEK3YFG8tqbiqF1bHz9GENnI&google_cver=1&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr9s3AAxBpNrG6PrI9CpIyat_f6AWfQB7TCkKIIc0Ff3P8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr9s3AAxBpNrG6PrI9CpIyat_f6AWfQB7TCkKIIc0Ff3P8Q&google_hm=QlMuNjFkNS1iYmM5LTQ3YTgtYjljZQ==
Request Chain 366
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBNm6oQurkvDi0ljtOu9xlg&google_cver=1&google_push=Aa02lx8ODBQw1Uf8digrNdYwy-iG-Lymxi-oJG6jl-O4PZg8-1BrmG5unhoygcdcGryyQcwfTAZd-zOCueBeFg8rlPaIs6Kri8C7ug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8ODBQw1Uf8digrNdYwy-iG-Lymxi-oJG6jl-O4PZg8-1BrmG5unhoygcdcGryyQcwfTAZd-zOCueBeFg8rlPaIs6Kri8C7ug HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 405
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 438
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 440
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 450
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 471
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=87914300138108400951389012266009&actionid=981741&produktid=&dt_url=
Request Chain 473
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=87914300138108400951389012266009&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
Request Chain 475
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995
Request Chain 477
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 482
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIOBY3H2RUynBXQlb747oEE&google_cver=1&google_push=Aa02lx-diwF0XTANHMazlx-uTgjRe5sS911hHiuSuhA8KUWramRNmPkstS3N27nzOrs2aFG7_QpzoK1VolsSD9uLRx2p-RexfbbW_4k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIOBY3H2RUynBXQlb747oEE&google_push=Aa02lx-diwF0XTANHMazlx-uTgjRe5sS911hHiuSuhA8KUWramRNmPkstS3N27nzOrs2aFG7_QpzoK1VolsSD9uLRx2p-RexfbbW_4k
Request Chain 483
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5dgqyhUQ5JuJXSN4UM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5dgqyhUQ5JuJXSN4UM
Request Chain 484
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfVoPTsHElqKxY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfVoPTsHElqKxY&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Request Chain 485
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRmKIlIsQWoHVBbA6F8kUM&google_cver=1&google_push=Aa02lx8TFrkjaDBGEYFzLtRJBAd4w41JT6U3StwWklr7-MdYxcpr0-EZm7svp3ngiAaFYkfUyaqhUw12gG7tfD6DL567KbEwfHJP2Mg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRmKIlIsQWoHVBbA6F8kUM&google_cver=1&google_push=Aa02lx8TFrkjaDBGEYFzLtRJBAd4w41JT6U3StwWklr7-MdYxcpr0-EZm7svp3ngiAaFYkfUyaqhUw12gG7tfD6DL567KbEwfHJP2Mg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NZQlSSSFT-ODlYqU4KL9og%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8TFrkjaDBGEYFzLtRJBAd4w41JT6U3StwWklr7-MdYxcpr0-EZm7svp3ngiAaFYkfUyaqhUw12gG7tfD6DL567KbEwfHJP2Mg
Request Chain 486
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&google_push=Aa02lx8gQhWaNuv6ztwOERqleWhX1W1I8S7SLFhPUQyI2_piKiQx-_i3B0V8-WX4_YX9jqJkVr6xzLKBETwliy0Y23zrRWQ8fhfyzxk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx8gQhWaNuv6ztwOERqleWhX1W1I8S7SLFhPUQyI2_piKiQx-_i3B0V8-WX4_YX9jqJkVr6xzLKBETwliy0Y23zrRWQ8fhfyzxk
Request Chain 490
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1&google_push=Aa02lx8ZI2J0Lx1u18-CeGGaMOh3Sv7AVk0WPftO-Pseh1phypQDJEd2wKMNF9pwE7ul4-jDb4lPoPL38_A99c9xMyKqutDFmZxlEgVP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxMzQ3NjIzODU2MjI2NjY0NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
Request Chain 492
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 493
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU07OW7Qv_v_YCTg-VA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU07OW7Qv_v_YCTg-VA
Request Chain 496
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRmKIlIsQWoHVBbA6F8kUM&google_cver=1&google_push=Aa02lx-a5clY2NSjrIB6VuNLEFg6xN-TG9-qPHSQnSeXsaM9CakJ9Qt_C3xPar9UHsDbAJ4FsMrTlKLkdt-GveimD0GmT0kZ1uFCeC4h HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELRmKIlIsQWoHVBbA6F8kUM&google_cver=1&google_push=Aa02lx-a5clY2NSjrIB6VuNLEFg6xN-TG9-qPHSQnSeXsaM9CakJ9Qt_C3xPar9UHsDbAJ4FsMrTlKLkdt-GveimD0GmT0kZ1uFCeC4h&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8M84SMe8TgKFChUK0r6jFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-a5clY2NSjrIB6VuNLEFg6xN-TG9-qPHSQnSeXsaM9CakJ9Qt_C3xPar9UHsDbAJ4FsMrTlKLkdt-GveimD0GmT0kZ1uFCeC4h
Request Chain 498
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1&google_push=Aa02lx-15nfo_33uCFO59CYzyA6vNv-aQgjsU1t-f6yVedcCUCUHpN8f0UKpdiQAe6P4E9wVeSzqUVTeZDd63r_Gpa2FuYrROdkKqFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxMzQ3NjIzODU2MjI2NjY0NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
Request Chain 499
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 501
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGy9YFrxjJbAF7yUaVyrJjM&google_cver=1&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP3wDe4epxrZwETsww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTU3MTE2ODg4NzEwOTc3Mg%3D%3D&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP3wDe4epxrZwETsww
Request Chain 502
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1epd94yK0JlPbHkIslcl45BZA3Dg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCMVItMTEtTUJIRQ==&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1epd94yK0JlPbHkIslcl45BZA3Dg
Request Chain 503
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&google_push=Aa02lx-nwOn19Y411q6Wr1cyAe66sxUQ580AVKyPeu4prbQgzdtyfmaO_G2OIn-oP1k5YyrOd2g4RCQWwK1MdsrRqVeI0BfqLDlx5Ns HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-nwOn19Y411q6Wr1cyAe66sxUQ580AVKyPeu4prbQgzdtyfmaO_G2OIn-oP1k5YyrOd2g4RCQWwK1MdsrRqVeI0BfqLDlx5Ns
Request Chain 504
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGXt6nhooaFXqphc4kAYJ3M&google_cver=1&google_push=Aa02lx_smUsUBNbC3M3X-trASYZvs3jKejHhtdNrcHowqIR_TxdCB87v1c9gilg5jozwOM7FHRGQYq6cdGMXmCnIkbtGO5sttVB15wa9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_smUsUBNbC3M3X-trASYZvs3jKejHhtdNrcHowqIR_TxdCB87v1c9gilg5jozwOM7FHRGQYq6cdGMXmCnIkbtGO5sttVB15wa9 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 508
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=eUiNR3wyakl5QTE5NWl2Z0VOelZoRDV1dzNyMlh0cWk2blpra2lIVGJjN2w5cW1JWmlVaC9WVlE2S2V0REEyV3lCczBXd01QNUhlVVBoZTlvZFFYT2NoRTRBdFd5aWRPdjdNK2hGeThNUlFHUGFQMXArN0VjV3VFR1I1UTZuZnNjc1Z1WFBYV1BNdjE1UjQvcmFnMk1kb1licURIQmtoQ1lrMDBLZUM5dVM4OXNXaC9tTzJuN0FjNmVmQlEyUGh2dFJhSlRSamk2MmVsdGR0ZWNMaDkxNTFXNXFDdEg2NndSa01lV2phUGZMcEN3Uy9sa3M5a2IrZytUOWJ1SXdEWm1ZWE83Vjl0cHFQWW5YSXFydm1qMUtSMUVFOHA0UjJMdHBZNy9sV0NiM2tvSEkzMD18&cppv=2
Request Chain 516
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=c307389e-e069-4131-aa38-4ef8669b305c
Request Chain 520
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=19eab77c-eff9-4026-8e62-53e51cc43e4f&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sKbLAYpE2pkFwAGxfvXTMRH7BM..jNcxS5_J6g--~A&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
Request Chain 521
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=731154651419706253&gdpr=0&gdpr_consent=
Request Chain 523
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZAupKaYXwje3&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 524
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08da220403fc314bda4d343f&gdpr=0&gdpr_consent=
Request Chain 525
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=2695723713456944503
Request Chain 529
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A&gdpr=0
Request Chain 559
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=42599400123205300951393012266024&actionid=981741&produktid=&dt_url=
Request Chain 561
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=42599400123205300951393012266024&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
Request Chain 563
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123
Request Chain 565
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 569
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8JAfrMNPlFmYjiRrzWjAgR-pjBmlJgXFuyzJn9mZofcVj_de6Tdoto HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8JAfrMNPlFmYjiRrzWjAgR-pjBmlJgXFuyzJn9mZofcVj_de6Tdoto HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8JAfrMNPlFmYjiRrzWjAgR-pjBmlJgXFuyzJn9mZofcVj_de6Tdoto
Request Chain 570
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx_x7KnNrIZbcjnAQXOTIdq9mSeCkUcBazhhWgQvh8JPKecB5KlCENS5l685A2EJGqJx0abXzLSSYGK6t6EFwOiyd8hSuNGp HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=19eab77c-eff9-4026-8e62-53e51cc43e4f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=19eab77c-eff9-4026-8e62-53e51cc43e4f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0f117b28-aad4-488c-8269-94b37a021814&user_group=1&ssp=google&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Request Chain 571
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V0GixwQciWyYzRxsCh6pN4dGgf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCNEUtMTQtQkJR&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V0GixwQciWyYzRxsCh6pN4dGgf
Request Chain 572
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&google_push=Aa02lx-dy7Xpvn_kv1UKRZKfo9RJY-MZapkJ7UysEhU2Od-yr5VoLsZPEXn8S5PKJ6oGUqNHJMi1oyFL6OCIvi0h5rx9_WupnG7a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-dy7Xpvn_kv1UKRZKfo9RJY-MZapkJ7UysEhU2Od-yr5VoLsZPEXn8S5PKJ6oGUqNHJMi1oyFL6OCIvi0h5rx9_WupnG7a
Request Chain 573
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBaPGGdkZ_ZEiJa323pfgEw&google_cver=1&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYLDkkCzH3I_mRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYLDkkCzH3I_mRI
Request Chain 574
  • https://cs.media.net/cksync?type=g&google_gid=CAESEAq1-5ocuTaAFmeFaU9p4X8&google_cver=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFnumh1Lekue20aMavZqr2t0O1eYrksxQxxSHU3uDOBRHzshEd9TM1y72lWzXfMIDU330USc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&mn_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFnumh1Lekue20aMavZqr2t0O1eYrksxQxxSHU3uDOBRHzshEd9TM1y72lWzXfMIDU330USc&gdpr=&gdpr_consent=
Request Chain 579
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
Request Chain 580
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
Request Chain 582
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Request Chain 583
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
Request Chain 587
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 589
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&bundle=6o3CBl9ab3lCQXRhU0lNOUFCa3BLUFhGQVdzazJVTVlxbjBTUU01QVd4bmZsRkFSOFZVVUpLVnZqR21HTDVQbUZLZ3hVZkZxR0hTdFVMdlYzdmhXTHBtOVAzZk8yb0tMTUpnS0dNNnBUNjVic1k4VjVQZTE2MnBhRjNPWnEyS0RBTlh3NTNyZnFHZ0plWkhDNmNJTGlBd0lXRGVmNE5CM1R2JTJGSTBqa3VRTEVCT0FWSSUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jPjCdHwydzU1dkVMcEJLdGlQNjdTYTBkMnZGOStMMmY4Ny9TeWdVVncvLzhXVlc3RWpCNThZUEhQUGx4UnFtM3FWUTBmT3VTZ2szcUxRSStXV09Xc21OMEVhaGt3cnVYRHIrUVVDWUlETXo3K2o5VUVoQzV5VWc0TGRzZkdOOFNqa0psT2FNaXc5WG1YOEN6eTNPRSt1RUxpZ1M1R0FHb0ZNRmMwMFV5dEVmVzVjMllPNUxqQlZETlMyQnVpdTFYV0ZrNXA4MEZidUtJQ1lPSDd0OHNaa1FRc0hrMzN4bE5aaXc0S0FFVWx5QTl5K1Y0RlczRDQ2YlNTNzI3OXJRSUlIZ2NvK1dJWjYydERxVSt0OVFva1ZKOWx3OXF1ak1JTXdJMVFKMGhLWXUxb2IrQT18&cppv=2
Request Chain 603
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Request Chain 604
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
Request Chain 607
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
Request Chain 609
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Request Chain 610
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
Request Chain 618
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 636
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 640
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx-E-wBDHQjgGViKsYrWAt8LT75FU9IDmj3qIr2Ez0lbljmWXtyZz9gmlC6s_qf4QeACkXSiMAPcLklnlcISLZZHVHnbtJ4ZRu0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx-E-wBDHQjgGViKsYrWAt8LT75FU9IDmj3qIr2Ez0lbljmWXtyZz9gmlC6s_qf4QeACkXSiMAPcLklnlcISLZZHVHnbtJ4ZRu0
Request Chain 642
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M9euJad1OBHuzp2u08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M9euJad1OBHuzp2u08
Request Chain 644
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Request Chain 645
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGwLb6g04g6n0Jl7la0IYdg&google_cver=1&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M1aMKPS1PXfuap9BqnrAaRsYl HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGwLb6g04g6n0Jl7la0IYdg&google_cver=1&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M1aMKPS1PXfuap9BqnrAaRsYl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAzOTM0ODk5MTA4MjU4MjYxMw&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M1aMKPS1PXfuap9BqnrAaRsYl
Request Chain 646
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIhN8MpHv2u8EXz75xsJtYJhed6v5HO_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCR0QtMU4tODFDUw==&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIhN8MpHv2u8EXz75xsJtYJhed6v5HO_
Request Chain 650
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dmRE2ng2WecU0QRM4qnJ&pi=admatic&tc=1
Request Chain 652
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=e43c1a69-4fc5-4256-916a-8f086c5192cd&gdpr=[replace_me]&gdpr_consent=[replace_me]
Request Chain 653
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b5cb227a76f21383
Request Chain 656
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 657
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
Request Chain 659
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBSlw3aEfnKQynXucJ8gjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
Request Chain 662
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679161158
Request Chain 663
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=986d6414-a5c5-4600-8d41-10e13b984dd6
Request Chain 668
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 669
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBSlw3aEfnKQynXucJ8gjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
Request Chain 670
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
Request Chain 672
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=dedf0352-f68b-4e6e-8740-a117da1e2c7a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 673
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBSlxgACUdB7OgAG
Request Chain 675
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=171521e2-d6d5-415a-8d5b-54bf4e5e24fe
Request Chain 678
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=3e29c0789947d565ca7838121622b2f721b02878f7bf3eb6154bc4af9c54e8d2
Request Chain 704
  • https://pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ROS?rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F HTTP 302
  • https://pbjs.e-planning.net/hb/1/58d04/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Request Chain 737
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAA%265247
Request Chain 744
  • https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_pre=CLq6jPXA4_0CFTCB_Qcd79IPLA;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 769
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5039348991082582613

749 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a... 		101 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a96aa97fba3b0aa62dd5c212276194fe404600db20a1a418d804567fe4c582

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a9703905c6f8fd0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:12 GMT
itw-article-cache
HIT
link
<https://www.lebanonfiles.com/wp-json/>; rel="https://api.w.org/", <https://www.lebanonfiles.com/wp-json/wp/v2/posts/1243159>; rel="alternate"; type="application/json", <https://www.lebanonfiles.com/?p=1243159>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVqmJtinTb3T72btnNJMZjz49GBBF2pRz%2F8JGYaqGxzwdrexlhaNbmfxEeMDOTaQSObuRqcz78l3x6o8xT5c2il3%2F4S%2FaNaLHfcjescp0MRDkj0bBasXUXaXUvODOtng2qGVALp5TxPAmAEjqZq7xEi5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cf-powered-by
WP Rocket 3.4.4
styles.css
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15854293
cf-polished
origSize=2731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 19:48:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY%2BWsaXHflOzMWwMnFgbHWEz2KnE8uiO6ud%2FO%2FXerq1FsQSvF9P0pSK8q%2FyrtpPlDFhb7wIH9yrZClFbbSxDsaWvnq5zJQBM86iYypvIMonQ0aBmozFanNpJ43GsvJB8twDeObpXlntOQ8q1JubHX9mH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a970390fdd28fd0-FRA
expires
Fri, 15 Sep 2023 05:33:05 GMT
triangle-mena-news-coverage-public.css
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/ 		0
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/triangle-mena-news-coverage-public.css?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15854293
cf-polished
origSize=98
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 12:11:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgEA3Nk2ekXCv5KROgxdU27fjaFsFzkqFKHK%2FAC4ZfMnZmVhzGRQU1lt9fmzqiIZdKMppULm25wfbTgh8mJ1CuOjfixCLvhMqF65jWHjPjAQlHsExPa9O4jtUBGuv7R1dRpJKtCtWbs8lC%2Bf%2BNj9mLVn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703910dd68fd0-FRA
expires
Fri, 15 Sep 2023 05:33:03 GMT
plyr.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4939766
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWeD%2Fsgc9cutrXnCy%2FR61Z3a%2FKgm%2F6gesu3m3Oj1p2lQ02GP6LWKzk%2F9tGL%2FS%2FvlgtdoOn4dVPKwFsMYoXz0lxnYqFdXYJHpAbBRfAo%2FpUp3s6A%2FT%2FaEJAFH7Ejh2S95yKUyYfvjTVIQ0vm2EXjXCJ4v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a9703910dd78fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 13:26:04 GMT
style.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/ 		308 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8b8c050b9481a6ec459e18f0a6545294badc0eaebbb96ac6a9e62ec6461d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4939765
cf-polished
origSize=378915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 13:26:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdKzLewRp8TYR0sZk5lEMVcqR4qTVQyufr20gCwqSBJBWdWiyWPqzt7VfoAF8l1FK3ctMTkLTTwQ6Kt88gVKvY6tIcFw44xBTsRVjWPqj%2Bx8XP%2FRgzsYQswbuQemKfYfvEIBsy4EQgChJajezxJx0kSp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a9703910dd88fd0-FRA
expires
Fri, 19 Jan 2024 13:26:04 GMT
simplebar.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4939765
cf-polished
origSize=3819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQgPYfSzdfSEfN91H2AwlkJ6G67TJQ3KMNDt5AP%2Fw3vp80fdYNpUS0sSMP%2FrFvRErIaM4lPNUaC1ofnEcfcyhRWLNICviLfxyCDzMgl7gBW7TiDdxa1JFavL2aDKcxbxAdgu3hnH3bwkLGlELjl8CPw6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a9703910dda8fd0-FRA
expires
Fri, 19 Jan 2024 13:26:04 GMT
swiper.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 22:12:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4939766
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ci1aYBBrOB98%2FFovyC2b%2B4tBWJbd7KX6fV5r4yzVg0MqEgsZj%2FPCMK259Zodro8%2B%2FBbpGqxjQ%2FdEBeGD8XF0GTcJCjOPu6d1wKdPhzcEAHNnh7scAQSh0Q21BOOVvBczhW2vY2FPxxSQC8bM4JrUSk1a"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7a9703910ddc8fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 13:26:04 GMT
th-15-4-e1679066425609-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/th-15-4-e1679066425609-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72dafa73c834424b8c8ae43f78623459eb93fc0a0e4cd40894271f4e9e1736e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8237
cf-polished
degrade=85, origSize=3859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3708
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 15:20:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuuWULPwiuB49nU%2F5BNLbNmezAsswsAJ%2BMCtQ1tolAYE3bqPrrvPgc1D67aZr3R5XpI%2BdRlfk9x2Y0GwiMQYhEyGyeb3yUKJ%2F9Uw5SkT45nhtonS8Przd7NIPjdu4CC6b0Cs9DgLOa3OWfWGAUPXbWDb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703910de08fd0-FRA
expires
Sat, 16 Mar 2024 15:20:38 GMT
143-125806-lebanon-increase-fuel-prices-second-time-week_700x400-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2021/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2021/09/143-125806-lebanon-increase-fuel-prices-second-time-week_700x400-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6004e4eb8b18df44cdf9abfe01bc8ef8f904e04903223258e60496e322366324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
271305
cf-polished
degrade=85, origSize=3852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3706
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 12:18:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD27ZqKd0Hb99X5UCxTPRGaJX0cp5GXvGj%2BZT0q33njukes7ZxzJ3dPdn8oqF3qrNgGUQnARxRTQJBi3L5UeD3AZpdu4eYN317pufkguHrZPxu3uftnQj2%2F9KSreOjDw3j8SUEZN5LEhq%2F5SghphenRP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703910de18fd0-FRA
expires
Wed, 13 Mar 2024 09:25:50 GMT
Samir-geagea-2-2-150x101.gif
www.lebanonfiles.com/wp-content/uploads/2021/10/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2021/10/Samir-geagea-2-2-150x101.gif
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a367f99eadfd25eeb9b0a17124331b22b885969d5dc46051cf6dd913f28f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9489
cf-polished
origSize=12633
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12623
cf-bgj
imgq:85,h2pri
last-modified
Sun, 24 Oct 2021 18:57:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGbVeuG9ly7H9M7sbZHfV%2BMVQLGYVAdw713gXEDpgIOXVunpRNar38SGLLeVD%2Fqdq18RixF2C75xm0jVyb4AzzJIOMvz0k6FuY6Uee%2FsDo8PSZA1PvfuT4b93KazHzhNszNtnxBpDcqyuOFD%2FBg60O%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703910de38fd0-FRA
expires
Sat, 16 Mar 2024 14:59:05 GMT
th-14-4-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/th-14-4-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22d543994683aa0fac123c8c84095ef1b1b4dc20161819eda7ec37c3182d298

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10997
cf-polished
degrade=85, origSize=5799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5504
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 14:32:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FRp3Y%2BMtxT7mbnXfDtZOKSP4griSbKLG%2BvRB4E8soDKYxzC9%2BIznwiSKZu4HRYJoJeT99tj%2FHJwsw%2BTlxGS1SgwdUZC31nkYMSThNQAsF8w9aZtmsF5p%2BzH%2B5drhf468aRouT0JyexmIFjU2DYaGVla"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703910de58fd0-FRA
expires
Sat, 16 Mar 2024 14:33:01 GMT
%D8%B3%D8%B9%D8%B1-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A7%D8%B1-1-e1621187222737-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/06/%D8%B3%D8%B9%D8%B1-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A7%D8%B1-1-e1621187222737-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1275b95069de35f7ed77e2c85e1fcebc1bcbfb04fcfe86e897d72dbd016ea9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13209
cf-polished
degrade=85, origSize=5183
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4937
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Jun 2022 17:00:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WQ0d%2FMdXQ0ErhECC0DW609n6ct8F46JXIJns96kz7l4W5Y%2FPEUkjP5YqdRSa2aQsDHvF3bzds1p0O2a%2BCV1zqtaD%2FplA5IRiFlI6%2Bq3kz%2BDaG0utZTWTeEfE%2B721FDa1vtw0tzHahb0VsFAUg5%2Fsf9%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e2a8fd0-FRA
expires
Sat, 16 Mar 2024 13:58:33 GMT
4-32-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2020/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/08/4-32-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4322a3c57f14d39a7ff7ca45f311f9131f0f95047a4ca19a781e3e803f8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13571
cf-polished
origSize=3754
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3703
cf-bgj
imgq:85,h2pri
last-modified
Mon, 31 Aug 2020 20:16:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM6xK1m40q4F8QBV7vP5GpQkqz1kwu362brcPY8KcYJP7leejsCxwoUSJoLHwVgynyBNJkdK52JZGysXH4jd%2BjhN%2FENpSJtevqYUTcSsEvulopIg2V38KwfOqZ5u5NJRnsLKFP3svNIDdq8fCKEvFYGA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e2b8fd0-FRA
expires
Sat, 16 Mar 2024 13:50:00 GMT
riad-1-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2020/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/11/riad-1-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc004efea24aa712cb2aedf919f7242fea7c01a9c21e2f7aff3295434ebde8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18533
cf-polished
degrade=85, origSize=2933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2847
cf-bgj
imgq:85,h2pri
last-modified
Sat, 28 Nov 2020 04:44:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LQYETDOcDKTilJLnsHnSppTf0I6gV5Yk%2Bly2fzg9Huuv%2FY2T%2FiH5N6DwAXaY%2B8e3%2BeCQW7zVOR%2FJXoP7TyVOyoC%2FFGp02XKbobDXGfLd7b2hplNewS7pdD%2BfUPvmXb8MTiCgoAxERx87%2B37%2FUL68Kte"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e2c8fd0-FRA
expires
Sat, 16 Mar 2024 12:29:54 GMT
marianne-1-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/marianne-1-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde1da3c70b8a9901824770ff25f1a70d7c685572117b335d5d8344758f9b457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19594
cf-polished
degrade=85, origSize=4186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4079
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 12:08:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3DrXoo1tii0XaIEIXYo7jrP7KX%2Bixvepursal6HRUeq4SbH0DH46bOxSPrclRT%2BdzNsvO%2FR7Q9a0mZHEVUS6Ad%2FiuK0FMD43BbDkYVa88gj8c7ZEVeWacUo%2FZwashL5dYaGQoZb3%2B0SRLgGM8Vrhk5F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e2e8fd0-FRA
expires
Sat, 16 Mar 2024 12:08:59 GMT
th-21-2.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/th-21-2.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a5d93226c471727eb7a4a464cfc8fc2f05244eb9a1bf1ae11d0ee91196c4e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12921
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11878
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Jan 2023 15:57:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KMFLPjVCRPhyYGFCdl4yHfhxqkeevrhc0ymh6F3a69XXoKjYLUzcs3BAPbcpYboozLea7br1fNRzQ6S%2Bg%2FTEIZWVwRkDuK6s%2BKhf%2B%2FeOUjbBgWsn%2B8Zqd6IfDzg0UEuPYX6%2BWoQaBEpm0dSpg6ENZQW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e308fd0-FRA
expires
Sat, 16 Mar 2024 17:38:54 GMT
%D9%85%D8%B3%D9%8A%D8%B1%D8%A9-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/%D9%85%D8%B3%D9%8A%D8%B1%D8%A9-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a896b03559bf7727747587facbfe9277069911df6ec57b0d225a20858a4a093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
913
cf-polished
degrade=85, origSize=22092
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19916
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 17:21:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deAm5b2NrMWCz0AoypVu4gpoRsZHXTYjPPOe1fAonMoSJ0BtLMLNm676U8nCPwnykHIudS0PUQs%2FnCdv2frsX4VqfiNJAmuaRrvyTZFs7UOiqtOebd3DKjzlT8aoBSsoZWeOj%2Fz7AFD79E9N5F2CGSvb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e318fd0-FRA
expires
Sat, 16 Mar 2024 17:22:06 GMT
trianglemena-logo.png
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/trianglemena-logo.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3639330
cf-polished
origSize=6872
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3837
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jan 2020 20:48:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ0wn2uqvUzttTnOKcAkIzOM2B9Uvk9tjpzFQdyNU%2FFxcYdgDg5j9gR1XrnqrIzwnCpp%2BpCjC5JpbBeQsf8Wum2rmGioRUniKwC6rukFruj8XXr3AYanKzJdqY9r12%2FJNSo6Ph7UTH%2BEFqQM%2BNHjtew4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a9703913e328fd0-FRA
expires
Fri, 26 Jan 2024 22:14:42 GMT
rocket-loader.min.js
www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6407c11e-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9lOym7n%2FfXQrhanE4Io%2F87gYEkbf4keaNgm6zD5qzv%2Fsm1E5KULlArEs1PyKkJTpS2oKA1S%2Bdmod8OtnSyi9H8PM%2BNjm7pUmhprmhf9HG5CSKAHGAJrkPM0MBXjOHrXfHlVKVRvHnV6%2FDUS6KahnC2d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a9703913e338fd0-FRA
expires
Sun, 19 Mar 2023 17:39:12 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7a9703919cf3371c-FRA
logo.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		14 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/logo.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
13661780
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwyFmYcaF17HgSPPbvTfJh8gC5rmIcFLZ3cNZY%2Bp5pT6bESU8XyQV67f8Eu29j%2FvA%2FwqvqisdBvzMXMXOJJQdLOZDllk%2Fbh9O749FRcHGgHyhcH7Y0dxpKxZBNTDNGAa6VZT4eNHHqWhD25iCDBXFmV4"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a970391ca3b9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:06 GMT
ArbFONTS-The-Sans-Plain.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Plain.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14047265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhGEVfsWgrobt0zYYNYGLzQCmykummcza7o2RLHE9KuFA9OI5n2WZ7jm6MxLFO8MqioyxyepCUFqbZQ2RVF%2FM9IiffXGrrmNxljaDZlkVeDsejEtrO3Z3HwcgLgk2%2BE%2FPMEiUs8uXsHFnUqzq80KvBHJ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391ca429016-FRA
expires
Tue, 19 Sep 2023 17:51:03 GMT
ArbFONTS-The-Sans-Bold.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Bold.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15854292
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59664
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eg0qWGHmnZeoAm3n%2BVLzNTOZHBck5dPV0Hz8AXa%2BJ%2B06%2BV%2FtNYopsMx11Rn5Op%2BXU5QsBBf82NvHywqqBmt%2FKksc6edhDHpOXmlyz%2F9K0JNedgybq0Mn1HItocdoiLZDYV9acVg7rXP9xVhlhwjjUvTk"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391ca439016-FRA
expires
Fri, 15 Sep 2023 05:33:06 GMT
ticker-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		1 KB
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ticker-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3587907
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ5wOt%2FVyTvlgEj9fKhV631kQs0SyJikStu8sWC6w5O2d9emHc2XwnJ8Gwjdm5E%2FiH2u0tP5szxcJdQS8TOX%2B2MWddPaFB1mwm0NXpgiNDQzDPr3DiWGnvUTrrSy7I6ie0vPPni4KSDfF4JGLPCVV7QO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a970391ca469016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 23 Jan 2024 22:34:11 GMT
lf-small-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/lf-small-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854292
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUepQRso46wyQu6RcASFdL825s0JNpcBn%2FOaTuoJQXJep0AC6naGbf4pwKrYu1EoiG7ei9MgZd9jIFRCJU9LA%2BVgdf7%2BMqZ3omWIzGCFu1gFypyFisz4XZn8T0bm5YgX%2BrsM3rnqFBemTvGu2NoicxD6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a970391ca4a9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:06 GMT
fontawesome-webfont.woff2
www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15854292
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrXjCJ7rQMtDzaZ5A9iLk%2BV0w1f7v7fSHvOQL9e2Eyba6HctiVctPv0Yguas2o8APDCyfORG9oq36QRW2ktvkBXi8a7nf2dXuv333ObqJVOFmnP7JD0PshXnYqL0dO8gpio61ZNWV9isJ2aRvB4EjYy7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391da509016-FRA
expires
Fri, 15 Sep 2023 05:33:06 GMT
0L9A1333-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/0L9A1333-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88da1fd9f530a1501a171171ec38002698c3b35f5ff55be96ad37270a7bc1cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
913
cf-polished
degrade=85, origSize=40162
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19906
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 17:16:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUyq%2BQu4NXUFZE85Kq%2BjP10gG1ttdz9MC9z4Y7397ayDe7UjJQIzLmb%2Bm0ZTp%2BJl4Eaphraraee%2Fn7%2FJtH1ARhaQtNTE3X%2B4qI5E8WWsZLrbyM%2F1O4FKioShV3xI2U8p%2FYhOc3aRvmnn9vfmou808Gx%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa7f9016-FRA
expires
Sat, 16 Mar 2024 17:22:06 GMT
%D9%85%D8%A7_%D9%87%D9%8A_%D8%A7%D9%84%D9%87%D8%B2%D8%A9_%D8%A7%D9%84%D8%A3%D8%B1%D8%B6%D9%8A%D8%A9-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/%D9%85%D8%A7_%D9%87%D9%8A_%D8%A7%D9%84%D9%87%D8%B2%D8%A9_%D8%A7%D9%84%D8%A3%D8%B1%D8%B6%D9%8A%D8%A9-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0c77ad56a5ac46b57264ee63dc0cdf9e49430f9e1019148e612ec9c73391b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37124
cf-polished
degrade=85, origSize=21776
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20071
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Jan 2023 21:11:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLketeNtFEPZKElgCDrzYCndrBMPulu0ktnSZsSOdKMQXOdQAqp05epDYCnd64XVKiQKGhVpVcZQasd1LkEvOW8iETHrDX1c9sjduaigSZpaD%2FtqYwBi6Hm19w%2Bgna1LYJX7m93mOOJ98ozBXd0Pz4D9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa829016-FRA
expires
Sat, 16 Mar 2024 06:16:14 GMT
Frb6J4QX0AAiGh5-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/Frb6J4QX0AAiGh5-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1324f3b6cbd7035a34c23da1de22fb5fdfa1c0835e08947ffa44d4fe0ff899e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1817
cf-polished
degrade=85, origSize=14651
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13969
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 16:51:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdMqh4XkBfvwBk0sfKBi189LwwD%2FTdgdI5NlJnxjS5YXHmNM6q7XxVblY47dyE4A%2BN1ISlw6wdP24zD1ZD5UpphpNpFZ3PUtC2xymX%2B8saHGLUJvTV7g2jpg0UfWDgnX47EcA3Y2CZE58AYJKyFNQGzR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa839016-FRA
expires
Sat, 16 Mar 2024 17:07:57 GMT
%D8%A7%D9%85%D8%A7%D9%85-scaled-1-e1659801416942-800x549-1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/%D8%A7%D9%85%D8%A7%D9%85-scaled-1-e1659801416942-800x549-1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432644d6ec2313be7ba34700bdcb07470e2096342fb077c65e3aa82221003416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2720
cf-polished
degrade=85, origSize=11035
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10810
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 16:46:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5soltDzz0vg%2F6HkYpML5x6bbA7lvUZJflQ957BTCELPsviWfAGgp50WyqRC1X3Ug17UhRGUu7z8uG4Wocb%2FoX3izECsNf5inZkPsT2ag3tJsPGMOKYttk2QEb3q9%2BNUoHUazg92k5%2BNcXBJhqR%2F41GH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa849016-FRA
expires
Sat, 16 Mar 2024 16:52:41 GMT
35-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/03/35-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e010cd62c0e942d64021ae76d2cd4e2ad3ac18589310d847d5ec90179f05662a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2901
cf-polished
degrade=85, origSize=11229
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10985
cf-bgj
imgq:85,h2pri
last-modified
Sun, 01 Mar 2020 15:27:35 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCIYOD%2B60t2u%2FLUdL2L6oX6KeOJo8RWJoSibbLaO5F9vx3%2FagXiVT7z82RHHD9GEQdzoEu1FvNl%2FsBMre48M3VTWzYwMvhn%2FQ6bGiEQqpH1l5sPgrHa05Nh7TkvmH0wya5LYZ3QEeKkAe168uKJYY9Aa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa859016-FRA
expires
Sat, 16 Mar 2024 16:47:27 GMT
6414936f102db-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/03/6414936f102db-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e52b195862e9378c856484ae50e8010920fcffa4ea9718487c5e816f6a298a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3443
cf-polished
degrade=85, origSize=10026
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9276
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Mar 2023 16:29:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iQIiPuD8KeKJTlLaHec%2FLOQ4Yv0R%2BFnAdHVqlCxo6Yy1837hUA5OTxUpq6OnzJ%2F%2FQoEIAdSQLRM31aBWpqDN7RNpZCNe89vTI3VlvycaCXANKJQLqhJ2zw3LS2iEXRcVTSRnKe%2FIlBpEXHLDvKfhJ40"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7a970391fa879016-FRA
expires
Sat, 16 Mar 2024 16:33:10 GMT
bundle.js
tpx.tesseradigital.com/dist/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpx.tesseradigital.com/dist/bundle.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3917a0d5c7d1b4ec6947d41f4a6d80c42c5b2464d022ac51a13a39f72bf409d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
server
nginx
etag
"b96ded8a8195877da36fed3794bfabbb34758f12"
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
26906
lazyload.min.js
www.lebanonfiles.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 14:10:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854746
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpRlEo3VpRnwPQf%2Fgrz5fCRZaz%2BcgYCPkXGBvj1QrYDGKpdJ3wIK033gFoiScFAgsXuR6z19wniYhy4%2Bg%2BGedhH4DzIQyxh4JicxCUOkxuNIWR%2B2UmdjPNWTmXJCO1t4eLDxQ22BGPMLGvAVZUZUVHCs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ac99016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1340
etag
W/"8256f101039245592bc7dcc5496ed987"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a970392bb8a9195-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 20 Mar 2023 17:39:12 GMT
lebanonfiles.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/lebanonfiles.js?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4939765
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygXBzfhVXlrvyEN4eG2h1%2BkfCSdlX88MxZqCNYFxvHdieH2kpsv44GcHLXq4btqqqQVqbzf5VE58DjbALK3F56iL7GOuACI%2FAU1Wveqj2eK2%2FK922vJO2RsGndQBvEoOAIE2WKF0DBfHfIK1QkIqjgCD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922acb9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 13:26:04 GMT
simplebar.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.min.js?ver=1.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854733
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BYq4eSxX0Em8Xs9JhssyzeCPciZnuG8CqggHWeLHWP8Go69onFUMSGt%2BXBCCi40yBV3KCfFpVIO9mVGi3LpgMGk0f0iuA%2BhCzV0%2BgPl2rqoPR9SWa8qUHhqVOTW%2Fm2NCh6ZOob8SYLYpyGGjLsUNTeZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922acc9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
slick.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/slick.min.js?ver=1.8.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854733
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23BHKCT%2BttmbXVuOhQ9NYcGwT99vVAxvVE5aw7frZET5Qd%2F%2BHY3I%2FsuOZb%2BGlTMk6chSWz31OrIxMUWgnWSdd0qk1CEnvTldidFkXqUiw79D%2FImBLDmV0JSex9IrjGSJ43kaofpvJ56RW1ODTq%2Bc2Sqk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922acd9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
api.js
www.google.com/recaptcha/ 		919 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a934b5a286326f584fdfc16523d87b130f3ed3335a6519808d2b008d1b961970
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
1; mode=block
expires
Fri, 17 Mar 2023 17:39:12 GMT
index.js
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Aug 2022 18:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854495
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx6H2VZlg8%2BUIFbbOVLTYO3FXX5AsrDYUVsXWMAu5eaKji3qMSlGJhInOOAw0ks0xlMXDkGBBHS6QpSy5XKNDnXOukFumRY2%2FYE1r5hF%2Fv6LuvG8yNLNxWiDuva2V%2BnHbl%2FegBssRwAwu1AJvTfCq%2FRy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922acf9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
wp-polyfill.min.js
www.lebanonfiles.com/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854495
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDilHWDNh%2FC6oidgXxKjQ8Pl%2BF92fmyZrVehthiCZxVx7h35SpgYP%2BvV0L%2B0oQryjkUNsnTohG2u%2FJx2Kz%2B%2FJckIGGU6p%2B6yuP850GhefHpAXnq4ffpxMCF6pwmy7Z95C0iNvA8sqluudbC33iOPcdE0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad39016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
regenerator-runtime.min.js
www.lebanonfiles.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
664869
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENp3XUR9aDL1fhi7fl1oSmSqFCKKVSuuL8ixYqeMlN7amsMcD8tm8sBx4JfHpX%2BUdui5GCgp36CiRB9PDkkioX%2B4xeu5Jx8AHwxzStNBzT7MA0j4hPvzzHF6izDkKvkJ1on2sRN7ROQUIDkeX5V%2FfgqR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad49016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.110.86 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:13 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
3BGSXAY61GG37EMW
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
hqNZxfHJ+dnsgFHr6obZEJ1kirP0Mcq93k2psQYz3GmwTjrmzKd4uVg350KygcCsrQQxDgfWx4g=
lebanonfiles.com.1189476.js
jsc.mgid.com/l/e/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d46828835b5ab33ab1258295bce5afe4cce39a0c8a857765f9684364597866f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
x-amz-version-id
tlvYyawRj7k6gal6Ls9z4x4bDn8XOuRR
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1Q8E2C7FFBRD5KCW
age
7136
cf-polished
origSize=2664
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
uhvde5wiDA82u4Ndf6gS0UXJKL3x6/1UFP8HcVZRxdebOw+oiv3EyjOb5OF+kcTuilpusbQcdE0=
cf-bgj
minify
last-modified
Fri, 24 Feb 2023 13:18:00 GMT
server
cloudflare
etag
W/"4622537da2a2c44556522ee16cfc19f5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7a970392cf7b4595-LHR
expires
Fri, 17 Mar 2023 20:39:12 GMT
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ccfa4a76edac3cd8fcf47be7829d3b32a6cd50e67a82ad726cde38ca8692847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Mar 2023 17:39:12 GMT
content-md5
hdgf5e0HkEsIgj+dlS0XxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
ufqA+JCVAB2aWF4d6xJLuAvr0IZBQzw8JVdrwpDjbtxJL2OaqQggcRU12S3XQmx0iCYCcEDBxZ2CfrkUP+zntQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
x-fb-content-md5
6c804f04c7994e7da6a338840843b438
cross-origin-opener-policy
same-origin-allow-popups
etag
"d88d9c94a6b1d5c5eb4f1a3c113ce392"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 Mar 2023 17:50:18 GMT
RV0UR9OI.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
6d3e8aa04471ca235093290325bcf511af7c9ced7cccfc2ee6d6ed2a2198fe0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
cdn-edgestorageid
1053
x-amz-request-id
MFQ5SDAS7V0M7YHD
cdn-cachedat
12/01/2022 21:38:43
cdn-pullzone
55316
x-amz-id-2
TUOnadYmdqIw5bu2UMU8Q4R2N2sWrMvCe7R9DJWSl2OKer7xXDNZTma95k7qc7+Lr4uWQNVpSlw=
last-modified
Thu, 14 Jul 2022 10:18:39 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"0f37fbdf419c5bd29bb16eea13de75ae"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
c87faca2d34a672d4355291b86f6182f
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
cmp.optad360.io/items/ 		497 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 20:46:35 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
75921
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
497
x-amz-cf-id
7IaWsUEtjppkXLLorpJaOTns5TK_xcj9hmC7KxrXFp6gkGyREQ-wtg==
plugin.min.js
get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/ 		267 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4689948bf60aeb394fde77e4b131bae6e1848dc9fbf376eba35ddbf776e5cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 11:18:18 GMT
content-encoding
gzip
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified
Mon, 13 Mar 2023 11:18:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
368455
etag
W/"afdab9fc62afebae8541e6f3d8086ba0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=604800
x-amz-cf-id
os56pIJuk8uskmi1V5RJBbNMtodKY0rvM2tjoAcY_qxZ8lhuyiQRvQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e48f833dc7fdd25eca6c731721a68a85c2f8c12e6e5828298c12386c5d8e141a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27472
x-xss-protection
0
server
sffe
etag
"1513 / 622 of 1000 / last-modified: 1679051457"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 17:39:12 GMT
sa-script.js
cdn.bidder.dev/clients/21894097782/lebanonfiles/ 		165 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.69.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.69.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4b72b85b9d16b8c10a1f33b857ba56470a568cf4c0b619fe8479c65ac221b656

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:38:17 GMT
content-encoding
gzip
age
55
x-guploader-uploadid
ADPycduu_MGtSC2MKCatCqlyK0pcI403GTGJ_ivtPDh86E1l-IexY5-53yGHCV1A1fW5JpaKEgIXcMEN23Ii-hR-mHLpaA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48920
last-modified
Fri, 03 Mar 2023 13:47:58 GMT
server
UploadServer
etag
"aea9829accbf0fbcc9f674c464edd8e8"
vary
Accept-Encoding
x-goog-generation
1677851278521355
x-goog-hash
crc32c=u1jlKg==, md5=rqmCmsy/D7zJ9nTEZO3Y6A==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
48920
accept-ranges
bytes
lebanonfiles.com.js
htagpa.tech/c/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htagpa.tech/c/lebanonfiles.com.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e946662959e8e023c3b3d827bda7da3cf4708be8bd4deaada707a1bbd4b2c22f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1C95AXHPWNKMHZ8G
age
5613
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2701
x-amz-id-2
lFNu6cHv2pb953A18FHrKd2lT4HXCJPtNjexX2JRDMc4JwVYZ5x6P8okoacWAWt5IH1jqtlV7rk=
last-modified
Mon, 06 Mar 2023 10:57:26 GMT
server
cloudflare
etag
"aa468d7708f46053877214558cd263d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiR0GzQQrpHQCP6wUIJi22cL9IMfxe7TiW4ELNuG0yWREjVDkoqf7ZzCRAORkg8lnV%2BfXS1uPci3TQI2dePY4ibcRLS%2FXH3P5ZlkCWD65o1eOuQ6n78JY%2Baey0fkFnF3Db8xzcr18LxMyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a970392bcd29954-FRA
gtm-943bffadb016293d1cf74b6dfb8d76ae.js
www.lebanonfiles.com/wp-content/cache/busting/1/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400c031b3f3f33060b58a001393f6929ca5805005e2c600c2226390786bdec3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 18:03:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6391955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgY05JJzJ8CDGGHTYLATaIJ%2FQHiHIcB9AKBU6ENsadMPRyrLJk2wHHNR59LQ30fXmRBtKsyqW6RJxqTAglWjqTY62DiA50n8FChzla0edMpkkPlsr2IDZThT9Yl059keEATpedtJDm%2B1suKMw51A2MAN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad59016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 Jan 2024 18:03:37 GMT
lebanonfiles_11820.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/lebanonfiles_11820.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
f275a5dc030fd68ddb1aacdf1c91561dc8c3930cef98b780cad73d8574126fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:12 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5066
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a591245ed241622e99a10d81d53d702dc496ac24ccfc0590f74a8bdd80d6b81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48611
x-xss-protection
0
server
cafe
etag
7476888900463854154
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:12 GMT
swiper.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Mar 2020 09:09:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854733
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rinzuvOGURBsKfUoTr%2FpFZMS0O22%2BZzkmXUDaga5uVkmSaxi0M6shUeGxY5ONYfjjFuO%2FMuo87sADab52LMBjxfUhU4%2BTJXeqa3bNPnXUnAYbEw7Cb6QyaPKT7rKd0zD0E86AVH0St6yl4i3jB2F2M5j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad69016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
iscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/iscroll.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854733
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyOQwnZKJaxIqPY%2B8rrtpmhqh0t7lo1ojQhClPDWd%2BbkFOoAcSjjIShlWX8wVtmw92OUShuGxUIQmBZf9j6QzXJFXEhMSFtbhotJ3xrTnAyaEaCMlv4f7R2iHaPI7uN5YCBbtHWm8FCeJMI1U5L20z7%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad89016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
jscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/jscroll.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854642
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX1t%2Fnrc29cXQZAmk7EfDhk%2FU7CJ2OuzZiW7O69Hul44ze8yw67Po77Tas9WkuIZEPRnzrgZ4q95vuilfhR1WBvF5dYCXWAHLvV1G6NmE5TTltyIq6j3C0perGX%2BBgZEztkCi%2B9%2FqgE%2FKBTggewhUzXh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ad99016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
plyr.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		117 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854733
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnxcmLOlNjOYptT0RQ5oDHv4Y5qCoHzGC0Fhi5zfcH0YO8VUgfXJIbwY4WLIV90uQ1S7%2BwWWF548Lv6lb9yOU0zw6SYWBJL4RjDUjbyy01CCaYeAkugHupKbI68Vr%2BU2GhMB1mBX3%2BfwVAUxkyi2BfuD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922adb9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
anime.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/anime.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9209392
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDRhaJYPdkZVkoR7%2B48p0Jl6Ceh%2F9iV8v%2BqT9sxF30pzx1q0RBLPohLd2fThfnPgq5lQbrGUWUurAIYaLAxDFFdcPQsGevUbgHBuXTOSgrMH4bgPrwIBvflqFLXWbocT%2FkdB7ujEwNR0VVLRGtpcrxOt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922adc9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
triangle-mena-news-coverage-public.js
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/triangle-mena-news-coverage-public.js?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854641
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qpa6Tb7O5cWG9SbX7XP%2FScZLmp%2FCWPLQhHmcpzPfUWLD5I8XvbrRHHjWYpLvwN1SubgukDfa3dDwSQQc%2BSl8nTP%2FsZ6eksRNPStGJZACgfzBYb1cehZcJZYNYExN7%2FH1qFXocmXmfTgKM7qc67c9yao"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ade9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
jquery-migrate.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15854292
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi7xenKbtCylaoGwn3D4ApwULuYICWDI1Ba78elMHknZ1OmT5iI5lMNr29cosTyKAyrPyAE%2FLt%2Bc8B6NBEZe10G33lrUwsEzgvSdMwVVjrcbNLBZJfz7zb5Zqf0GX9wz9mEo0F89g32XFaAiholLM%2B1e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922adf9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
jquery.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4293516
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I%2BJIuXvjb%2FwfSELrEoWKTB3IdVn0jjpVjnnWjKFTcjMtYe3%2FPEhTZ1j6NETnFQrUC6FzlXZLwD%2FiEJOIp%2BXjakgMWbYlmvr8ecFHPIvRLnefvVdl69ZHOJd6fNJ%2FNzvfYPd1YnhlVQp2%2FG40X22EHpv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a9703922ae19016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
invisible.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0F0E 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679068800
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13afcab64b8c66c96be0eff217e95651d580ee75c4935f4ba70f617edae7fbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqaNJPr%2FD7kFDWVtpDtHIKUNJuVfF6u2bqqe18WNwaZGqJVy18%2BjAG75%2BPExism105Y%2BKawLzkNx0hWtRNIKC4cqsKCEsE%2F9elgo1nWhEkoCR3FMpuCCE0yhmmN%2BNv1UpUISq7Jmxt4tY6cdT1Cf3UJk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a9703924b0a9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0F0E 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0818942d330fd4461bb84213e1be8550aa4db81101fef7ea4f224a39c3c064

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMyTOtQRqGT1fsCPMXNcUNmkZ2%2BivRoENc5T64gMPdNeJtSo5bdqGHDyPV8BswZmwkNNLYtdfyQhsVZKLvEmutOsfDQX2IMzDftS5IUjeAunUk9zX2fZWdQajtb4lviwSb9bhPM6h4JKFa0%2Bag8LLRfw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a9703950f3a9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:36:40 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
1072726134
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 		350 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
776718c6eb0777b5e36771becca77d8794e48b443557dc8f2d35f5e1d63111a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119658
x-xss-protection
0
server
cafe
etag
5110551309772265782
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame A1FB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Mar 2023 22:45:27 GMT
etag
2378337311435320485
expires
Thu, 30 Mar 2023 22:45:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
formats.js
ad.lkqd.net/vpaid/ Frame 22FB 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1679074752.cds007.fr8.hn,1679074752.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame E267 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1679074752.cds007.fr8.hn,1679074752.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:13 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1679074753065085-384
Expires
Fri, 17 Mar 2023 17:39:13 GMT
projectagora.min.js
aghtag.tech/libs/ 		323 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: htagpa.tech
URL: https://htagpa.tech/c/lebanonfiles.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207347e1a4ad445b2848e910522f6704f7576458035f7fc4e76eb40843086003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P6X1KGJZKC9ZK6TP
age
2150
x-amz-server-side-encryption
AES256
x-amz-meta-version
2.1.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94813
x-amz-id-2
1Nnjr37Irxh+FZbeq9fB1RYgrCFlBIFFvxEsL1FEJ/uCfzvaIZkHs8wEJJ8hljRXvVLFk6aZ/ag=
last-modified
Thu, 09 Mar 2023 08:36:12 GMT
server
cloudflare
etag
"928b5ed2ca95daa414301867b8d90bbf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IexwtCQq4BRb%2FkYp3JcORUFLgdcfru2EmnMWDLgYvrq7jcCUoPId%2BSt0DZqpx5gfC%2FJhVE9fmfKt9W9bqo6zePKhuy97qrFDKRlE054PPoZrxf6gemoFKVrIveRYOEL6a7LEnSyIVZ8kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a97039608529279-FRA
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.lebanonfiles.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 17 Mar 2023 17:39:13 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
4.23.0.js
cdn.jsdelivr.net/gh/bidder-dev/prebid@master/ 		359 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5651
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230049-FRA, cache-yyz4539-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"59a64-U8CHrkDcnv5SfhljaVI67CWLEA0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYlNfqCDv%2FV7Lag6k4dJ8f6c%2Fipk28MHZh60FZKT8uNHm0lGNMnORulYLvxFktb46NkKSji0rIzzHO%2BOCavfNdYMYPjnMesh9Z7A57zeDrFiI%2Bf8AFLFocGpxA4THmlonrqnZfePRTtmPiDXp%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a9703961fb4367f-FRA
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3fd987b7f6c4b60da84129f8859c07e0ed226563cd43e99423cb03c8554e64d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
x-api-key
ab4375d6-5074-4f75-8bc8-1019cf85d964
content-type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96ec05a9961fb93dcf64c38ad356556952869c3a251f16f00420d372f5cd0abd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27472
x-xss-protection
0
server
sffe
etag
"1513 / 232 of 1000 / last-modified: 1679051351"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Mar 2023 17:39:12 GMT
tag.js
t.effectivemeasure.net/ 		0
0
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee9cf3ebc5d7942b7af27709e6cc5730ccdc6204a4c5448d98ecf55617694e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78711
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Mar 2023 17:39:13 GMT
ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 18:03:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6391954
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXgkh7SgESZVhyHOxi0qfUm10UNPednUH6orFrwlavssoe4Rd3MS4JAzoFFhVhAigHUGNX%2BoCN3xAakhRQ%2Fr5olhniHuXeuSXD3BNKJKltbR%2BRxho8qbvgnfzq%2FH96DRTvn3f16mtrF14EbkPg7RGUga"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7a970395a83a9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 Jan 2024 18:03:38 GMT
pubads_impl_2023031401.js
securepubads.g.doubleclick.net/gpt/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
444eb17b5e45f8497ffbba1c5d159235e8e0d6bd80a2871e83446e6f61ca9c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136981
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 08:37:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Mar 2024 11:56:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d28721e670e9f217b04c28a7e0cd4c54457a4603cf94d582dcd9d929c2824ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
621
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:13 GMT
lebanonfiles.com.1189476.es6.js
jsc.mgid.com/l/e/ 		250 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdea92cb6ea4c837ed6f73d78f5a41430747420a549a9c4081eb43232ebe82d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:12 GMT
x-amz-version-id
xks.Fc2lUYjeyOuTJDXukq4DVdfnMmEk
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
911Q71ZDKQ7V9FQZ
age
2585
cf-polished
origSize=255516
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
iEQsTbIZ4N12v0Qcp1jUfHnroKdvKyh3OT3rdZ2JyBeJ2+Gip+hxoPZNllF3boQ7j+ZLrmFAZII=
cf-bgj
minify
last-modified
Fri, 24 Feb 2023 13:18:00 GMT
server
cloudflare
etag
W/"4599f97de4db00e691e7e4e1636ac2f8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7a970395ccd34595-LHR
expires
Fri, 17 Mar 2023 20:39:12 GMT
7a9703905c6f8fd0
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0F0E 		2 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/7a9703905c6f8fd0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679068800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG3grzvr3YkOoTPqXAhzblfYLb95TlgknDdcyEjUZ7pMLgAmwAFLt4bhsKA0LWKSHBvhmN4%2FUGnWHQRLQ4PVt4hymLjI6YHt03NCCWYckS7613EzGajiPQgM4f8S0eYSCqLpJE8nK7n%2F%2Fe8khtMgiGHH"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a9703971a8b9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid7.17.1.js
get.optad360.io/sf/ 		495 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.17.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 15:59:13 GMT
content-encoding
gzip
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 10:13:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1474801
etag
W/"09e171853ab31e5067c8e235ae90409c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
inpmo-KJnPZZ58wMfUU6PpKZsrag6_TBBo2mQrNdK-hQq8ES07ItVg==
cookie.js
partner.googleadservices.com/gampad/ 		399 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lebanonfiles.com&callback=_gfp_s_&client=ca-pub-8745593945608202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f96bcae7a737b306756cedb90c79490a7d10eacb924b0b57f16c07ce4310454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=masthead&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1AEE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1679074753&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679074752818&bpp=7&bdt=698&idt=352&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8250620160083&frm=20&pv=2&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44777877%2C44759876%2C31072952%2C31073058%2C31073098%2C31073104%2C44786499&oid=2&pvsid=667768734399428&tmod=1824094892&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=386
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
503a5a594fd98409fca2b16782f3d380f7ed158256babf01241846d9666f901c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:13 GMT
expires
Fri, 17 Mar 2023 17:39:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=634927576&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%B9%D8%AF%20%D8%A5%D8%AE%D9%84%D8%A7%D8%A1%20%D8%B3%D8%A8%D9%8A%D9%84%D9%87..%20%D9%88%D9%84%D9%8A%D8%A7%D9%85%20%D9%86%D9%88%D9%86%20%D9%8A%D8%A4%D9%83%D8%AF%3A%20%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%D9%84%20%D9%85%D8%B9%D9%8A%20%D9%85%D9%86%20%D9%82%D8%A8%D9%84%20%D8%A7%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A9%20%D9%83%D8%A7%D9%86%20%D9%85%D8%AD%D8%AA%D8%B1%D9%85%D8%A7%20%7C%20LebanonFiles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1439748201&gjid=1280114440&cid=851671611.1679074753&tid=UA-60620050-1&_gid=420777504.1679074753&_r=1&gtm=2oubu0&z=1572859756
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1238494&@f16&@g1&@h1&@i1&@j1679074753241&@k0&@l1&@m%D8%A8%D8%B9%D8%AF%20%D8%A5%D8%AE%D9%84%D8%A7%D8%A1%20%D8%B3%D8%A8%D9%8A%D9%84%D9%87..%20%D9%88%D9%84%D9%8A%D8%A7%D9%85%20%D9%86%D9%88%D9%86%20%D9%8A%D8%A4%D9%83%D8%AF%3A%20%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%D9%84%20%D9%85%D8%B9%D9%8A%20%D9%85%D9%86%20%D9%82%D8%A8%D9%84%20%D8%A7%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A9%20%D9%83%D8%A7%D9%86%20%D9%85%D8%AD%D8%AA%D8%B1%D9%85%D8%A7%20%7C%20LebanonFiles&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-93653902&@b3:1679074753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1-%D9%85%D8%AD%D9%84%D9%8A%D9%91%D8%A9%2F%D8%A8%D8%B9%D8%AF-%D8%A5%D8%AE%D9%84%D8%A7%D8%A1-%D8%B3%D8%A8%D9%8A%D9%84%D9%87-%D9%88%D9%84%D9%8A%D8%A7%D9%85-%D9%86%D9%88%D9%86-%D9%8A%D8%A4%D9%83%D8%AF-%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562579.ip-54-39-156.net
Software
/
Resource Hash
8b7f2152445dd2163476d9737488b8a4b627fa26bf2a53a5ef757ffc94fb16c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:13 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
usync.html
ad.lkqd.net/cookie-sync/ Frame 191F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 17 Mar 2023 17:39:13 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1679074753.cds007.fr8.hn,1679074753.cds288.fr8.c
ad
v.lkqd.net/ Frame E267 		180 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1115699&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=22858383&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
usync.html
ad.lkqd.net/cookie-sync/ Frame 40C0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 17 Mar 2023 17:39:13 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1679074753.cds007.fr8.hn,1679074753.cds288.fr8.c
ad
v.lkqd.net/ Frame 22FB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=44178689&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
eda1bd91720080fa90dad8c1174930de3af2d69fe135519fbb729d91ef77a707

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1633
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84ef5a6a9fd3bdc28d9e32a44b7b7e38f4d9f3dde03417912f12327efd90235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5902
x-jsd-version
1.0.1649
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"633-2jbGiC/StRh88u78+IQnVTqWfbY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLj1u9z5AOIQQ3er7j5jIMuVip7uowEiPwCJJZZ4elNDg7MiIdtqQeH7NXoC9imXz3VIFalCOzKDV5EaHvRQAKdcZUnahqO33yQtZ5taIdDqMl3RutCRZmkayBmN187bzI07fKMiPi1pcsKgRX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a9703988ddf39ec-FRA
3782e098-f516-4337-baf3-b4d0bdc26b9a
https://www.lebanonfiles.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.lebanonfiles.com/3782e098-f516-4337-baf3-b4d0bdc26b9a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
b405974a-a2e9-4fa8-bd1b-be9d01cce915
https://www.lebanonfiles.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.lebanonfiles.com/b405974a-a2e9-4fa8-bd1b-be9d01cce915
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G4EQ7NKTZM&gtm=45je33f0&_p=634927576&cid=851671611.1679074753&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679074753&sct=1&seg=0&dl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=%D8%A8%D8%B9%D8%AF%20%D8%A5%D8%AE%D9%84%D8%A7%D8%A1%20%D8%B3%D8%A8%D9%8A%D9%84%D9%87..%20%D9%88%D9%84%D9%8A%D8%A7%D9%85%20%D9%86%D9%88%D9%86%20%D9%8A%D8%A4%D9%83%D8%AF%3A%20%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%D9%84%20%D9%85%D8%B9%D9%8A%20%D9%85%D9%86%20%D9%82%D8%A8%D9%84%20%D8%A7%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A9%20%D9%83%D8%A7%D9%86%20%D9%85%D8%AD%D8%AA%D8%B1%D9%85%D8%A7%20%7C%20LebanonFiles&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xtb.min.js
cdn.exitbee.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exitbee.com/xtb.min.js
Requested by
Host: aghtag.tech
URL: https://aghtag.tech/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1355
x-guploader-uploadid
ADPycdsoRn_FziUbR-aqbaeUdXVyggQ6Jf7qelJ6D9KXB7w--QJsPR8zobtY83c7ElrXcvDmnWXRYluHKMDJr6v6sm2WIQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 19 Oct 2022 12:26:43 GMT
server
cloudflare
etag
W/"903b1d44ea177befd6f3c248cf8208fd"
vary
Accept-Encoding
x-goog-hash
crc32c=iVmvWg==, md5=kDsdROoXe+/W88JIz4II/Q==
x-goog-generation
1666182403691268
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BEBLmG3IYmgw7KhP8w88ywnpExaeywNnOLTm7a2Nz3ySvT87INC6j81Olwj3Xp9qwToUFAEuVVEwXqoxsHCGSLDzUN5cWVNvmtBchscGLeK14avvAGeCYsRktJ%2BLyioDRtkaqxE0LYY3Qh2ewg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
59559
cf-ray
7a9703993f562c72-FRA
expires
Fri, 17 Mar 2023 17:46:09 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230317
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84ef5a6a9fd3bdc28d9e32a44b7b7e38f4d9f3dde03417912f12327efd90235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5902
x-jsd-version
1.0.1649
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"633-2jbGiC/StRh88u78+IQnVTqWfbY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh4ts6ylxtzDAU1zFfExy6xPDmkgoy4kjJvBN6DekVRfoJF0jTjB9x7E5te1KNpp17K4OdmbYYvNbvNNggs%2BcuZDsuK0eCmeTRnz3GrnJGTUKlFLxXg3GJElXQfOsicFVLLAeOzeeagabILMsjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a970398ee7c39ec-FRA
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60620050-1&cid=851671611.1679074753&jid=1439748201&gjid=1280114440&_gid=420777504.1679074753&_u=YAhAAUAAAAAAACAAI~&z=364846360
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Mar 2023 17:39:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 191F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=abf2b596-47bc-4b7b-a970-3fec4f1212de
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=abf2b596-47bc-4b7b-a970-3fec4f1212de
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=abf2b596-47bc-4b7b-a970-3fec4f1212de
date
Fri, 17 Mar 2023 17:39:13 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 191F 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 191F 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 191F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2729649020676050453
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2729649020676050453
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2729649020676050453
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 191F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Date
Fri, 17 Mar 2023 17:39:13 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 40C0
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
date
Fri, 17 Mar 2023 17:39:13 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 40C0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 40C0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 40C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 40C0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Date
Fri, 17 Mar 2023 17:39:13 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
invisible.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0F0E 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679068800
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b23f71822fa35c7de72d378157aa2c53849c4e214b621516ccdd28744078a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6v%2BmDtfIgV36bUlCBEijR4mYR2cogOog2zUsv7M04gvTeHjCf8MlQd8E%2BMuwBhrBZNVtwcTwhBB4C38zcR8AnXLYukH1m7BH4AiL433wVgPe1Vwgfa0J4e8KtNsymjhT3O9zBiOFxmhpE233azXbjS8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a9703991cf39016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26623ec57b6c6eea6fd54e3144c836d63a96ca3d9e8e3e4f9adcdcbcb0761820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11259
x-xss-protection
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=935320056.83480731937808639.560667
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=935320056.83480731937808639.560667
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f&google_hm=MTllYWI3N2MtZWZmOS00MDI2LThlNjItNTNlNTFjYzQzZTRm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECy-CBmyFj0pndjHwS79TRI&google_cver=1&ssp=vidoomy&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
date
Fri, 17 Mar 2023 17:39:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2157
etag
W/"3d37cd0d64713e75df2c67fb7c907496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7a9703993e919195-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 20 Mar 2023 17:39:13 GMT
imp.js
fd.tesseradigital.com/ 		0
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fd.tesseradigital.com/imp.js?_pid=163594704&_ouuid=aTliASvt2fubzjY6UhdAOj5S2hlNtq7wqqAT1cYDLeJf&_oprio=0&_oref=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Requested by
Host: tpx.tesseradigital.com
URL: https://tpx.tesseradigital.com/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.91.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:37:57 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Friday, 17-Mar-2023 17:37:57 GMT
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
content-length
0
content-type
text/html; charset=UTF-8
sdk.js
connect.facebook.net/ar_AR/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=05d5d657a0d38d3485be2a91e670c07c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b3b95d4eac63cf3698118392c8d6e6902a9deef2cfc178158a612285fd04ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Mar 2023 17:39:13 GMT
content-md5
x1rU82jZfmYXu/F9rlPfzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88838
x-fb-rlafr
0
x-fb-debug
j3S9V5VQK6QszuYSZh8jGrVTDb40uKzXTbJLhlIoPTh2pqvJCpNwbtKmc+HampxDIKWzxxI7dbDLXXs8kpBmQQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
x-fb-content-md5
b85e95e771e6b24713c62628799c3604
cross-origin-opener-policy
same-origin-allow-popups
etag
"9e7dabea345f43f253a5370be593c6de"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 16 Mar 2024 15:59:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 16:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166267
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 02:02:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 16:41:17 GMT
admin-ajax.php
www.lebanonfiles.com/wp-admin/ 		28 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=b0dad09f42
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772b6412479aaa7d946a63e7cf3780cd3fcf40efb90ea3154ff2bacd2b01f3cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cf-powered-by
WP Rocket 3.4.4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ObdCvndPuij3x90fRnF4IGXCIRaS2CHtAnzAKrHxdJtAOU5MHH7PQamB1%2FtvcbJfMpUZ55AbmYJ%2Byi46saCNySzbCRWHyrJWLS7uQYl6HVtz8lDHeZuKnRCIU9FZs0Td9rZNjm%2BQfOZP9wmUw7gkRPo"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
7a9703994d389016-FRA
itw-cache
BYPASS
expires
Wed, 11 Jan 1984 05:00:00 GMT
rum
www.lebanonfiles.com/cdn-cgi/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.lebanonfiles.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7a9703995d549016-FRA
incoming
tpx.tesseradigital.com/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
last-modified
Friday, 17-Mar-2023 17:39:13 GMT
server
nginx
0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
api.audiowat.io/fetch-audio/ Frame F8A9 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:583 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcc02c1d504c49c614fca88e36c16e1f0da38477b698cef4bbd8ba509ffda69

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a97039a2af99bd6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXeg3RIkPvRLM1pqKV%2F0Vmq1lfne9xOKtywGRYMvXxLBrnGHUgj5rkbKGUfUY6dafbXSNs9%2Fx%2BkEIXfuOIVactxguEfKbnRm5fn729WkeFpMO5uvx7me05PfSOTQ52EyNjlQWEuj9axcuTV9yjE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=RV0UR9OI&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&tcfc=1&t=1679074753507
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.40.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-40-0.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d9f33096b8532a3128a70b3b36bbf4cbaaa841cda67b385c4ffa18b54eabbd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
pica.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0F0E 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df6bf1f9974a1194c6281c470821766bdd5234f827c85574c29a23b2535ad55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62WqwxFbY2Mv5m8ElheGN41avhvSkBFCTwmAOhXquRGjPIi8S1DvM5J4s0MAdmAvLLsMGEbsHjdq14VLurYUYQXhqaJ%2FqUavaJMXlT6XvqHEVrK%2Fz5Asl7plQYOQjXadCzruApux5lKVQD0OgxNOVn7m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a9703998da59016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
settings
s.exitbee.com/7992/ 		0
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.exitbee.com/7992/settings
Requested by
Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.50.85 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

xtb-zip-code
10178
date
Fri, 17 Mar 2023 17:39:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
nginx/1.17.7
xtb-visit-duration
120
xtb-city
Berlin
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
Xtb-Vid, Xtb-Visit-Id, Xtb-Visit-Duration, Xtb-Country, Xtb-City, Xtb-Zip-Code, Xtb-Pageviewid, Xtb-eb-response
xtb-pageviewid
a274a88d-c822-43a6-a813-fafcbad59c6b
access-control-allow-credentials
false
xtb-country
Germany
xtb-visit-id
e6778e71-de03-4f67-9d1e-bde94ba84b07
xtb-eb-response
21
xtb-vid
9ed31cdd-c8ce-4af0-9e85-9d0bac6e9265
content-length
0
settings
s.exitbee.com/7992/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.exitbee.com/7992/settings
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.240.50.85 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.lebanonfiles.com
content-length
0
date
Fri, 17 Mar 2023 17:39:13 GMT
server
nginx/1.17.7
strict-transport-security
max-age=15724800; includeSubDomains
/
c.mgid.com/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1679074753546768265466&uniqId=030d6&lct=1677196800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1-%D9%85%D8%AD%D9%84%D9%8A%D9%91%D8%A9%2F%D8%A8%D8%B9%D8%AF-%D8%A5%D8%AE%D9%84%D8%A7%D8%A1-%D8%B3%D8%A8%D9%8A%D9%84%D9%87-%D9%88%D9%84%D9%8A%D8%A7%D9%85-%D9%86%D9%88%D9%86-%D9%8A%D8%A4%D9%83%D8%AF-%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%2F&lu=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&sessionId=6414a5c2-09a85&pageView=1&pvid=186f0a77c0b81e183d6&site=742725&implVersion=11&dpr=1&tfre=1424
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a970399dc314595-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
2eec058a-0916-42c8-bacf-aebcc20e7e99
https://www.lebanonfiles.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.lebanonfiles.com/2eec058a-0916-42c8-bacf-aebcc20e7e99
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
web
onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908e524d74c4a27b027a61f3782df68c03f7cd9e14ae16b44ea67f8897915d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2400
cf-polished
origSize=3427
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9dd6b18c-48fc-4c57-abc2-22e4f6ee91bd
x-runtime
0.026062
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a13c1e504db3cf7f115d41c904bbf21e"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7a970399ffbd9195-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 17 Mar 2023 18:39:13 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
KZHG8W3F9TBRMAND
age
4418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7a97039a0c724595-LHR
expires
Sat, 18 Mar 2023 17:39:13 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YX26RVNEGW9X6AWK
age
4045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7a97039a0c744595-LHR
expires
Sat, 18 Mar 2023 17:39:13 GMT
comments.php
www.facebook.com/v7.0/plugins/ Frame 341A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v7.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164a1fecb0d748%26domain%3Dwww.lebanonfiles.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.lebanonfiles.com%252Ff28f4cf19884174%26relation%3Dparent.parent&container_width=650&height=100&href=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&locale=ar_AR&sdk=joey&version=v7.0&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=05d5d657a0d38d3485be2a91e670c07c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f128:83:face:b00c:0:25de Sofia, Bulgaria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Mar 2023 17:39:13 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
fMJW/lO6X1IdndcBjbVi4e36ARGYVGBYyCr9p7TKWPcVsvEHqlfxAO8rIhPjNNwS0ZjHZanJT2vq/Y5m/64UKA==
x-frame-options
DENY
x-xss-protection
0
7a9703905c6f8fd0
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0F0E 		2 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/7a9703905c6f8fd0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679068800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcIYxLzcOQu48W2bGAvswk%2F2SRQijW4tRf7v44avkTHGYNHBBSbqpvHaKAOVmJbe8QyI6ClQM5Nr6SHzyGKBMNZ9XbiBNi6WlaBVtOe4Tec%2FY%2BQCf6F5ViwrVJziQIlMc7qzhBkJFjryYhFqSxxMhGC%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a97039b383f9016-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Mar 2023 17:39:13 GMT
1
servicer.mgid.com/1189476/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1189476/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=167907475380474386045&uniqId=030d6&lct=1677196800&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=700&h=1418&maxw_3=227&maxh_3=200&cols=3&ref=&cxurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1-%D9%85%D8%AD%D9%84%D9%8A%D9%91%D8%A9%2F%D8%A8%D8%B9%D8%AF-%D8%A5%D8%AE%D9%84%D8%A7%D8%A1-%D8%B3%D8%A8%D9%8A%D9%84%D9%87-%D9%88%D9%84%D9%8A%D8%A7%D9%85-%D9%86%D9%88%D9%86-%D9%8A%D8%A4%D9%83%D8%AF-%D8%A7%D9%84%D8%AA%D8%B9%D8%A7%D9%85%2F&lu=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&sessionId=6414a5c2-09a85&pageView=1&pvid=186f0a77c0b81e183d6&implVersion=11&dpr=1&tfre=1681
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c91cf3d59a05f7b05088e8a7e1da9729de1fbbdf6f0b343efdd528990f2ea28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7a97039b7f264595-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2152
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7a97039b9c4103cd-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 16 Apr 2023 17:39:13 GMT
events
analytics.leya.tech/ 		188 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103

Request headers

x-api-token
d72dc3aa-077f-4497-9920-7fc4a89fa510
Accept
application/json, text/plain, */*
Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
server
UploadServer
x-guploader-uploadid
ADPycdu2KGS0boB56OpMdkClNkBhEQmemtUpkwKokUz8RlK0bbezXVsjZvGAmIePqZFmv7oILpD-jPSNatCLW7VvsU_zAA
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events
analytics.leya.tech/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-token
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.lebanonfiles.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Fri, 17 Mar 2023 17:39:14 GMT
server
UploadServer
x-guploader-uploadid
ADPycdslbypFFcNMxMl7RJjDQrQKkM9AM5oSOLs0l3hp6PgfWmnLxDv3HUk4mlstAhaIZ9EczqXTGR11SE9f5a_laY-GZg
/
adx.adform.net/adx/ 		90 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkyMzU0NiZ0cmFuc2FjdGlvbklkPTkyMDVkYTMxLWM2Y2EtNGRkZS04YjM4LWI5MzY5NWViNDA4MSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NiZ0cmFuc2FjdGlvbklkPWY5MTE4OGRiLWU4OGQtNDEzZC04MGI3LWNmYWY1YTRlMjdkNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NyZ0cmFuc2FjdGlvbklkPWY5MTE4OGRiLWU4OGQtNDEzZC04MGI3LWNmYWY1YTRlMjdkNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1OCZ0cmFuc2FjdGlvbklkPWY5MTE4OGRiLWU4OGQtNDEzZC04MGI3LWNmYWY1YTRlMjdkNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3OCZ0cmFuc2FjdGlvbklkPTlhNjYyYmRhLWNiYTYtNGFjNy1hYjFiLThlMDA0MmYzZjJiNiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MSZ0cmFuc2FjdGlvbklkPTQ5MmE1OGM0LTY4OGEtNDFiOS05ZjRhLWZmNjQzYzliOGY1YiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MiZ0cmFuc2FjdGlvbklkPTQ5MmE1OGM0LTY4OGEtNDFiOS05ZjRhLWZmNjQzYzliOGY1YiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MyZ0cmFuc2FjdGlvbklkPTliMTRjZmM0LWUxNDUtNDAwMi1hZmU3LTE1MDU3MWVkMzRhYSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NCZ0cmFuc2FjdGlvbklkPTliMTRjZmM0LWUxNDUtNDAwMi1hZmU3LTE1MDU3MWVkMzRhYSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NSZ0cmFuc2FjdGlvbklkPTliMTRjZmM0LWUxNDUtNDAwMi1hZmU3LTE1MDU3MWVkMzRhYSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NyZ0cmFuc2FjdGlvbklkPTYyODY1NDE0LTgwYjgtNDUyMi1iZmM2LWYwYWFjNmM4NTUyMSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NiZ0cmFuc2FjdGlvbklkPTI4YjJkNzE1LWRhYmMtNDg0NC04ZDM1LWVmOTZhMTQxZDVmOSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU0OSZ0cmFuc2FjdGlvbklkPTFmZDA2MzM3LTY0NzctNGVhOS1hNWE1LTI2NzNhY2ZhM2ZkNyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MSZ0cmFuc2FjdGlvbklkPTFmZDA2MzM3LTY0NzctNGVhOS1hNWE1LTI2NzNhY2ZhM2ZkNyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MiZ0cmFuc2FjdGlvbklkPTFmZDA2MzM3LTY0NzctNGVhOS1hNWE1LTI2NzNhY2ZhM2ZkNyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NSZ0cmFuc2FjdGlvbklkPWEyMGRjOTI1LWQzYjItNGEyOC05YWI2LWViZGQ0YjA3ZWUyNiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3OSZ0cmFuc2FjdGlvbklkPTcxNDJjNGNmLWQyMzAtNDc3MC1hYzkyLWNkMjMxMGE5OTZmMSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MCZ0cmFuc2FjdGlvbklkPTcxNDJjNGNmLWQyMzAtNDc3MC1hYzkyLWNkMjMxMGE5OTZmMSZyY3VyPVVTRA%3D%3D&pt=gross&stid=3046c173-9d69-48fb-8456-116638b3fc09&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImUzNDY2YzhhLTM4MjgtNGE3ZS1hZjFkLWE5ODU3MWMxMDBlMSI6WzFdfX0%3D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04db1928cac9786ab103fd8921943f73e1e58330f9894c7b908cb9d6b962da4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.lebanonfiles.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
arj
adsparc-d.openx.net/w/1.0/ 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsparc-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9205da31-c6ca-4dde-8b38-b93695eb4081%2Cf91188db-e88d-413d-80b7-cfaf5a4e27d4%2C9a662bda-cba6-4ac7-ab1b-8e0042f3f2b6%2C492a58c4-688a-41b9-9f4a-ff643c9b8f5b%2C9b14cfc4-e145-4002-afe7-150571ed34aa%2C62865414-80b8-4522-bfc6-f0aac6c85521%2C28b2d715-dabc-4844-8d35-ef96a141d5f9%2C1fd06337-6477-4ea9-a5a5-2673acfa3fd7%2Ca20dc925-d3b2-4a28-9ab6-ebdd4b07ee26%2C7142c4cf-d230-4770-ac92-cd2310a996f1&nocache=1679074753905&pubcid=e3466c8a-3828-4a7e-af1d-a98571c100e1&aus=728x90%7C728x90%2C970x90%2C970x250%7C300x600%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250%7C300x600%7C300x250%7C728x90%2C970x90%2C970x250%7C300x250%7C300x250%2C300x600&divIds=LFiles_728x90(1)%2CLFiles_728x90_970x90_970x250(4)%2CLFiles_300x600(2)%2CLFiles_300x600_300x250(2)%2CLFiles_728x90_970x90_970x250(3)%2CLFiles_300x600(1)%2CLFiles_300x250(2)%2CLFiles_728x90_970x90_970x250(2)%2CLFiles_300x250(1)%2CLFiles_300x600_300x250&auid=543842992%2C543843004%2C543842998%2C543843007%2C543843000%2C543842994%2C543842991%2C543842996%2C543842987%2C543843003
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8e58689759c405ffb5445572cc884bc90dfa7746bd6c6689aa4f373e6b5c8b67

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		50 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
25eadbb0-5d08-49e6-9c82-922fdca91fe1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
d756065a-2b62-4b9b-beba-5ca336aece0f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iat-realtime-7.0.0-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.0-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=RV0UR9OI&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&tcfc=1&t=1679074753507
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
9750f710e33b68e3d4551759753b699afe70c81f26c8fe5082ea16b3b1dd18ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
cdn-edgestorageid
1079
x-amz-request-id
NNRTBSCNV6YZDRWP
cdn-cachedat
01/05/2023 11:06:19
cdn-pullzone
55316
x-amz-id-2
wT2Ocn8B8pirl/oFusajny1VgfQNWcRa5VJT1HOWG032PdIDehx1U4ckEG1lcoX82cPUSqJUNHo=
last-modified
Wed, 30 Nov 2022 11:44:52 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"9f16ca7f10cfab5056d5839d2a54ed4c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
ab5ff1c1aac51d2832413786fe3af465
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
iat-1.11.2.js
cdn.insurads.com/ 		110 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.11.2.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=RV0UR9OI&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&tcfc=1&t=1679074753507
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
e45aac94911c702627ff8f85358938607c804a9ccc5d398e0f329af005f28e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:13 GMT
content-encoding
gzip
cdn-edgestorageid
865
x-amz-request-id
H2MBCTW2AJFRFFFP
x-amz-server-side-encryption
AES256
cdn-cachedat
03/16/2023 10:51:28
cdn-pullzone
55316
x-amz-id-2
hPdX9Kl5NJZJZUUTL7cCbev6qt/x46VcAOErzqf4C+z4f35+Tbg6bWEeN6rUiUNxDdHVWmCNIDo=
last-modified
Thu, 16 Mar 2023 10:46:12 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"32b651398dad3b58542993d62b56382f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
1442be0f6e68cc0894ffe5a3c058a86c
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		139 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=2490&vId=0563F5ECBFBE9FA4&s=2910&fpc=1&nv=1&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&tcfc=1&lts=0&ts=1679074753933&iatId=df9e2e96c56d1c20b3000c95b5eb6f61&iatIdB=aecda175d7312b533643e6ddd262e889&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=BUUEIZEBOM
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.40.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-40-0.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d8f2e8e473ec5e0911acc1c656a1365cdbbab0f8b8e9592eec15c5c2ff41432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E43D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 15:42:34 GMT
expires
Sat, 16 Mar 2024 15:42:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 34DB 		783 B
917 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
12dd7b8755a638f1651e503474007d9657a60b3f6d6ddec1ff3db40fc49479a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TMs0rG262qmraR9BpLNiBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-TMs0rG262qmraR9BpLNiBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:13 GMT
expires
Fri, 17 Mar 2023 17:39:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
icon
onesignal.com/api/v1/apps/526a87ee-0554-4141-869b-9284da88eaea/ 		192 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/526a87ee-0554-4141-869b-9284da88eaea/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e99dceb74dfc52a12a56efb5233ec8616a7783b901b41bbb6c9101ab6a2a0f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b9790bd9-d13e-4b75-9e2c-c90c093b31e1
x-runtime
0.009134
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0e99dceb74dfc52a12a56efb5233ec86"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7a97039c8d1691d1-FRA
access-control-allow-headers
SDK-Version
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1SAKNE8T99VM7FFV
age
5041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7a97039c8c9d2403-LHR
expires
Sat, 18 Mar 2023 17:39:14 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YX26RVNEGW9X6AWK
age
5040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7a97039c8c9f2403-LHR
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/473/226/416/c61acfac-5d26-482d-96f1-84a18761e145.jpg/16x9/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/473/226/416/c61acfac-5d26-482d-96f1-84a18761e145.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08129002a7756b17e0aae7e3ed9d34b35c452ed45b5257cd6d3facaf5bd7ba00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Nov 2022 13:15:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63875782-4de9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPkqVx5VZ4Ctq3KeT6TO4ZjwVgCJrF18360t4xtyAeneN%2Bw3TNY52hfx3ZOlY1JA7klAi1nKVkMMSkGXmGG0XKd3J7ZcJDnOEg%2FZ26stRYrLFiOLJX%2FHkPYRD3NktT7I5LdJnE6r0eNaMFAZtaG23Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3248bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14187
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/472/308/99/810a8606-920c-408f-a375-7d280dc8ed02.jpg/16x9/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/472/308/99/810a8606-920c-408f-a375-7d280dc8ed02.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dccf7f9810606ee70b59dc3af133a2c6199140065491e63c552d81354f0c3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 17 Mar 2023 15:09:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"641482a3-a46f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pHVK1nXaXMicYpYbLbEw%2BQC2r8Wuyqj%2Bj1MF%2F3zH51nfb3JGPso6dKk0cauMwZrVTUFukJKEt34ut7Mc0oLFNwrI0kICIAe6i86t5NNEv%2FNnbImGhRuvLA0NUkSKwGBR8Vy5DkTPxpdhATTaLOwXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3548bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13245
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/178/319/0/69117d97-8d5d-42d0-911c-26e6be3f7af7.jpg/16x9/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/178/319/0/69117d97-8d5d-42d0-911c-26e6be3f7af7.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87f2930339039d1c0b978a4de532ff29545bc906099c5780c7e115a27310bca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 17 Mar 2023 14:47:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64147d99-18e06"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saDkPsE64Z1dKSD0g7noIx1XqlQZSRiHs0be2p1kbK%2FevUyvwfpQN%2F5%2FMlkne0T3nzs7Urx1QojGi%2BVSVC04o0mvTZpIaDvkvBeMZYb5Dw2ppiMdHPg5EO0%2Fmix4kXadITRTwuyAIRgaTBWZ7KBp5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3848bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25998
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/252/412/87/16452f7a-6c74-468b-83ef-44795b592384.jpg/16x9/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/252/412/87/16452f7a-6c74-468b-83ef-44795b592384.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66dd4920233a86773bc204a66cb444074c0d5fdc21ef69b75ad12740a109a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 03 Feb 2023 13:07:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63dd0721-117fc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4g4Hs6g7Jqm2pudcsMrv8Qe5ZYl7L3JTZ9BIk5VLAhKasVLJ%2FRJp85jXqvuerYEY42Ek%2Ftsmhi%2Beem1HQJAseiXfmDtrJY37MmOjWU9UxR3GkKN5QxMHL8N5yuWmN%2BXxVSGKd2znuCTCCqTQjTFPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3a48bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22707
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/418/279/191/95fd7307-8004-4cef-84f1-be954fc452c6.jpg/16x9/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/418/279/191/95fd7307-8004-4cef-84f1-be954fc452c6.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77df3f5f36dfe87379ed9476607f59f01836ff276dc01b940d8f89514c80efd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Mar 2023 14:49:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64108973-1f75d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o15UtrN55Sklf3Pgfqr3pQpoG2U320H4ufnoeVaRSNKPfO5X8NAY2nDa51ebjHqZPhChbeuz6xJRrxa9Lg9SSfJGKuJ3FSwo3EQwoiEImtgLy30UWoq6Cx820t80%2FVZgWB0foAeiUWlmGYS%2BK7aEuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3b48bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33591
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/120/307/258/e8d075eb-341c-4bac-b156-c4eeac0b3e9e.jpg/16x9/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/120/307/258/e8d075eb-341c-4bac-b156-c4eeac0b3e9e.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47378a92a4ec690858a4da12d307d31318a38e2f2025730ac71807ca70710ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 31 Jan 2023 16:34:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63d9430d-14af5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhxvx6uaHXosDng%2BYvIee129QtmX2e3h1mU3gOK8MyiAEdbpYkUZ4eO5bwSmKAfpLna0VS9tSyiPvxjk%2B30PTCU1mXRK%2BpLSt3wn4ex%2Fm6xb5n5tQdmSt33iKcUQY1YLwsoJ8Ijb5SRMfw4AfpU9Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d2b3c48bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26992
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/285/103/492/ac4a2774-80dd-473e-85ca-f9752cb9f61f.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 16 Mar 2023 11:48:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"641301f5-c10d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2m9R0wlv%2BCdja5T19Xjjrfc3wyNtYBWdUIuvkj5obS5Qk0ukYq2DIjtMgMACH%2BXnzy05E2c3Q6PH5nPD%2BN20h6EQwvhpHHI12Pb5v6VdWqz%2BbOjvBQHemqhnR7qS%2BdIoDfaCxIEFq1xLX2r82gV3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d4b8148bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16851
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/34/169/317/dcd69bfa-6c68-47a1-8f08-4d31ddb93afe.jpg/16x9/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/34/169/317/dcd69bfa-6c68-47a1-8f08-4d31ddb93afe.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b083b66445b283153512fda283018c691ef8610dbea80a0b1282b5527032b918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Mar 2023 14:41:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6410878d-2e57d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHN4cY3Ko6j%2BEaP6VuzJD3ngHasDY2Q3T0NmXSCT%2BN%2FuF4aXpWvXKATD6t23d09VqorMaOy79pFWWh8CPEbxvMGSb74dPcA5wclHTmab1MK6Ug03gS%2BqDtfjqSB717JJKfAAMTkudW0vzwh%2F%2Fdpuiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d4b8348bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36484
expires
Sat, 18 Mar 2023 17:39:14 GMT
492
img.rtbsystem.org/403/222/157/ee865266-71e6-447b-8cc3-e91068d84b53.jpg/16x9/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rtbsystem.org/403/222/157/ee865266-71e6-447b-8cc3-e91068d84b53.jpg/16x9/492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e13823362acf879454f804faa5af4b68dba238411a4d2b09777bd3c5a78d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 16 Mar 2023 11:49:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64130262-117d2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRywhapxWmJqAqR0HCgLIeS91s6LAfUckWmTymJc2VqjXvbS1oex0Fs6A84SE2odXrDcLCaf4lHAJtkhOvY8vdj1DSoYum77k9oeb7bFzXg5LiXu7dsVNjUZgQRfkPOZsHT4Pz8vjd1mNaZxlLQ%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7a97039d6bd148bc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16248
expires
Sat, 18 Mar 2023 17:39:14 GMT
skeletons.css
api.audiowat.io/css/ Frame F8A9 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.audiowat.io/css/skeletons.css
Requested by
Host: api.audiowat.io
URL: https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:583 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989ed7368c77cf5967ad412c84e9048c26abbba2779f7aab0cbb2d3e89dd58f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Feb 2021 09:18:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3986
etag
W/"601bbc02-2151"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B1sITkzhdkqwIz2jh91BREXAP7hW3JJHN%2Bn2nQ5HOXY1NyHMI%2FcFw0BH6kS%2F7sNUXL5LkjFQlDbdpE3i3uFUFVwYwD7TRaq3KOO7URYXpd0jXN3G9zFdi9fK8StGa3B7LKWY%2B7QqdtopSlqMXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7a97039cbffb9bd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.5.1.min.js
api.audiowat.io/js/ Frame F8A9 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.audiowat.io/js/jquery-3.5.1.min.js
Requested by
Host: api.audiowat.io
URL: https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:583 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Jan 2021 09:58:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4096
etag
W/"600e963c-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xf7EdxJ4C9arO4O60N6P3ljvEkIBGmdktisnMdOnLKpbK2KYh142GRZrFiRszBHIKchgmimvU%2BFoW6urYKEl%2BiHvDtS%2BlB0vLaPyVYBnWKsVNyxH7kv%2BGEwhv33ZLtlSAMaq0G7zxvalo4lXFQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=43200
cf-ray
7a97039cbffc9bd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KwikLink_311592e7-13f8-4268-b02a-633895abae3b.js
player.kwikmotion.com/ClientsTemplates/paudio/ Frame F8A9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/ClientsTemplates/paudio/KwikLink_311592e7-13f8-4268-b02a-633895abae3b.js
Requested by
Host: api.audiowat.io
URL: https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493479b2fda31e00b9e746eb408a83b8fe71b63be559c3a1e19b3178c0b90356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 03 Jul 2020 21:57:04 GMT
server
cloudflare
etag
W/"0780e38451d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TIG%2BwIzw5BWo6AZ%2BiVBFnitKAr1TMxQsXIQTL%2FD216BSRhMLm4p38NM87Twlq0uVSUPwcJK7EOj3wIr%2FijbbE%2BUL11zRMRmbu%2F5EIrFIVHD7tA%2BToAjAX9cThBV%2F8Q046PT0yhb9q7OcjFZCbkxy51UbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039d581b39be-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
sodar
pagead2.googlesyndication.com/pagead/ Frame 34DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=667768734399428&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame E43D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
i.js
cm.mgid.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1679074754033254829712
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7a97039cfa024595-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame CF71 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1679074754042223239411
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7a97039cf9fd4595-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
037BTZQJKQYKWKAR
age
3185
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7a97039d9b399a1d-FRA
x-amz-id-2
3ZDyDSgeRfyVVSAh3GfxJ4kNQciMYKTi/55hDh5DYTNL8pcmXctUGv5WpwM5NjY4JdFsL/rHnS4=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		190 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/l/e/lebanonfiles.com.1189476.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 07:52:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=42140
accept-ranges
bytes
content-length
60066
expires
Sat, 18 Mar 2023 05:21:34 GMT
49618d2e-156c-41fa-9b38-03ef0a959e70.png
img.onesignal.com/permanent/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/49618d2e-156c-41fa-9b38-03ef0a959e70.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7197f1eed16b76fafdd92ae8a32ad34270dcdde0d20f1ff581c8b11c95f428a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
536
x-guploader-uploadid
ADPycdvhlAPBGqLVsRJDJtepIk1kGlSKwghfz2nmRxOPBj65d2pEXX7VmZ5aLZGAKnLFS0YkG6p1frTzJHtOu0Mn4Fe8GFSX2_pR
x-goog-meta-x-goog-source-etag
"da76a47be92b4d4f13dddefa2274ac8e"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6372
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:18:06 GMT
server
cloudflare
etag
"-CK3UtcyGlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676344686373421
content-type
application/octet-stream
x-goog-hash
crc32c=lsvVYQ==, md5=2nake+krTU8T3d76InSsjg==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
6372
accept-ranges
bytes
cf-ray
7a97039dad3d9195-FRA
expires
Mon, 17 Apr 2023 17:39:14 GMT
KwikMotion.js
player.kwikmotion.com/packages/ Frame F8A9 		111 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/KwikMotion.js
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/ClientsTemplates/paudio/KwikLink_311592e7-13f8-4268-b02a-633895abae3b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f75ca7860044a4d97db5005423385e646eaa20fdffdbd9d39ff1be1017fcb88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Feb 2023 12:13:07 GMT
server
cloudflare
etag
W/"80b446e4bd91:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FOvs2C1f0Z3VcAsTfxUqMlyYGcBmw548uEjR6%2BaYEhVQYqzhkFXumHgcsr%2BHeGEearethnVDxab0MZwQ%2FKBrc6FUC55ATHxY9BfEhbhoexttvP5vK9hnOz%2FkXFmrfIfDNS1vGRyBNyjn9GCuGWsDhJryw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039df92f39be-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
generate_204
tpc.googlesyndication.com/ Frame E43D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h3l4dg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
11027288203d775576631fa57d347b1b54030253be83b3df75f7f533c9b58184
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
video-js.min.css
player.kwikmotion.com/packages/video.js-7.7.4/ Frame F8A9 		38 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/video.js-7.7.4/video-js.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a0c74f062fa152047241275e720737d0d6309612b3c481ccee6f20942b5576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jan 2020 02:10:48 GMT
server
cloudflare
etag
W/"0c45b5249d6d51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YJyNlJASrafS0lTzMJ2j0GBX9V%2FBwlWnZQubQh2TDo4UUzeW9xp25%2FrNsJjVQsw6%2BAZE1kkB99D6heln1tUzMjiNzPiuJYFzjgl8QUYWcII2SCU8woiDpRx1UmTmWr3oOkgY0N9mvAFpi0NS2h%2B81y9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039e584e996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-custom.min.css
player.kwikmotion.com/packages/ Frame F8A9 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-custom.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a693a45873bf3e360af397745aa39bd953ce4ef8218af58f4f31033a6388d84f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 10:12:44 GMT
server
cloudflare
etag
W/"0763fef8687d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iFUod%2FkqSZUf048GFYdcOu4UDZ8dq1w%2FoFrjnrFtoH2t7jBIBjOaDi4vqVUziW5lIfBpngwti40jRT1vmYH2BYjAoj2mRVHzDXvOZ6w5K0%2FWvN4BusFN5aPurY3advIO%2Fm22o%2BE2yeC0idJoVuBibacUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039e5851996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
bowser.min.js
player.kwikmotion.com/packages/ Frame F8A9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/bowser.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df36faa8c0da70e17455582d9546a49749d3b4053b285f85f706d90be77e3ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 May 2018 19:48:14 GMT
server
cloudflare
etag
W/"013a9fccef2d31:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjnLDWO7B1q6aE9waqNDI7gE5KIZJmNMylIKqqHLJ1Q8osjWHJtwqJYvPCHUgFoQa%2BJkECdcmd7eTjJgtWNx4rcP8cqsi1yzFwahylbXKdaHSfgn%2B4fs1%2FISfCHY%2BpehuTlYrhtRKSbXje1ndO9L3J4FCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039e5852996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
video.core.min.js
player.kwikmotion.com/packages/video.js-7.7.4/ Frame F8A9 		212 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/video.js-7.7.4/video.core.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a83544c0699cadde3934ba304e82083f9d10ff350652f0c221a573ee3affc6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Jan 2020 17:59:33 GMT
server
cloudflare
etag
W/"803069b34dd1d51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAjzXVqyAuKzqfJWX%2F85Zqa4ZO5hBh7BLgoXVBVW9z3KNvLIOlluAPMwtIkdLRjZV8605%2B1f%2BSbt%2Fovxq6KJlfRGBI9kHIecAmB4lQ2aHQ0%2FlwDw7gHbKNmnygrGGB4W1q0e%2BiegCPkpVes2cftdSeqXnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039e5853996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
231.json
id5-sync.com/g/v2/ 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
3c6a90618fc2712b784027a994a4352b4f1550f70ce6cb7977727d607a914b6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
459573
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=O6MgL3xMVHVMaXBFRUh3bVJKam14TlY5MXhhdWVRT28xOUh2dGR5VlVkNDJiSDJqa0VnbmcydEdZTFdBdXpjcHY5TFNqSW5NV2s4VnVjT2pBKytrcC9OUkhVRHE2QXNGM0YwZS9ncUJXdGdSbW50MkVoV1BSUmJIYmZQT0...
402 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O6MgL3xMVHVMaXBFRUh3bVJKam14TlY5MXhhdWVRT28xOUh2dGR5VlVkNDJiSDJqa0VnbmcydEdZTFdBdXpjcHY5TFNqSW5NV2s4VnVjT2pBKytrcC9OUkhVRHE2QXNGM0YwZS9ncUJXdGdSbW50MkVoV1BSUmJIYmZQT0FwZTBYNnFYY3RSS2s2RFJDbVl5NHFGSVFuRXFaSnlkQzNpZnZkRkp5S1RIZEF6TjhuRzQwUFdnTVdjdEpmUkFjaS9NQzlIOXllVzA4MERKeEtWOWZsTjhlZldYVFovTTVPMHFYd1pkclRtTEpkMEEwSXZMZndseml4VVJTYWRUT1pGb2ZCNHpQfA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18198dd4e9db466bd66ce5f0725e3a66e2edd69c225a4294bb101e795bbc7bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
711846
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=O6MgL3xMVHVMaXBFRUh3bVJKam14TlY5MXhhdWVRT28xOUh2dGR5VlVkNDJiSDJqa0VnbmcydEdZTFdBdXpjcHY5TFNqSW5NV2s4VnVjT2pBKytrcC9OUkhVRHE2QXNGM0YwZS9ncUJXdGdSbW50MkVoV1BSUmJIYmZQT0FwZTBYNnFYY3RSS2s2RFJDbVl5NHFGSVFuRXFaSnlkQzNpZnZkRkp5S1RIZEF6TjhuRzQwUFdnTVdjdEpmUkFjaS9NQzlIOXllVzA4MERKeEtWOWZsTjhlZldYVFovTTVPMHFYd1pkclRtTEpkMEEwSXZMZndseml4VVJTYWRUT1pGb2ZCNHpQfA&cppv=2
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
713977
content-length
0
expires
0
id
id.crwdcntrl.net/ 		43 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.48.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-48-43.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache
x-server
10.45.27.17
access-control-allow-credentials
true
content-length
43
expires
0
branding-ads.svg
optad360.mgr.consensu.org/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 20:11:48 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
77247
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
DBJlrQih6zkaPr1Q89vhZ-kFrM9GHFCqggIgYfz5uhFl6jw0lq-ePw==
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
564e5f42b89b491d9918fce33acc1501cc70c27be006628fe88247c7c2a3837c

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Mar 2023 17:39:13 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
709
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=87362822048&lsavail=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.lebanonfiles.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
useast.quantumdex.io/auction/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703a0296c9b2d-FRA
access-control-allow-methods
POST, GET
prebid
ib.adnxs.com/ut/v3/ 		138 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ad2890951b6a6be2175bb25dd3055ba7d70d93e2df4b2088868569b16a8ea98b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
25d8547b-a9d0-47df-aa5d-6483fb272e81
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=39667&adtype=banner&auc=oa-360-1679074754443_5r4y43t1n&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=12093fa3d39c0c5&schain=%5Bobject%20Object%5D&bidfloor=0&d=lebanonfiles.com&sp=https%253A%252F%252Fwww.lebanonfiles.com%252Farticles%252F%2525D8%2525A3%2525D8%2525AE%2525D8%2525A8%2525D8%2525A7%2525D8%2525B1-%2525D9%252585%2525D8%2525AD%2525D9%252584%2525D9%25258A%2525D9%252591%2525D8%2525A9%252F%2525D8%2525A8%2525D8%2525B9%2525D8%2525AF-%2525D8%2525A5%2525D8%2525AE%2525D9%252584%2525D8%2525A7%2525D8%2525A1-%2525D8%2525B3%2525D8%2525A8%2525D9%25258A%2525D9%252584%2525D9%252587-%2525D9%252588%2525D9%252584%2525D9%25258A%2525D8%2525A7%2525D9%252585-%2525D9%252586%2525D9%252588%2525D9%252586-%2525D9%25258A%2525D8%2525A4%2525D9%252583%2525D8%2525AF-%2525D8%2525A7%2525D9%252584%2525D8%2525AA%2525D8%2525B9%2525D8%2525A7%2525D9%252585%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
c
prebid.a-mo.net/a/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:13 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
997ec54d8ea5e03039ee16191ce735693a7390838923f0a06388887ac7357bf2

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v2
i.connectad.io/api/ 		38 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acab2c4c521803c7a03cbfb80fc7de394241a6329320c0034137afd798724fe6

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.lebanonfiles.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a9703a03b2d3659-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		139 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a1b15ae48bab09072f723635be4ff379525cbf3e0c1391842f700ab249ba55ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
2f639f59-c6d3-4fab-874a-79ae89809bd7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
df8d8a0e27e9f274a54a74483a1f73d1e88d68f9d45802a6f0ca0a41ed84c630

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea4279c2c2f6e427fe47c9c836c37afd7ccac323925634fd58901bdb03f4b2f5

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e01a16bf30547342fe547ab303cfc4f1f7276d6e4e567fe4e84f11dbc5f41ca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
3dd84e44-39a6-49b2-94d5-c7cb1b84e4db
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:13 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
27
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8a049dd59ce9c60b2d0d8623e685193d914ef74e0e8a3c984a7eca905ad73450
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:14 GMT
AN-X-Request-Uuid
91728cc0-c1ee-4a0a-b94f-7f5e7667220a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=6269222067&lsavail=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.lebanonfiles.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
154f491b7bef9b61928dc3d6ac467d3756f852d01c0dba9f2252a76f168780cd

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Mar 2023 17:39:13 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
712
v2
i.connectad.io/api/ 		38 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383157851e45807a63fb6eb952322d5f2bf85f0e31ff48b4465df325762980cc

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.lebanonfiles.com
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7a9703a03b2f3659-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703a0296f9b2d-FRA
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=39667&adtype=banner&auc=oa-360-1679074754450_00esmt9oq&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&l=en&dt=1&pid=62135&requestId=421a39807ec1e75&schain=%5Bobject%20Object%5D&bidfloor=0&d=lebanonfiles.com&sp=https%253A%252F%252Fwww.lebanonfiles.com%252Farticles%252F%2525D8%2525A3%2525D8%2525AE%2525D8%2525A8%2525D8%2525A7%2525D8%2525B1-%2525D9%252585%2525D8%2525AD%2525D9%252584%2525D9%25258A%2525D9%252591%2525D8%2525A9%252F%2525D8%2525A8%2525D8%2525B9%2525D8%2525AF-%2525D8%2525A5%2525D8%2525AE%2525D9%252584%2525D8%2525A7%2525D8%2525A1-%2525D8%2525B3%2525D8%2525A8%2525D9%25258A%2525D9%252584%2525D9%252587-%2525D9%252588%2525D9%252584%2525D9%25258A%2525D8%2525A7%2525D9%252585-%2525D9%252586%2525D9%252588%2525D9%252586-%2525D9%25258A%2525D8%2525A4%2525D9%252583%2525D8%2525AF-%2525D8%2525A7%2525D9%252584%2525D8%2525AA%2525D8%2525B9%2525D8%2525A7%2525D9%252585%252F&usp=&coppa=false&videoContext=&gdpr=false&gdprcs=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:14 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
v1
prg.smartadserver.com/prebid/ 		932 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
20afd57e231b9599edab83831cad941af57de89d7c83e41f2ed7261c40c68855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
video-js-icons.min.css
player.kwikmotion.com/packages/video.js-7.7.4/ Frame F8A9 		13 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/video.js-7.7.4/video-js-icons.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67585081208651091723dcc01c23bda7f694783e12310260d2c1b2446f45c61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 01 Sep 2019 15:20:44 GMT
server
cloudflare
etag
W/"0ee9cd2d860d51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fqjor%2F%2BQKtkEvkJny6Op9P%2F55L7gpApAq12cGBp2oldS8NXij52onrPUMU1XeG34DNZb14BIn4sJOQRI7FR%2BY3V5ocWJ2kC7DBWLSm%2BA3qerL%2BZCAJNN8hYVgCJpH3WihvgOi3mVeTTLt0bIYlgKCbi3LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fda56996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs.ads.css
player.kwikmotion.com/packages/videojs-contrib-ads/ Frame F8A9 		960 B
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-contrib-ads/videojs.ads.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03490f3bf940e831c668d3855b6a61713bc50543405acb77aac286d566b4348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
cf-polished
origSize=1093
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 14 Oct 2022 10:31:15 GMT
server
cloudflare
etag
W/"a0bc7416b8dfd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wklP6sjmSzR2SWbdeMIvKBIQKx%2FrGCbioLvi3gSSD58ZOVW%2FxuNnCQj4V9ht7weg%2FYzQTgVk3T83CL3NJvtWYQkr20efbS%2FI2K%2F5oSnEfR9eF1aribFPQSXaxyiY011iI18sCAQ0VKdb51ODpxg5%2B2pp2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea5e996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs.ima.min.css
player.kwikmotion.com/packages/videojs-ima/ Frame F8A9 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-ima/videojs.ima.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3527b208e444c6fb7270ad375b497c02e10c59968e6a94f1a5384ea6b1aaabe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 08:24:18 GMT
server
cloudflare
etag
W/"61f7825aa6dfd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe5j9XraxKZKAPyp4K7ze%2BswwxcSmv2aQ8tm1mi9WNZcjCcGYxq7IQFYPWocOsyWIaMQt1mSdzSUNmJaH%2BWzZW9mvv1c3d%2FXYpT%2FmYZ7gIvGaa8JmzRHSyT0F0bxsC%2FFSyB5Y8J6McTXcxjRCruGHqI6Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea5f996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-mp3-podcast-ima.min.css
player.kwikmotion.com/packages/videojs-mp3-podcast/ Frame F8A9 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-mp3-podcast/videojs-mp3-podcast-ima.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4edb46d66da4a2d149d780632a0a17255c26f55435c93aa2b53e876f14325cb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:20:02 GMT
server
cloudflare
etag
W/"09563b9f4cfd71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKsjBoXE4pWCFXX2EHqrlD6rMMpPjNrl%2B2VR%2F%2FutUB8SUx156qL%2BPuHpKxYTv%2FCkoBEF8K1PB902pZfw48mVN2zl231D34natpureyDxep3SeiXMB63P8uRZYQJ1%2FYvBenuvv7xmzx15kPUe7VRzdKC%2FwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea60996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F8A9 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123281
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:14 GMT
videojs.ads.min.js
player.kwikmotion.com/packages/videojs-contrib-ads/ Frame F8A9 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-contrib-ads/videojs.ads.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf36349454a33d50275a1c27829e64acd26ae745c92847fbeb2ecad382b231a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 10:31:15 GMT
server
cloudflare
etag
W/"801b6316b8dfd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTqO2bEi%2FrSnXFiFpLm5FvE4jxtepboWDarJ%2F3mG7Eqb51lIcjwSaMCD%2B%2FRnw1VEVZ76ccoS3RuBw8lF6oGmSTWs5D%2B0hUOrDWZu53AQD4nKsFJ%2F8pO%2Bwx%2F%2FBOogAOsRASO7jNtDoHaeDS6%2BzFIrpZF%2BWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea65996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs.ima.min.js
player.kwikmotion.com/packages/videojs-ima/ Frame F8A9 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-ima/videojs.ima.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce251c535bd0c1b63eeb17265d2bfa33c4106caf58d061cef26aa7d3407e62bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Oct 2022 08:24:18 GMT
server
cloudflare
etag
W/"0254d5aa6dfd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OefN054rgl1hj2XKVUDBFBb0fpvgMoF94P1s%2FZbKZTEkOddLj9kLcqaUJU1yCIxmE0zogWtwGgR0WxW0Qbx%2FcVC%2BtSgV9kIvHoo%2BGVFZaobJby%2F29709OZCiFS8tieszT9JHFcuV3KD0hpi9Jk9t3RZ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea67996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-kwikstat.min.js
player.kwikmotion.com/packages/videojs-stat/ Frame F8A9 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-stat/videojs-kwikstat.min.js?ver=0.3
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fe85a38d5f44dbdd02db8ff960b714bac5d0bd6ce67acb501977910632b382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 09 Sep 2019 18:00:08 GMT
server
cloudflare
etag
W/"084816a3867d51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi4n5CabOQ3pd25jKRRrJBJgLeV89hSy7X%2BVg0viw1BJ5OPNnja6Chmq4HVB0PB5lsX3JGXNN1m9bEvhvurnfDAKL3u4jX7TAd%2Fg7OUZ2VsvpfxKSgpBKTprGqY3DWiFvFAZrfYkZ7lQHG1weM2MgWKB4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a97039fea68996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
embed.php
video.onnetwork.tv/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/embed.php?ext=optad
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.152.44 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-k.of.pl
Software
XO.webservant /
Resource Hash
b35fc04115f8138f9fe7362d471c5f6a6d577b9854751045edf5f4f90d6d8e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 17 Mar 2023 17:39:14 GMT
last-modified
Fri, 17 Mar 2023 17:39:13 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type
text/javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
content-length
705
expires
Fri, 17 Mar 2023 17:39:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=667768734399428&bg=!XV6lXgrNAAZEjmHWZI47ADkAdvg8Wt5QOdfARpwI4e39l7B-Bs4vaepCWnc8zW93EFRjGJ_xa-GhGGag0WADusWeI96GMBgtcMMCAAAAqVIAAAACaAEHCgA_PtHC6o-l5T_9TuDBl_4nn_2GV7HV1Cz95-B3owKylwRFf2rGXQ6YBmEKnVAs_bHd9CHmg6gPJWoYvz8den0NmQKqVPlPW32176nrJiB3U8h7SbgUrX1LmGP9spBaitjMSKTibDyXVEZmZquo4wWgQzlpPGgwce5rw8cPSycc3Za1BZitSCXIsQXZttWjIIox0DjGGosvcOdGDgeIg8DfMrunykik-CN9L5CVVyRAO83Uj47op_8vd519hWlYp_lyrFCYI7eLxYAN1fwLGDrhTFtS1Q3n8Jr9wWd8-d5Ip-v28eCid6EKMcX_5VuyvxUo1rBB0lYbqnmmIGquXpg4NDmSBc-p28jvltIpezeHn_bCh8T-ho0GL8QYiKQa4_x3TFXAqpgNl1y521o2A91NJxgIlHOMh4q1MQ-KSLQkRhJiUIhEeP99i8h1PW-UBUaM8zIeXh5mPJUMfuzhU3uFjDQMHUsPEDO9ohhF8q-VGsO_SOabY3sC3oHTcY-YMyHacKKwOtxdhEz9RO3IZtAgHcKe6AzlRT3nanpX_iIaK9s4k8ubo8hI4eJuF0H4kwtY5GTu4csnP7fTLfRH_enrwEHrE4tnghtUoU2Y0GDEFfKpTRYHsIoZzo9X8KGaownVYdDrVAbvzmZp2S2ClA8Gtq972tL3-iodK2X0edK4fjivvOW2_p23DF0_YJTWQJ503Trd1FmyBKkr1iN-R5deqya7RyJOA6mbLiMpUPICCMuFJHWtvJmw4yUaH0uo3yIpzpeFuKpy8qfHK01B7keoAoLvJNdH-alznLSe1z78JxpMALNfaqIO83PwbjnmFujJULXNQ1xWQkeAZK9Rq9fJ2VglT62GW24wx1RqpHe8bfykcH4N-_H-84M8JXJXHFcL58vE5OyvvJ0-wtgyw-RsKi1n-A1tJEibggnaMToP-wMujFtbnO8sDIDHjHmoU8WuXbTYXXHrP7s4x-X1icPXohG77sNHz6vjFoW5IQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667768734399428&correlator=1987192376442463&eid=31073110%2C31073151%2C31072515%2C31070233%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fifs&iu_parts=121764058%3A22548546259%2Clebanonfiles.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=2&adks=457888345&didk=4290544290&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&abxe=1&dt=1679074754802&lmt=1679074754&dlt=1679074752120&idt=1192&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0b08f3a8d48f206e679455a35355ba232af1c569053910dcc62ff2dda67d36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13272
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667768734399428&correlator=2848008550603786&eid=31073110%2C31073151%2C31072515%2C31070233%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fifs&iu_parts=121764058%3A22548546259%2Clebanonfiles.com_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=3555665173&didk=1496537735&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&abxe=1&dt=1679074754817&lmt=1679074754&dlt=1679074752120&idt=1192&adxs=1175&adys=1012&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1600&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49bbeaec8421f28fb39b4bc934bff467094548415c88d611130721bba6977f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12433
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
videojs-contextmenu-ui.css
player.kwikmotion.com/packages/videojs-contextmenu-ui/ Frame F8A9 		553 B
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-contextmenu-ui/videojs-contextmenu-ui.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb98850ff4d6ed93866b2b1de6f1b84e76f689bc40c4331307a22eb1b37164c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114
cf-polished
origSize=556
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 09 Aug 2019 14:40:02 GMT
server
cloudflare
etag
W/"f08df253c04ed51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDcQxpvECs2ihP5WkubNxNC97yOCzqhEypI0pzmlYHG6QqC1P%2FRucEwCW3lE%2BOMvMuooI7%2FQWGLwj5x8h8LjQNLKonMXCCPRKwLcNhh2S7FrEMzW5OgBk81%2F13VOWnUaFAdQgiecWQ5b%2BsvVn5MnbE8TjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd4a996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-contextmenu-ui.min.js
player.kwikmotion.com/packages/videojs-contextmenu-ui/ Frame F8A9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-contextmenu-ui/videojs-contextmenu-ui.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a523e8538bab263f59f1cd799e5d89592bea18863b84320b7b20a08150cc67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 09 Aug 2019 14:40:04 GMT
server
cloudflare
etag
W/"03ac254c04ed51:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlDVdo56BCoZqgd0E5%2FZUx7SSjvDCe3Q36JzDUfT04xYG1Xi0PfnRZ8v0JzayG8FLoFYaENf03vVQw7fGjByeilMbeeL6GfNhMQy7u8B2RrMfAzkcp1SsBqmja5m4DxJB0T7QIshDod9Yp%2Bci8gtXVOxwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd50996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-analytics.min.js
player.kwikmotion.com/packages/videojs-analytics/ Frame F8A9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-analytics/videojs-analytics.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9109e59bf1b08532c30c26c207e0f956436333cf1755da1d1e4602f607b37a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Aug 2021 10:49:01 GMT
server
cloudflare
etag
W/"804cd708c87d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH7kUOl3w0qU9jvWLiMBCnHNHGUYMWz6eVwsmfzRsSEsMToOknzw8OfVf%2F2qM365%2FyMHj7Dl5WugTZ7oArkTsNx%2FdR2HYWCYLnVfb4kJJp%2B4Zjtxycnq6bP8L3EdaYYlV5XQDIKyPYdbfLiK0ITWUZg4Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd54996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs.hotkeys.min.js
player.kwikmotion.com/packages/videojs-hotkeys/ Frame F8A9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-hotkeys/videojs.hotkeys.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ceb57152d47b1b70d0f6e948d063c2cdeb07414012e187f1f9c21d7dd572fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 May 2018 19:48:14 GMT
server
cloudflare
etag
W/"013a9fccef2d31:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZbp3IFgOxx%2B3dxBjA3vfh2MElnK1Mr01Pqk%2BGy6S8PLqMISoYfcwEdEPcR1xixkUKATNcPiJmrbPARs%2FGaFOGrWnUAB%2FKYGmPoqIHrTfHBXwEwjDLI8osb5zulS3d1cXnU%2BMH6fEKb5JImcFmEVwjov1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd56996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-flash.min.js
player.kwikmotion.com/packages/videojs-flash/ Frame F8A9 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-flash/videojs-flash.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a653356131860182f0318daa173986aae920198dd0500839b0f080dd15b06fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 May 2018 19:48:14 GMT
server
cloudflare
etag
W/"013a9fccef2d31:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdskcIlkUAvEs%2Bsk5kAXxDXIXd0l%2Fpac4Bg2aQ9EgsmQegNinI0jCyiSgurFfL5jS0Yut3H20JSKyrtxg2ZcPFMBC33I5GqopKQh7xHaq9MhcSEBLlSlbxlvtFBBH8rhAcj2wE5wlnJZrBJ5nHnecj787w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd57996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-share.min.css
player.kwikmotion.com/packages/videojs-share/ Frame F8A9 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-share/videojs-share.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192ebef426b22b111685ce290f96063bfdc0b306a7329dcb88228dd8567e1d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Jun 2018 22:59:10 GMT
server
cloudflare
etag
W/"033d1ced71d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scYu%2BMZozIoCojh6oQ8r2kgv03q5ev3JUrbn2RJ2xD44yXocB6%2FA7dNYuxYs%2Bi4jRjYzsjviyQX1LmCCB36qy%2F9pxTM3qPzWq26A0M08kWL1QWzj3ivk3%2F7rPXWG%2FfCMtKIaj4ykc%2F9J9%2Flvi3SG52hAqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd58996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-share.min.js
player.kwikmotion.com/packages/videojs-share/ Frame F8A9 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-share/videojs-share.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e6232d4d8de0ad72b4934d0c0bf12f9ef70be2170bdb7536ef3ea09cc466e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 08 Feb 2022 19:25:08 GMT
server
cloudflare
etag
W/"021995211dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcAL2TzgWPUPxZq6S%2FWhYrGTH%2BiONmjCXDC0%2BONyfELx8aanQyaB2PYQJPWfiBlHerzF%2B0Bj%2B%2FAdhPFfUZ5nsSbu6ZkGtB7R463f8Pgpl%2FExEshj7wjaReK1Nv7nPT2u%2BLhTUrs1fpg4Jp5M2laEbKgABQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd5a996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
blockadblock.min.js
player.kwikmotion.com/packages/ Frame F8A9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/blockadblock.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5035c036290ff41da4268e63d8f4e60c5ea8e5329bb47d74487a583911148376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 May 2018 19:48:14 GMT
server
cloudflare
etag
W/"013a9fccef2d31:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PAPjuiPqYOT8VUXQ9s4pjw1U%2Brszj%2BFcQkyZOXSbrcbaTagMYaVsiYwOcoCqWNpQ5O8%2FIHx8LqKzooB0KQiG8qhLqn4B7rWFddIVOSCEDOIZrtEeX8k0BHCggGmOqPsjq%2FRDti0e2C4ZAtDkTIEl%2FdjGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd5b996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
can-autoplay.min.js
player.kwikmotion.com/packages/can-autoplay/ Frame F8A9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/can-autoplay/can-autoplay.min.js
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aabb73a69b95e0752662290edb66237c76f07ce8b4f0b37d8ce7f691aa4740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Jun 2018 21:27:48 GMT
server
cloudflare
etag
W/"0a27c8794dd41:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sij%2FUSJZ8pEFMbN%2Bi34vupieNn%2BUwEIPeoh%2BWCkAhwcbR1Mw7WpqfbMOtzSsJ91kbMuFdngqyb8OOWaqa875zrx3EwQujfQRuIhH6y1c1UDfu0E%2Fg7DiEkK6pCMWtFsQ2S4wu2GYffHlyoLHTy0V4Ld%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd5c996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-audio.min.css
player.kwikmotion.com/packages/ Frame F8A9 		537 B
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-audio.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7997225bb226143c3541a87a0bf028afc4535b6a69c9f2348db7c24524ce0bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Jun 2018 22:42:20 GMT
server
cloudflare
etag
W/"f0919cf4304d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuMhRMz91lVyb6IYV7TDKx6rvn9MzvlBj%2FvJxDhKNxIjgGWDdVmbOEpqRi0lnRHOCbMQYBB%2FdnR3wA9yNkn38ch2omV49NBzrBEQN23V%2BGv3XHWlw%2BJjJNrYhrpqP%2FMuV%2FySkChm1sIshNQrI6akgUs%2Bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd5e996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-mp3-podcast-index.min.css
player.kwikmotion.com/packages/videojs-mp3-podcast/ Frame F8A9 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-mp3-podcast/videojs-mp3-podcast-index.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc04aef500cfdb77091b41f197210771d3bca5fe802b3fd259d56f68f7d269bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 08 Feb 2022 19:25:53 GMT
server
cloudflare
etag
W/"8076ebaf211dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKYpT8%2FEJV1ccXXJ0c%2B4MDa4ah0VbSDdx67zEzq7zrVo8diNa8n%2BOzapVpbYD6LekZTQXeb0n6ptaCpXN0osrnT9fqoOqoz%2BPYAhihVLQHLwUQN5xUsUmZhNSwL9c8rXnLrEyfbJWgf5tlD1N%2B81HeJGww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd5f996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-mp3-podcast-index.min.js
player.kwikmotion.com/packages/videojs-mp3-podcast/ Frame F8A9 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-mp3-podcast/videojs-mp3-podcast-index.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456662aae3bd37725b228025300d27afd619736aa5199566eab1520d38928a78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 12 Feb 2022 14:37:48 GMT
server
cloudflare
etag
W/"0c6e81a1e20d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oWYANFE9fVNNHxmuQNKslHuouW7thfShO83TGYXxADOgJMY%2B0byDrqRvI4%2FlxlBH%2Fnnv9oqBDWV%2F99C14MYcrSG4FFPNTXGLO3N%2BvsD2sFy5RFSmSuF5X5h1%2FFa%2FT6TwZDCAo%2FjaTI6QXm0Q2kaS74mDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd60996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-playbackrate-adjuster.min.css
player.kwikmotion.com/packages/videojs-playbackrate-adjuster/ Frame F8A9 		513 B
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-playbackrate-adjuster/videojs-playbackrate-adjuster.min.css?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
883affe4d4fb73c6e129502c031f95d288c6430cdb54e7c0791e4b5faee3cbd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 21 Aug 2021 09:44:25 GMT
server
cloudflare
etag
W/"3c12eb207196d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkDaQB5UILlYan557qLB4CD8Rkhw9ZR9uLPevWBk4YHjcU8a6oEIMitCqNXebYE%2B7gueUtylimN7hdgxc6cBp4YB3eukhEztsJxy16sB94BVrLKxRl8w0I6DgrLF1rKQYLBGmNTA7Y2nJeAhJsaW%2Fudk9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd61996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
videojs-playbackrate-adjuster.min.js
player.kwikmotion.com/packages/videojs-playbackrate-adjuster/ Frame F8A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kwikmotion.com/packages/videojs-playbackrate-adjuster/videojs-playbackrate-adjuster.min.js?v=1426
Requested by
Host: player.kwikmotion.com
URL: https://player.kwikmotion.com/packages/KwikMotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1662673e705d056f1136367af8c01ef50479cb6f2b582b92721fdf2f795acfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114
accept-bytes
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Jun 2021 12:10:00 GMT
server
cloudflare
etag
W/"5adb95f285dd71:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCK6h26nhHC4g6CzPAVARcg%2Fi%2BIjZfiZWNc3BCO%2Fm%2F5Dz1ctshZzy7J1akoRPrxqopEaxwSrsb%2BjAeHuu6NMqR%2B3speevTpCaz5laSsL5AcCztXBDD1ld9pod7aLnOgg%2FRKOpcetlUC4YBZOdlzDGObafg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=180
cf-ray
7a9703a1dd62996e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
bridge3.563.0_en.html
imasdk.googleapis.com/js/core/ Frame 5275 		708 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://api.audiowat.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
230581
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 02:08:38 GMT
expires
Sat, 16 Mar 2024 02:08:38 GMT
last-modified
Wed, 15 Mar 2023 22:09:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame F8A9 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.audiowat.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 17:39:14 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O6MgL3xMVHVMaXBFRUh3bVJKam14TlY5MXhhdWVRT28xOUh2dGR5VlVkNDJiSDJqa0VnbmcydEdZTFdBdXpjcHY5TFNqSW5NV2s4VnVjT2pBKytrcC9OUkhVRHE2QXNGM0YwZS9ncUJXdGdSbW50MkVoV1BSUmJIYmZQT0FwZTBYNnFYY3RSS2s2RFJDbVl5NHFGSVFuRXFaSnlkQzNpZnZkRkp5S1RIZEF6TjhuRzQwUFdnTVdjdEpmUkFjaS9NQzlIOXllVzA4MERKeEtWOWZsTjhlZldYVFovTTVPMHFYd1pkclRtTEpkMEEwSXZMZndseml4VVJTYWRUT1pGb2ZCNHpQfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
258197
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
embed.min.js
cdn.onnetwork.tv/js/player90/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1678882789
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
d72686ef003bbd74d1ee471148b1d82e2c77cfdab9b0b393655a0762cf150dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 12:19:49 GMT
server
XO.webservantpro
etag
W/"6411b7e5-12580"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
truncated
/ Frame F8A9 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://api.audiowat.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame F8A9 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e

Request headers

Referer
Origin
https://api.audiowat.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
share-svg.svg
api.audiowat.io/images/ Frame F8A9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.audiowat.io/images/share-svg.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:583 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba0bb4de815659c2505292ed7831b408f0db44755f551d0c313e93c7add27aa

Request headers

Referer
https://api.audiowat.io/fetch-audio/0d692fcb-6f5e-46f7-85f1-2f7b2cf97bad
Origin
https://api.audiowat.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Dec 2021 14:41:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4096
etag
W/"61c0960e-6ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyeTJRkhKYxjgrPXgmVEunvkTvs6jqQVfhggglIksmUSnQFNwIdBdNBfUyfE8KOh%2BkrLFGMavwB2twVOMdCBiSVFdxM%2FpQAb%2BbHvJpN9ieiuoKqPIlzSmV4IRVHkyvr1RV7FdsmQiN3awcyFZPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=43200
cf-ray
7a9703a36ca69bbe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/052302271541000/ Frame 3C11 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052302271541000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d7134212f927125020c613d4cf3604d8ba95588bc109aa08e757d6c04c7469d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 15 Mar 2023 21:08:19 GMT
age
160256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61760
x-xss-protection
0
server
sffe
etag
"03715e447e599890"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Mar 2024 21:08:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/052302271541000/v0/ Frame 3C11 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052302271541000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 11 Mar 2023 04:22:15 GMT
age
566220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"cedf9691907d886d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Mar 2024 04:22:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/052302271541000/v0/ Frame 3C11 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052302271541000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Mar 2023 19:28:14 GMT
age
598261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28954
x-xss-protection
0
server
sffe
etag
"eb54a928dd76f593"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Mar 2024 19:28:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/052302271541000/v0/ Frame 3C11 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052302271541000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Mar 2023 19:16:43 GMT
age
253352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"aaf5c93962f41d5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Mar 2024 19:16:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/052302271541000/v0/ Frame 3C11 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/052302271541000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 11 Mar 2023 02:20:05 GMT
age
573550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12965
x-xss-protection
0
server
sffe
etag
"2e1a930b1f14d060"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Mar 2024 02:20:05 GMT
css
fonts.googleapis.com/ Frame 3C11 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:03:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:15 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C11 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 04:27:29 GMT
x-content-type-options
nosniff
server
cafe
age
47506
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Sat, 18 Mar 2023 04:27:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3C11 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 20:05:12 GMT
x-content-type-options
nosniff
server
cafe
age
77643
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 17 Mar 2023 20:05:12 GMT
l
www.google.com/ads/measurement/ Frame 3C11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQss9KJbyVu4w2oIpsJ4WBfF-cFK5QGDniyhQE_AHUljeHs4aopSePZ2KMBVxAL37qpOTgEWIdwB3o8L0jMo59HEvOJ0A
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGtTFwqUUZIfYNJT87_UPyIurqAjFk6vYbrWosIaIEfHJ_d8FEAEgqoDDImCVgoCAtAegAfvk35gDyAEJqQKZdH2VOtWxPuACAKgDAcgDCqoEggRP0KwFdyKn6oFfDV3Wtxz030fdaApmRYYL3JzTVrxiGu0AkBVHOzMSaVaxaJZVyxcOOiKjtZeLkl-mlps4UqFxtgooJ4fO0HXe8XYpYtDdTNusetltmtL7G-Ub3eo4KyP935yiBPYVQJBwD-zVTWZ20CnTlLgECawAqKLdMrXbZx-EaKoWMw9rBtInKMCGUxA6wCwcMqJ9kB5NiqdXHtbdMU8n6rGcCnQ0uOXxRVheiR_UikrtKudJYDnWL4T_11K7mFlXp066bZIi6Njwl4049pgNGVQ9iOoVkU-YWrGsUtu6ii7nXb8p2e0y-XNFCIaXxSHZLtB9PSv2wyoECb5Mbi9XSwB3yBrtN79yYbNnv2mPnF1nHpIyqUhcwH7KlESX7ACyvD2bpTKejAguAJ3t6BQ52MxFUj6KRx7kYxG0CqFn87tw1I2OEQgk9iAiLszUUfLSV68GrVwol8uLopmKmXmhpS5e-hulityTwou1KTKoSgoKgcN3-vDLs1LcolKnFqsoBkgd3tKGv1L6SthyKUa_5W9AZ6HTuRND7UZ-g1sm9H7KLt2lq8EbjdxwzWQvTdKMoBaLhApHlqQ4W2DxcTST0H0viQ3qU3MiWxgA0rluE-Wq0eGRIjk5x3rA2b_d-mDj1UWWjzSNyBif4ca1wAYAoTvEwizE165FM4e8aQFhwATvuuHM5APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7ZqgZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI7oAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0gAoDyAsB2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTIzODIwMTI1MjI5NzkxMDgYku8h&sigh=xbHW14sJmrQ&uach_m=[UACH]&cid=CAQSPADUE5ymHftsM14UHRyTn21SqbjCORhUHVUoPT1h9Togg1uaG2wupo3kL1RM-IGBurJzKafdUyEEx8t5fhgB&template_id=5000
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/3751434330202142372/ Frame 3C11 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3751434330202142372/14763004658117789537?w=195&h=102
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f248e52a8229d0709ae85b03e5609a2435b76d9a2a319b03fc9953e25b68d986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:40:54 GMT
x-content-type-options
nosniff
age
14301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8395
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 09:13:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Mar 2024 13:40:54 GMT
truncated
/ Frame 3C11 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C11 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3C11 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a79fa3693b0c3df66d9ed47fdd937019645eff5653af1c4cb78a48ac2f937b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
embedOptAd.min.js
cdn.onnetwork.tv/js/player90/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1678882789
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
08c0a169e42b9a12d00f4898924ad5584d0253d232429c086c80da98ce165b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 12:19:49 GMT
server
XO.webservantpro
etag
W/"6411b7e5-72e5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
frame86.php
video.onnetwork.tv/ 		22 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/frame86.php?id=ffONNPc4253b29178127985d2d236fcd45aa6016790747552371&iid=1679074755237&e=1&ap=4&map=1&umum=1&naa=0&dpre=1&onnsfonn=1&vids=919027&dpb=1&onnwid=9074&wtop=https%253A%252F%252Fwww.lebanonfiles.com%252Farticles%252F%2525d8%2525a3%2525d8%2525ae%2525d8%2525a8%2525d8%2525a7%2525d8%2525b1-%2525d9%252585%2525d8%2525ad%2525d9%252584%2525d9%25258a%2525d9%252591%2525d8%2525a9%252F%2525d8%2525a8%2525d8%2525b9%2525d8%2525af-%2525d8%2525a5%2525d8%2525ae%2525d9%252584%2525d8%2525a7%2525d8%2525a1-%2525d8%2525b3%2525d8%2525a8%2525d9%25258a%2525d9%252584%2525d9%252587-%2525d9%252588%2525d9%252584%2525d9%25258a%2525d8%2525a7%2525d9%252585-%2525d9%252586%2525d9%252588%2525d9%252586-%2525d9%25258a%2525d8%2525a4%2525d9%252583%2525d8%2525af-%2525d8%2525a7%2525d9%252584%2525d8%2525aa%2525d8%2525b9%2525d8%2525a7%2525d9%252585%252F&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNPc4253b29178127985d2d236fcd45aa601679074755236&rrpt=%7B%22CxSegments%22%3Anull%7D
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1678882789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.152.44 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-k.of.pl
Software
XO.webservant /
Resource Hash
b3b4cfdef12699a8fd084878254e34071e6408138901f9b11afecd96bb9ac4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Fri, 17 Mar 2023 17:39:15 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://www.lebanonfiles.com
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
access-control-allow-credentials
true
content-length
7131
expires
Fri, 17 Mar 2023 17:39:16 GMT
branding-video-negative.svg
optad360.mgr.consensu.org/icons/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optad360.mgr.consensu.org/icons/branding-video-negative.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-64.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 22:08:30 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:05:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
70246
etag
W/"4ccbac335fa4fcdf4c526588ec6a6bc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
eGcxTJ-ZZgj-jjIduxeJf4umvoDzln7qf9C9Pl0NyQmg88fMNUYA-g==
a_cntg.png
cdn.onnetwork.tv/cnt/ 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1679074755247&d=9074&wsc=00&typ=embed&mobile=0&c=40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Friday, 17-Mar-2023 17:39:15 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3C11 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 19:36:43 GMT
x-content-type-options
nosniff
age
79352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 19:36:43 GMT
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
player86.css
cdn.onnetwork.tv/css/ Frame FC96 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/player86.css?s=1678730599
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1678882789
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
5c03ee9322411dcea3be97020b5107165186ebaa7c3865c123247e2ec2029627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 13 Mar 2023 18:03:19 GMT
server
XO.webservantpro
etag
W/"640f6567-b46b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
player_utils.js
cdn.onnetwork.tv/js/player86/ Frame FC96 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player_utils.js?s=1678980069
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
13ca7d5a10e63dec03e36b3f8e37fb0e930ebc6663e45feb8d0a3d298d2ede13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 15:21:09 GMT
server
XO.webservantpro
etag
W/"641333e5-2d67"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ Frame FC96 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44cf3192e90fd0b6232a7a3e57cd3f64998abefe8f22814c8360875c9030d4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:29:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28625
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 22:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 17 Mar 2023 17:44:39 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FC96 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123281
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:15 GMT
player_light_v.js
cdn.onnetwork.tv/js/player86/ Frame FC96 		271 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1678980069
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
74c55c727324e6075a5cdc72cefc5f1553a9d6654f18de2464d4d8321247aeb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.lebanonfiles.com/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 15:21:09 GMT
server
XO.webservantpro
etag
W/"641333e5-43db2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC96 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1679074755340&d=9074&wsc=00&typ=embed&mobile=0&c=44
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Friday, 17-Mar-2023 17:39:15 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
adview
securepubads.g.doubleclick.net/pagead/ Frame 78E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl5kEwqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSDBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOF0I7uPmyBt8TZZivLbZv-HLc2GS6oK7l9LeLV7jgtFni0hLqJTT4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=93Q7-R2vpHM&uach_m=[UACH]&cid=CAQSPADUE5ymec7boAdIH93ThMtukrdujeeX8BUFGgK5XhaaL1CAP_6ohrV3skXBvdPSxm7rHQ8YKI8Iw_DS-BgB
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 78E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7S-FI-lBKwC2ASdg2ICAgAAANlEjjyI2ebFrDDDWkehzuIQwqUUZLnwOLXTwGH-MWsAABIAAAoOQVFVQkJRWURCUUVCQlE&wp=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
237301
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 970C 		129 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
965f930a055ba9057226cf4b50e357979f19137cd83729d2e69188bc3ab9e811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qF15sHH_enLxUqi7RNnDaaVTZlZX9hC9R-u3wEKwlYTUz9i7pAnh3usiGiLA5QxzQrae635S8OCLCYz_jVPjDwJL2o_fUWYW5sKQcVffaulN1YPcLf3wC30qK5Z3eLdQQKqqtYAYi5miW2gNyKNfRTIrdOcx1ka92GbkBufomYePd4CMBsoXepe5FR_r86Qj0paHV3-n5mXtQut_yqrkprbkAJsYeHhFdI9Eaqoa4TpyU-Pb-sBFEk0CpXc"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
71124839
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 78E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D5D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 78E1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame 78E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWKruhsrZ32rAnE1TyhfqDofqdYaG2KKzni7DpgmvbriC-yWcVEDRrU6lR4o42-he7_7-WNstLAZpD9JNCACQ53eDZWA
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 78E1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 00:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Mar 2024 00:05:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 78E1 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:15 GMT
truncated
/ Frame 78E1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe3f3ec36444f6fd8bf7e7879764e829226dd0d6d69b3669ed152e28c5e87d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm3efxSSBOeXJMCyQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm3efxSSBOeXJMCyQ
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx9-vr9HfJxUYV_orWNuxDCaa7LL1sRRdN333M5NlzF79b0Vm098dcy6gBWaNC5l40k4FVuVxhUqkDmOSWm3efxSSBOeXJMCyQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Mar 2023 17:39:15 GMT
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFzYBnVx_MRwUsSkIZ00hyw&google_cver=1&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwj...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFzYBnVx_MRwUsSkIZ00hyw&google_cver=1&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwj...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg&google_hm=
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:15 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx-VPRwyzoBbwKrtigYQ5YaRQUiX_avSEZ-qiNbus40Kfdg-cUHOi6137WVxuhUT_O5WNRpxiXKfwjvgAlF77-o4tc6XDXwlWg&google_hm=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEHsKorIRKWm0ZLTmj_yTrFY&c_param1=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-TMO-n5Lhscuv9qkqCwAFnmbbrKOq9Nl4g1bjWeo4k_mfIEIThgZz13e-DZijeX9XWeF3Hed9PRrfpv5mgqlvey-WM05Uy
date
Fri, 17 Mar 2023 17:39:15 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L46FYGELlSL2wVs7i2yabhkbEoIb3BfkHgkkFvcRECv5YWhw906JdCMQTmTHWv_Ykw
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx9oiExZP7msofPXjuw3SSa0AAt3Yj25L46FYGELlSL2wVs7i2yabhkbEoIb3BfkHgkkFvcRECv5YWhw906JdCMQTmTHWv_Ykw
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-1953de86-5e53-4be9-8d81-81beb5838526-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-A0l_YJ69IErOHE69DE...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&google_hm=AxlT3oZeU0vpjYGBvrWDhSY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&google_hm=AxlT3oZeU0vpjYGBvrWDhSY
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-A0l_YJ69IErOHE69DE3NmHGbM0sZoT85ZkDy-mp8BL4K8ID-a8PrCNzbiWxmO_2mkjaAyg92adQSRJfzDY_2sp0AhGt-a&google_hm=AxlT3oZeU0vpjYGBvrWDhSY
date
Fri, 17 Mar 2023 17:39:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1953de865e534be98d8181beb5838526003
content-type
text/html
/
cc.adingo.jp/adx/push/ Frame 9D5D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEA3QIA_nen_88sAN42atHLs&google_cver=1&google_push=Aa02lx94cXx37TnEla6NApdJWvmMzYxAwzavPjJI0LSBrFT-j4JCpcCdDvPKMURFTB1vRwVA5kPzst7HwbfhP-0FUAmcL9IBWrW2Jg
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.102.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-102-203.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 9D5D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLydCLPJfcyCL2ry5_4uY4&google_cver=1&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b7...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELLydCLPJfcyCL2ry5_4uY4&google_cver=1&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zdlo4ei5GRTJ1RzBybHkwVU9NQnVfcWxuaEUzczhGNX5B&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zdlo4ei5GRTJ1RzBybHkwVU9NQnVfcWxuaEUzczhGNX5B&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b768seKhdZz62IptYCqGDdjf_GZP5PI
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zdlo4ei5GRTJ1RzBybHkwVU9NQnVfcWxuaEUzczhGNX5B&google_push=Aa02lx9QqFprYZQIGqYZXBFa_ASKZaiOvr3msTmhFTVvIjjMQ2VAPLc-kL0ogA9xjt-2Eol0b768seKhdZz62IptYCqGDdjf_GZP5PI
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 9D5D 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTgiTTHxZLPVaafxGlrpcXhIFSUQmg68sPPNUHnxEVr-0k4BhpaG-6v38wbsFQKzlrWHW3Ow
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Mar 2023 17:39:15 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:15 GMT
server
nginx
t
t.lkqd.net/ Frame 0FE0 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 02DE 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1679074755.cds007.fr8.hn,1679074755.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:15 GMT
server
nginx
t
t.lkqd.net/ Frame 8A09 		0
0
general.css
cdn.onnetwork.tv/css/websites/optad/ Frame FC96 		616 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/websites/optad/general.css
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1678980069
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 07:49:33 GMT
server
XO.webservantpro
etag
W/"6240170d-268"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Tue, 03 Oct 2023 17:39:15 GMT
analytics.js
www.google-analytics.com/ Frame FC96 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1678980069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Mar 2023 16:14:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5070
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 17 Mar 2023 18:14:45 GMT
bridge3.563.0_pl.html
imasdk.googleapis.com/js/core/ Frame 7CE8 		708 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.563.0_pl.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec197cbb8a4b8ceac8e453b93a951ac5eb86c5dfc0f82a905af84113fb314405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
230651
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:39:26 GMT
expires
Thu, 14 Mar 2024 12:39:26 GMT
last-modified
Wed, 15 Mar 2023 12:36:16 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FC96 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 17:39:15 GMT
bridge3.563.0_pl.html
imasdk.googleapis.com/js/core/ Frame 1554 		708 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.563.0_pl.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec197cbb8a4b8ceac8e453b93a951ac5eb86c5dfc0f82a905af84113fb314405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190789
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
230651
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 12:39:26 GMT
expires
Thu, 14 Mar 2024 12:39:26 GMT
last-modified
Wed, 15 Mar 2023 12:36:16 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
919027_5m.jpg
cdnt.onnetwork.tv/poster/9/1/ Frame FC96 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnt.onnetwork.tv/poster/9/1/919027_5m.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
37cb31effe0fa7997e40575b2d239b9fd99fa789fa7f4a9e16cd8c55cb86163c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 17 Nov 2022 10:35:17 GMT
server
XO.webservantpro
etag
"63760e65-28d8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=17280000
accept-ranges
bytes
content-length
10456
expires
Tue, 03 Oct 2023 17:39:15 GMT
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame FC96 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1679074755566&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Friday, 17-Mar-2023 17:39:15 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntm.png
cdn.onnetwork.tv/cnt/ Frame FC96 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1679074755581&i=919027&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Friday, 17-Mar-2023 17:39:15 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC96 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1679074755581&d=9074&wsc=ab&typ=embed&mobile=0&c=45
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
last-modified
Friday, 17-Mar-2023 17:39:15 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
black2.mp4
cdn.onnetwork.tv/img/ Frame FC96 		2 KB
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/img/black2.mp4
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

pragma
public
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Nov 2022 12:58:10 GMT
server
XO.webservantpro
etag
"63738ce2-8be"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2237/2238
cache-control
max-age=17280000, public
Content-Length
2238
expires
Tue, 03 Oct 2023 17:39:15 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame D9F9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Fri, 17 Mar 2023 17:39:15 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1679074755.cds007.fr8.hn,1679074755.cds288.fr8.c
ad
v.lkqd.net/ Frame 02DE 		0
0
ad
v.lkqd.net/ Frame 		0
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ Frame FC96 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2126992319&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dp=%2Foptad360_com%2F9074&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=650x366&je=0&_u=AACAAAABAAAAACAAsD~&jid=584901336&gjid=635373043&cid=851671611.1679074753&tid=UA-135296857-3&_gid=420777504.1679074753&_r=1&_slc=1&z=608570030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame FC96 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2126992319&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dp=%2Fab%2Foptad360_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=650x366&je=0&_u=ACCAAEABAAAAACAAsD~&jid=365739344&gjid=536698445&cid=851671611.1679074753&tid=UA-135169144-1&_gid=420777504.1679074753&_r=1&_slc=1&z=1282650674
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 970C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:15 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 970C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:15 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 970C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 11 Mar 2024 17:39:15 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 970C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 11 Mar 2024 17:39:15 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 970C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Z2wEb9CmXsD_bLBDiYAmcGDy4PnptyjgYWIdfKIjuZJdJuZKuvs11vdol0D0WSnmiux2MiDkaSFZ07cG85sAEpgPaf-HjgMVPWRUSZg_RSXGKB_9yb5GOkeUgSB2tpZd-2vFv2j0_K2WtEPMIYRS3F6qLj3S6Vo1OzZULVXI-VVyGnL9fIemnAT5zu-CrvMM7dw-1CmbN1HJcX53jhCBVWrf4Qib7cVB4SW2897QEKBcHE0bK65dobI3IHXEtvestzOAaRnWKBSyO-scVRGn317I4rhxC1UPfoznaTUUNJaR5LxewWSJ0IAjSFI3-IX844vusgHpk3S9VFmxbDsBx0-uDxDUGtn6eXnAHrFDLENtanE7zZoIHnPApe1CPo31MmnYVIyYxSVizsEWtYF95U_BD-Z_hJGPk6LiEhlGnLh1rpyI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3220482
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 970C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
683499
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TBa4dPtt0eZ%2B0gdKub%2BvNayJoK4ir65msg6GeFP0KaQ%2FGoUCkCpQ8lRMNcR0jv3pHT%2BfqejlElwxPG3Ty7sXdUtXf6D8Ex20YAhhZ%2FCiUOfpdtO9%2BYCJz0Ter7UAxb6Kskjv16FqxDtUUn%2ByhA48GCh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a9703a8ed8fbbdd-FRA
expires
Wed, 06 Mar 2024 17:39:15 GMT
animejs.js
static.criteo.net/animejs/ Frame 970C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:15 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 970C 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:16 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 970C 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:16 GMT
events
analytics.leya.tech/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-token
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.lebanonfiles.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:15 GMT
expires
Fri, 17 Mar 2023 17:39:15 GMT
server
UploadServer
x-guploader-uploadid
ADPycds8BeV30S9VydPtoA7Q3xF2InJSzP7Q5KDCw_42PjXlFHbSZ4jYTcTLnqtLH_mpAOw394-er2yMgDTj0U0uggfE
events
analytics.leya.tech/ 		188 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103

Request headers

x-api-token
d72dc3aa-077f-4497-9920-7fc4a89fa510
Accept
application/json, text/plain, */*
Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
UploadServer
x-guploader-uploadid
ADPycdsehj5O_BeQlvbqXQCn0xUlV5m06GlyuHSEoojFYZIYvVeRNyO09AsYb8a74EzZjQ3gNo5PJSlgzH7Z9cXqxUYh
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
img
pix.eu.criteo.net/img/ Frame 970C 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F498532715f9d4c2eb8c1c40789d2bf23_img_square_1.png&v=3&w=1200&s=4jR_MexrBPS9qxC__FRyOj-f
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=25582273
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36272
expires
Sun, 07 Jan 2024 19:50:29 GMT
all
csm.eu.criteo.net/ Frame 970C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qF15sHH_enLxUqi7RNnDaaVTZlZX9hC9R-u3wEKwlYTUz9i7pAnh3usiGiLA5QxzQrae635S8OCLCYz_jVPjDwJL2o_fUWYW5sKQcVffaulN1YPcLf3wC30qK5Z3eLdQQKqqtYAYi5miW2gNyKNfRTIrdOcx1ka92GbkBufomYePd4CMBsoXepe5FR_r86Qj0paHV3-n5mXtQut_yqrkprbkAJsYeHhFdI9Eaqoa4TpyU-Pb-sBFEk0CpXc&sds=2&rev=85089&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 970C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 970C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBSlwgANY4IH_ZNjAAw4P9HQdHZxTuK_kwWdIQ&u=%7CViYplcHJOKz66kZFdAeBDUfI3gwAA0ooDoGkgsugar4%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-NcO5HPl8ue5ZO08dZykgxuoRKr8RifmbWyWW0Oo32yS-D7CJBQDcHpaQrQpmoNJogk3J6bwLu7eeX8cJimdasOVOYcRsFK1AM344YEo93pO3v8TdmJ9selMu777RLAuNEr-SkG1aJUe6Nxa-yPtGeaU0L5FKYrH7zgAyTtF8h5BQas8uwl_wJrHYN8pGX2W9LVgfjc4LDpvo50vYvm-TipBWarH1tra-D8EivBC3dRTQ58hNApILgMzWJb8xMjJcHwqjYgMvMCZa-lPQpf4yF50DhEZ_vLEIPK5qHu4-Qhn26jlJoTSQocGydjdigMBOSeUlCfdW2AF9g8gBCtNEbY-HLyRewYrat9i3E4Uxd4rNDHwmU8IL8Xh7QjgNXtZbW6tppNBnEYQghtpra15yFmXyxFF4Fhxs3QDyYHRWPCyrdxk6XgzDub59ayhvw-JrneDaZkZ8XEJVzlnUsRb8MYEGvYTf0H5DFIPCNAQ9WdJzLJ0jKbL3lJIFbsuOy0Tu5X0-O-UKqUVSmoVOswWGiWAfh8QoXh6aA2IE8HdEfTG7IPU95iKJgU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJ0_swqUUZILHNeOm9u8Pv_CwwA3JntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTU1MTIzOTA3MDUxMzc1MDfIAQmpAhf_RujQ2rE-4AIAqAMBqgSGBE_Qn6eoAEJQ421Xvh7-0F0-LBpiRLqSYNXdP_CurlCxSuX3K2L9oks3xe-75TGvtP8a3zbpAwov9CdK18T6PMuS_KZnmvDkZgvVR0Q0QiW1IScLQfwOYE7zyl9kEnyP_1GM6g562E_ZyeiJB_UNi0itzhMyWs9mlPA9cGbnDLN0gUTBBJe8QOVksrGnIsIYGX2Yjti04cWPe4B3-FR3eA6ZLd76PChHrZqAfrGi_AhVpeiQy3aSywOwOA6OShNPpBShppn_0hXMm1lOZAtk6qwBLqG92p9AMEZB6r00d2mdhViFL7BAdtNJsv1a30qseN56NltqHA-ttLWVMMlNlaZ-D2XSONnWtZHlJSuR6vq3drijjqtacPloa6nK7WimzHgVgUD8z837lpEViIRanaTSeH54qD5PiyxMU928zfhS1_wcIxInauMszJYaJHf1DrQjl6xBM2Bpt2U2iF_41aLrE2JYoKxKHc0qkjEdPHkfzRPYfK6Ib9AQFHVVExY7E_BiswZdtVeIdlbH9k_m13j_07h7g_tOZmLNh7qgW5o4oN2lqdP-NF44OCKwH8gdqYgKa-Lc05Y_Il3zIjsagOEfzo3xWoZDVMpGdNz2dxfqq_2QCBfe8yBPf0oUOB8Kz3FhR4dv8gp2H2bkGRnCZ2sk4KyjFWYWEPgRPc9Lk83hLIdsCVUo4AQBgAbn44zkhL36rt8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1M0hZJdQh6hB7H2tV3aQT4OoJEug%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Mar 2024 17:39:15 GMT
t
t.lkqd.net/ Frame BF96 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:16 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:15 GMT
server
nginx
collect
stats.g.doubleclick.net/j/ Frame FC96 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-135169144-1&cid=851671611.1679074753&jid=365739344&gjid=536698445&_gid=420777504.1679074753&_u=ACCAAEABAAAAACAAsD~&z=891426686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Mar 2023 17:39:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 1BE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.lebanonfiles.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:15 GMT
server
Kestrel
server-processing-duration-in-ticks
940197
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Mar 2023 17:39:16 GMT
cs
cs.lkqd.net/ Frame D9F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2513476238562266645
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame D9F9
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=dedf0352-f68b-4e6e-8740-a117da1e2c7a
date
Fri, 17 Mar 2023 17:39:16 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame D9F9 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D9F9 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame D9F9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.125 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=aDzOlUqzXD1vJKwr3KbdCFD_B2U
Date
Fri, 17 Mar 2023 17:39:16 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
sid
mug.criteo.com/ Frame 1BE8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lebanonfiles.com&sn=ChromeSyncframe&so=3&topUrl=www.lebanonfiles.com&bundle=27lKTF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdsNXBLbUxXRzQwZVZTNjQyN2ltZX...
  • https://mug.criteo.com/sid?cpp=OEFcFXxVanNvanhCSTJhbWtXVCsvaUxlWVB1QnRHYmF1VHh4UDNFeVoxWERKdENiSHdmNVFOckxGcGcxbTNGRUtzL0E3dmpIdGhtNnAveElnSlV5QnBJU0F3TGNKL0tvV0JseVQ0bWZyZCtTM1RKZFdYaFB5OEVnK0xXNC...
439 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OEFcFXxVanNvanhCSTJhbWtXVCsvaUxlWVB1QnRHYmF1VHh4UDNFeVoxWERKdENiSHdmNVFOckxGcGcxbTNGRUtzL0E3dmpIdGhtNnAveElnSlV5QnBJU0F3TGNKL0tvV0JseVQ0bWZyZCtTM1RKZFdYaFB5OEVnK0xXNC9QL2J2NnkzYlhKRndqalVFQ0psclByL0hhb1NSQWdCamJsMmsvMU5qa3Byc2FXbHJtNlVNaXUxbk9aRHoxOWZuaGtZSzV5R3N2YUluRGxqK0ZWNFIyYyt5clh3YkpXZkI2MlJ4MGZLOVpiTGd2WnI4ZEZYdklPeXpEVEJ1emtQakY5cEhic0xPVUxQc2VpMlhHWm1nV01MMUxvQVNaUGVkUTFEdGlkNlNnek1ITEdsNUplST18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b0ca3a5c19d981abb885180aaa4aeb38065ff343a9517667a7bbea2fbc00166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2517513
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=OEFcFXxVanNvanhCSTJhbWtXVCsvaUxlWVB1QnRHYmF1VHh4UDNFeVoxWERKdENiSHdmNVFOckxGcGcxbTNGRUtzL0E3dmpIdGhtNnAveElnSlV5QnBJU0F3TGNKL0tvV0JseVQ0bWZyZCtTM1RKZFdYaFB5OEVnK0xXNC9QL2J2NnkzYlhKRndqalVFQ0psclByL0hhb1NSQWdCamJsMmsvMU5qa3Byc2FXbHJtNlVNaXUxbk9aRHoxOWZuaGtZSzV5R3N2YUluRGxqK0ZWNFIyYyt5clh3YkpXZkI2MlJ4MGZLOVpiTGd2WnI4ZEZYdklPeXpEVEJ1emtQakY5cEhic0xPVUxQc2VpMlhHWm1nV01MMUxvQVNaUGVkUTFEdGlkNlNnek1ITEdsNUplST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
614418
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		754 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667768734399428&correlator=3616342195360418&eid=31073110%2C31073151%2C31072515%2C31070233%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fifs&iu_parts=21894097782%2CLFiles_1x1%2CLFiles_728x90(1)%2CLFiles_728x90_970x90_970x250(4)%2CLFiles_320x50_320x100(3)%2CLFiles_300x600(2)%2CLFiles_300x600_300x250(2)%2CLFiles_728x90_970x90_970x250(3)%2CLFiles_300x600(1)%2CLFiles_300x250(2)%2CLFiles_728x90_970x90_970x250(2)%2CLFiles_320x50_320x100(2)%2CLFiles_320x50_320x100(1)%2CLFiles_300x250(1)%2CLFiles_300x600_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14&prev_iu_szs=1x1%2C728x90%2C728x90%7C970x90%7C970x250%2C300x250%2C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250%2C300x600%2C300x250%2C728x90%7C970x90%7C970x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600&ifi=4&adks=1850051439%2C3611282516%2C3237839583%2C2677343658%2C2205192521%2C4179594712%2C3352391512%2C2291320453%2C539932965%2C2342546863%2C348188995%2C85745273%2C924770649%2C3939129125&didk=953092430~3641825082~2120025922~470097312~972599023~209599808~2120025891~972598990~2938743786~2120022019~470097283~470097250~2938743755~4106390875&sfv=1-0-40&prev_scp=floors_hour%3D17%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596%7Cfloors_id%3Da992c2%26floors_hour%3D17%26floors_noresponse%3Dyes%26floors_responsetime%3D-596&eri=1&sc=1&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&abxe=1&dt=1679074756122&lmt=1679074756&dlt=1679074752120&idt=1192&adxs=1599%2C290%2C-9%2C-9%2C-9%2C1185%2C-9%2C-12245933%2C135%2C757%2C-9%2C-12245933%2C825%2C-9&adys=180%2C10%2C-9%2C-9%2C-9%2C998%2C-9%2C-12245933%2C991%2C246%2C-9%2C-12245933%2C1545%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C0%7C0%7C-1%7C-1%7C2%7C-1&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&frm=20&vis=1&psz=1600x4230%7C903x-1%7C0x-1%7C0x-1%7C0x-1%7C320x0%7C0x-1%7C0x0%7C320x250%7C1370x0%7C0x-1%7C0x0%7C650x250%7C0x-1&msz=1x-1%7C903x-1%7C0x-1%7C0x-1%7C0x-1%7C320x0%7C0x-1%7C0x0%7C300x-1%7C1370x0%7C0x-1%7C0x0%7C300x-1%7C0x-1&fws=4%2C516%2C2%2C2%2C2%2C4%2C2%2C132%2C4%2C4%2C2%2C132%2C4%2C2&ohw=1600%2C1600%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C0&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=true&ga_cid=420777504.1679074753
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce0de054fe43eeda32f2cf4b4e09988e7645402c76140490e597bfee6e35c61e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvilfPA4_0CFeue_QcdkHcADA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6897791936204111872/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvilfPA4_0CFeue_QcdkHcADA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6897791936204111872/index.html
date
Fri, 17 Mar 2023 17:39:16 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128966
x-xss-protection
0
google-lineitem-id
5507213652,-1,6012624441,5436026142,-1,-1,6012624441,6012624441,-1,-1,5436026142,5436026142,-1,6012624441
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381865323,-1,138392782968,138420579968,-1,-1,138393258382,138393259624,-1,-1,138420579953,138421229467,-1,138393259786
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		145 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=667768734399428&correlator=3616342195360418&eid=31073110%2C31073151%2C31072515%2C31070233%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031401&ptt=17&impl=fifs&iu_parts=121764058%3A22548546259%2Clebanonfiles.com_SF%2Clebanonfiles.com_W1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C750x100%7C970x90%2C300x250%7C300x600&ifi=18&adks=457888345%2C3555665173&didk=4290544290~1496537735&sfv=1-0-40&ris=1~1&rcs=1%2C1&eri=1&sc=1&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&abxe=1&dt=1679074756130&lmt=1679074756&dlt=1679074752120&idt=1192&adxs=315%2C1175&adys=1100%2C1013&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&frm=20&vis=1&psz=970x-1%7C300x618&msz=970x-1%7C300x600&fws=516%2C516&ohw=1600%2C1600&ga_vid=851671611.1679074753&ga_sid=1679074753&ga_hid=634927576&ga_fc=true&ga_cid=420777504.1679074753
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a8cf336bd0e88b85f0ae919c0ac7f13879de9b92fd189a3df75b10892493895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40385
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C11 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvICzypa-sRbzLnkJG1SXIQECVXiiSF6i0c59ZDWwVF2GMSSBIPb6dgHRRbpXoOktoKcE-T5gXK1SOgIFV8aptxbXCrsuNznZzWAvLDT-Z5k7Ud5tGhpQyLIL-krKmq8PDSBWQ0Bw&sai=AMfl-YT2BG7Ytc-Y5o9Txng52_iepOJjNRc2sEoR-OZA9ZKzF2PXrzi5aZ3MbfPkqaPt8PK1NimVbs6f3hi-M2yknU1VYqVGlBmauNpc_hlijUu_0FWBlUrMMnZJebp1&sig=Cg0ArKJSzFGCDy71s09REAE&cid=CAQSPADUE5ymHftsM14UHRyTn21SqbjCORhUHVUoPT1h9Togg1uaG2wupo3kL1RM-IGBurJzKafdUyEEx8t5fhgB&id=ampim&o=315,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=381&tls=1381&g=100&h=100&tt=1381&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame FC96 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1679074756538&d=9074&wsc=ab&typ=embed&mobile=0&c=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.54.87 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w16.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
last-modified
Friday, 17-Mar-2023 17:39:16 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 78E1 		0
0
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 998D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame EDDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdlbUxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT8A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-2JfQvX_J22jNnkSSKU50RgplmEIINaDkOs4ML-3_JXK7l-8r_WPgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=zHg7aeuqYXM&uach_m=[UACH]&cid=CAQSPADUE5ymAFHhQBUk2Eus-2lVTPTz7XsuH1yerc9fn3ilHR4xr_TC9yX09bcnEVijt1IOd7Rb9aOGQTddtRgB&tpd=AGWhJmtXuZ5qhh78-43NpdQ4hmp0oQe2-Bo3hcXEI6NaIdyIWA_BylDKBZHu7i9-u4Tn1Eykef-0IoDRrGCs4x84LHfqPBpA-gZVZUMsvG5wnpNQRF4I1iCR8two40lOtXOOZuP7o7r9guS1p7oUOYKXJJYcngv8BRbH5cx2v7_HKptFlhNy6cd73Q0uiiGjHj4zVARzEJm2vzQqJYiovyWIFFI_O8YLdEBLlcCdzdAromyawDA0faH3si7pggOMgkOEgNaky_KWM9uUj8I8IEpXOhOZBhm5Xi3DtVyPVVgAswEUZJT2ZD0gkRAUUu7rfN1bxdGq1Dq6yBIJK6SXFEjLDYxisOcfnV_F10HBNNq3PJvTeaUhxV0CYcqF9zPN7nvGVXwlboooL1vV_zHkClRKKAnufCem1SlFT5QSDFuEDzLKHKnTUrMsdVpuPFAVeINZv0WS8oUpt2DGIb0pIXqyXzzfZIFH6a18vvlcVY0Fvs3uHE3qocdGfzeSUXF3cpjqSNALb4QwWBtWj_6hj5yDEmjfbdiObN5bXV95Z6_m113G-VT-2T1NID9Zc568DysaibpHcIAZjbGCuLG5Tsd6sCNlP31qnvv1AxB8N1ersHk5ypV7yiO5ya62EzDrkgCY0I2fNUm_NTU54Rb8u2RmMN4ViJUa5PGlaX8Jo-XxccNzRakYrZIAAc9FPys16S9oVO8e8QibdV84jcMpeEJEcczgZf4A_JIoGINpEZJc7hFRBUGO7qouXHJJe9BR3R5cJkpX51uD7xdoiZo9nWGmM1eMUKUFvQ5He9CkCvJGluH6SNwTDh18u18DA90xPeconbjhgbfWqSnlmNemNBVYWff5OwK1zvs5UgVDHkVQgsE7Ay8HA-nzsT4Be0RrDjH8rRm0lBtUqR0PkDfKxjyEjkqGwGx2w4yuBAKmjXgd4Im9gunVAKP3nBLjdJUj61C-WGGpmiK7J0ty3nhjR_pcPTAOWAAWAsA3yN7DpdoadkdGA1KMxQDOgttKQAkns4C0Vx-_zxbav3MpR4ZEcAI_LarId1SQwfBlQkEWTg1rsY7q0u9r3_5yY-zPZVxGleK88jgGcCTCS6e4AN6n22ERA2P9XqVLaNQDfZCH4GWb8mDpYrGKkwNyfg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame EDDC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDI5MzgyNzQyNzM4Mjg2NTIvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LWZmdTExR0pLempnWWJrOENSUjZXMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQyOTM4Mjc0MjczODI4NjUyL3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItNTUxMjM5MDcwNTEzNzUwNy8/jY-pre8XTmKONL2epMsDQNM8o7g&nodeid=4080&group=zrh&auctionid=2942938274273828652&pbs_auctionid=2942938274273828652&shardkey=2942938274273828652&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.135&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%26client%3Dca-pub-5512390705137507%26adurl%3D
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.382.0 /
Resource Hash
af2db4ec88bcf35f3ccb8a978dacf76591dc2c541b5c5b22c8dc79208eb8c688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:16 GMT
x-mm-nodeid
4080
Content-Encoding
gzip
x-mm-bid-request-time
1679074756
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Fri, 17 Mar 2023 17:39:16 GMT
Server
MMBD/3.382.0
x-mm-latency
1 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x39, zrh-bidder-x71
x-mm-lag
0
Expires
Fri, 17 Mar 2023 17:39:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame EDDC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame EDDC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame EDDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlOSWV8_IMqmnvQXE0lcqjgJWzoRxgNaTJET3EeEq_Z4xszJJs4-LDWSx2LOTGbLOgE77COkDVEJGWe7q4VCuiNPnhyQ
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EDDC 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 00:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Mar 2024 00:05:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDDC 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:16 GMT
css
fonts.googleapis.com/ Frame 998D 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 17:28:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 998D 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 998D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ3eJxKUUZIf0DKaE9u8Pm7igwAzvg8Shbr_Ir6y_DszHmqb9CBABIKqAwyJglYKAgLQHoAGwuqHXA8gBCakCmXR9lTrVsT7gAgCoAwHIA8sEqgT9A0_QJc3VOZobe-DY7LybzrNiBBid-1f-ITBHMTuio-defNw7NsUMv5VVfgP_Cp95PmZf-3gHbwSR-ZRrSHBdHo8F1bLtcoFrzWUnImhi-CamzyTE4IRB7hIVN0rgC7QNFjQLabbMhnv2_qg3YAInoRqOhJRAJhZFRxtZ6yWOrghCp6hPEDW7WosUhXmYS-5SevrezJJGfVN8XOc6PvIrHIc-NRrlwoV5qWasDVcGAvAIpTW0G5uN9NxZWlp5DxpBbjwMXGiR3xtaL3K_qyedQ8-WgruSUrtV_XacqFMNuw_fJCH-HfSzcKKKyvWH5BuIokCdeOUVmMvGe9nl2yHKxwBEg0RYhnumQz6i1GzNQGRZziTkkNSqvVgzFbOB2rOtCxLyc1mnXy3qfNP_ZAgtclNMD_36rXGh_4WAcet9-CYF3DIvVfgF1a53Gmv-GzOOuqxc9cTHlOyEQcKyI2_06GGWsEpA3ThmoX0WGUnHG7bodzG985GCW94-Rg4lEHbzwgCAAx3vyYLra9PPFv7YmjwX7LkhhbXxLxZdu8DXmcde3UP4zazRVGpJ8c_0goaac5qR4Bo1JZ4XLfAQIQgya1piJCyO4xI-tHe9OYncfV68cUfYHe2XPogMZUwsbdetZ5TdDshlR1nKddeW_tNhEBxgE_mBXuh4ngtoCwwWwATJmKmq4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCXlwPSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA4NzMwNTAxOTU4NDQ3NIAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi0yMzgyMDEyNTIyOTc5MTA4GJLvIQ&sigh=XCDyzeJzgoo&uach_m=[UACH]&cid=CAQSPADUE5ymAFHhQBUk2Eus-2lVTPTz7XsuH1yerc9fn3ilHR4xr_TC9yX09bcnEVijt1IOd7Rb9aOGQTddtRgB&template_id=494
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 998D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 998D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 998D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 998D 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:16 GMT
cbfababd91166e5076a7e33bfb78f317.js
www.gstatic.com/mysidia/ Frame 998D 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 01:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14337
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 21:42:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 01:51:49 GMT
truncated
/ Frame 998D 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 998D
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 19:05:25 GMT
x-content-type-options
nosniff
age
81231
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 19:05:25 GMT

Redirect headers

date
Fri, 17 Mar 2023 04:40:12 GMT
x-content-type-options
nosniff
server
cafe
age
46744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 04:40:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E8CF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18955
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 998D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cbad294c2f2ce4acd63546e56bea6160edef2c9d977d588bb1b93c0318a247b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame E8CF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEZF4Hiug22l5zgaeul07-0&google_cver=1&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8um...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8umU3zZmhBWxcmS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8umU3zZmhBWxcmS
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MT3 569 46451a0 master cdg-pixel-x33 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-OsrVsC2-FW6QFX28pps0coS4WOpjUXhTyQq2iytLhHX4P_X1kr2JOYp4yHLuB3Gvh4PEHPM_HpGMVB8umU3zZmhBWxcmS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Mar 2023 17:39:16 GMT
pixel
cm.g.doubleclick.net/ Frame E8CF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEjvTHq0LFXA_aD1H8cMGOo&google_cver=1&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDz...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEjvTHq0LFXA_aD1H8cMGOo&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDz...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD&google_hm=dUIxYWhtSFU2ck44MzNl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD&google_hm=dUIxYWhtSFU2ck44MzNlRWo1T1k=
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx-8HhthI81-VCjagW_Ypu9YRripDgcK-hblKQwI1s6mWy1j9Coj9VJmwZEkPg95iqHegFaZXSnSHwFDzwu1xUMqvwYkN0AD&google_hm=dUIxYWhtSFU2ck44MzNlRWo1T1k=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
dsp.adkernel.com/ Frame E8CF 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMp0McIQNxFp9NMItgKRfKo&google_cver=1&google_push=Aa02lx_nY31nuBx1TwATkd1SspjpPwqs0nmJtmHmhC77qrV3SH6hSZpsWNa_aF5x6pB9nICkoco9EHSaj6T7JklRI4OoYnclm23j
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame E8CF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELFBE3pJYIx_Y50cWQ2luEg&google_cver=1&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MjMzMjYzNjU4MzUyOTU2MTY5OA%3D%3D&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MjMzMjYzNjU4MzUyOTU2MTY5OA%3D%3D&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ0MjMzMjYzNjU4MzUyOTU2MTY5OA%3D%3D&google_push=Aa02lx-FegilA-D7aiYOncW2-CQ7EniiDE4tAjEH-8Tac6DSkbmlaj9LYCczPiBq-ojYY0GPdiGwff57lvTFtMqR0OiRxBMi540
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E8CF
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEMOL6PqPyuivjUEtLxWv2wc&google_cver=1&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaIty...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_&google_hm=WkJTbHhjQ28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_&google_hm=WkJTbHhjQ284WHNBQUpMckZwVUFBQUFB
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 17 Mar 2023 17:39:17 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEMOL6PqPyuivjUEtLxWv2wc&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZBSlxcCo8XsAAJLrFpUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad348"}
X-SO-Key
ZBSlxcCo8XsAAJLrFpUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad348
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx-WTkKqaJtSa6_gMHqfEk9uOiqWoDi-vOi7sClBEyus3dCBcqwLtidFtifE8Q7lWZEhyaItyTgK1HjQfjKcP056Zpy97I6_&google_hm=WkJTbHhjQ284WHNBQUpMckZwVUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad348.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-IP
80.255.7.101
pixel
cm.g.doubleclick.net/ Frame E8CF
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEK3YFG8tqbiqF1bHz9GENnI&google_cver=1&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr9s3AAxBpNrG6PrI9CpIyat_f6AWfQB7TCkKIIc0Ff3P8Q&google_hm=QlMuNjFkNS1iYmM5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr9s3AAxBpNrG6PrI9CpIyat_f6AWfQB7TCkKIIc0Ff3P8Q&google_hm=QlMuNjFkNS1iYmM5LTQ3YTgtYjljZQ==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx_xpdgQKZGqrgE_0JvZfZ9kaN9z9hdw-L1fETQ8GVLUMUumrSAgr9s3AAxBpNrG6PrI9CpIyat_f6AWfQB7TCkKIIc0Ff3P8Q&google_hm=QlMuNjFkNS1iYmM5LTQ3YTgtYjljZQ==
Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
/
onetag-sys.com/match/ Frame E8CF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBNm6oQurkvDi0ljtOu9xlg&google_cver=1&google_push=Aa02lx8ODBQw1Uf8digrNdYwy-iG-Lymxi-oJG6jl-O4PZg8-1BrmG5unhoygcdcGryyQcwfTAZd-zOCueB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8ODBQw1Uf8digrNdYwy-iG-Lymxi-oJG6jl-O4PZg8-1BrmG5unhoygcdcGryyQcwfTAZd-zOCueBeFg8rlPaIs6Kri8C7ug
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E8CF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0swj1XCpZ2a4Vy7SAUoIboXrPJ5Ijw86vN6U8u_kRtcXupMPMnZ6mYDjTNX7-C2UGyrR2x9Y
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 998D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options
nosniff
age
130688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 015B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgZAwAfYlB_IA-ikGLNwAxCmKAOdBQG0-gIsSsK--1Ioblva83JzII9eTHsX78wNQAywjrsVZGtvgStrzQ6_TucKMPzYLPPswaS9YIgHTwl5Mf0L0vFLqdg0SP3Aax952AI10W63YhFq_RzIksDyFZqf-_lQhQ0ujcK1feqEkK77uVP_3DoRrHR-LogyDV_owHNwYKBjYPk3lOdcG-87v3C14s4S3OGrebgpnZmsSj_r7BelptuUWeUM9ZLSw9tEn_VV0lCSXicAqX4nyEXAaZ2JETo1zh7u9y-6dr1KxPTjuwkTnupDhF02WXFOHIWUWVibSnWNe2f6YtuYRvkibOxiMyHg&sai=AMfl-YRkXfU0djnSJugyGN7xE0XXmGsa5610q57J0nBirnk4NMLirQ38exNTv_fpoHrA_GXUfPWhufO31aZvkDCm9RPiXiJhlbp3h6VQFfSUTTMuGBE-odnq8o-USBX-6aM&sig=Cg0ArKJSzPTGjrywo0qxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 10:57:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6357c112-63df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 015B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF8C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 450B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxEvx-0fqgrUCuYJuEbUXIm85G9rpT_i0vjJ4DIvK7p7qyeiU7iWMqAxWWFQcChL3r62Pv8LIUh3L96G2Z-EEREFvbXQYufUSGKTJ7NrwrOd7MZDFqfW68FrrNcvqSe4fmJTA_eVvlYoXTBveSZDzd3DzVMXuH02jR17eALbbrXRH3ITVEA_d9OwK1qUI7IWDxD4SnwwXHzEfoyfyV0sX6LZB3seESVEjcFuQN8e1ya8Fnzo9MCVYr8VTrSdbcY00wAr6r0Rh0ZRK801Nydr-oYNAXiLpE2zkmWBRvs9Epw2M3vkIYLMANMdHuVCORUQpb7ybd_k4A7siULg&sai=AMfl-YTY8hsWEvt6qdRhLbddS0Jg6OhxfcTmayZiEsWvD42LzWqmuiBbm7PDBkVnov8-uOgtoJq57S27pJzTIaF8R2cWOzjhF8raVR6POg-B5q2G4dhL-srrCljj5r4DfXY&sig=Cg0ArKJSzMSmVmD9k_KjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads.projectagoraservices.com/ Frame 450B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=14314&schain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
52799c39d821f55fe7ece5e312290e9ac8f100b6a0559ec4dc88e453aef4aef9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
1888
expires
Fri, 17 Mar 2023 17:39:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 450B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 885F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3527 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoq8QlhjznjPS95wtrIQRacaUB7_iXxLu5pKL9rjA_W6bHjw_0sq0yG-fzC_Dh1w5VB7XvQHm4iQB5I5fL0hDN6IWvYYWzCL9D7fPy_XgZFzf6TDebN7KbjHT2ewFemUtFsUHPBGVP37yYPVOtsRe5_AlhJrFCzuiFM5FJ6ro5MU6AAM9LnTHppGfn_d3sNjUDNwUwdSHIxHJXG3uNX_MHF30xuqdqQDSKWut_2noDA2DyJOiC0B_Ov_wIKVJk_H4crzt3TzNAZIWWW6IJIhvftHnkbR5KPjmfaBBq1M5Ep-KwCXqSPdYOKs_STvz0_pviSjFGEByW2l9EVRXmGEp3kSM-yJ4&sai=AMfl-YTOLbY2Z5e8Ds4EyIKnuleEzZzA_Xff_ZYvhn-n8VazP-TMpW4VQdM-1IZNeAyBmsRyys8IxcWt70uPMo_pavOAucPKMsW-VSGVRmM3ARV5gnM5cTYOuC-vA4vdKmg&sig=Cg0ArKJSzEble4goXePrEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 3527 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 3527 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
l
www.google.com/ads/measurement/ Frame 3527 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSV2VtKFvl4Gc2-9RIvJNQZe19zIUeZ4HjEWhyPL0qLNyzk-w32DXjHluUwBsGdVt-OFpkR9aPFcDDiZtKZ6cdsKSspTg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3527 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
2480297202195357521
tpc.googlesyndication.com/simgad/ Frame 3527 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2480297202195357521
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 16:33:33 GMT
x-content-type-options
nosniff
age
176744
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 10:09:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 16:33:33 GMT
container.html
30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 484B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031401.js?cb=31073151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:14 GMT
expires
Sat, 16 Mar 2024 17:39:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame EDDC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2942938274273828652&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
4e38e9a14a0fdd979519a0d0133ec80d7e7ed20415c51d49c6a5c15641779dcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3737
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame EDDC 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=2942938274273828652&node_id=4080&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDI5MzgyNzQyNzM4Mjg2NTIvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LWZmdTExR0pLempnWWJrOENSUjZXMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQyOTM4Mjc0MjczODI4NjUyL3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItNTUxMjM5MDcwNTEzNzUwNy8/jY-pre8XTmKONL2epMsDQNM8o7g&nodeid=4080&group=zrh&auctionid=2942938274273828652&pbs_auctionid=2942938274273828652&shardkey=2942938274273828652&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.135&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.382.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MMBD/3.382.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x41, zrh-bidder-x71
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 17 Mar 2023 17:39:16 GMT
img
pixel.mathtag.com/event/ Frame EDDC 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2942938274273828652&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDI5MzgyNzQyNzM4Mjg2NTIvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LWZmdTExR0pLempnWWJrOENSUjZXMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQyOTM4Mjc0MjczODI4NjUyL3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItNTUxMjM5MDcwNTEzNzUwNy8/jY-pre8XTmKONL2epMsDQNM8o7g&nodeid=4080&group=zrh&auctionid=2942938274273828652&pbs_auctionid=2942938274273828652&shardkey=2942938274273828652&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.135&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MT3 569 46451a0 master zrh-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Mar 2023 17:39:16 GMT
img
tags.mathtag.com/event/ Frame EDDC 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2942938274273828652&st=4562306&time=1679074756&nodeid=4080
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI5NDI5MzgyNzQyNzM4Mjg2NTIvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LWZmdTExR0pLempnWWJrOENSUjZXMC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yOTQyOTM4Mjc0MjczODI4NjUyL3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItNTUxMjM5MDcwNTEzNzUwNy8/jY-pre8XTmKONL2epMsDQNM8o7g&nodeid=4080&group=zrh&auctionid=2942938274273828652&pbs_auctionid=2942938274273828652&shardkey=2942938274273828652&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.135&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%26client%3Dca-pub-5512390705137507%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.382.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MMBD/3.382.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x81, zrh-bidder-x71
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 17 Mar 2023 17:39:16 GMT
css
fonts.googleapis.com/ Frame 0C4C 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:08:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0C4C 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0C4C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4s1HxKUUZJzjDeu99u8PkO-BYO-DxKFuv8ivrL8OzMeapv0IEAEghujldWCVgoCAtAegAbC6odcDyAEJqQKZdH2VOtWxPuACAKgDAcgDywSqBPIDT9DsW0WcskEE1XbVkILDDswOMMxBufQUrFYIAbpYFF8NtZRhavvVEgTnSfgodZUYktquK6IbqjbGhY68eJXy3YHc7__llz0IjYEem4MLqhQfkyI5vTayXVxd0ARMOMgMAtTndZe9BgNd7AVXp3j7sKftHRV1-1bUh7DW2YCPLYSlGHyUQQBfXbm1k0l78t8QJl6zBnmoziS6YbuDp0fQ56DZ_HXVw_eR6ZR7BICfWcPk1lqf9l1BzKymplvNbedfOtkaG_m31xPMcRXDWwjmj1-NNlTe5q0ZGf6WKM6IKJMTpR9Q2zzQ43nF63WCs1uWa-NDPGwxPjqHaQ7pYYQ_yC7HX88E0Pva-B9bKZs0jde54WAboV01KPTn-ORSlaWy4XKkJClGQTucWRcyoDELxpPE2-BLy4Q86lxtGYjUWGw3JiA1y8RiswSB4wPf1QOQ6OMXdtgMh5Xxw59cF7tjNx8uwdOjCxXL6sHkgObYr58ZSjnNJNWBNNrzKDYUw9_ZnGCGQYLJcIn-8oEKcS9OuJvv_BJBOjdHCXKqtKR4izsxGbrAOwVpR3E7rSLY_-gJClqJl_cQZfaB23GKauog3yoOrJraRySwe7p3uytO5pG2MQjG0rfs54AvAUcLWx5_SjHQAt3dj2uoiX810qz3mymMwATJmKmq4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHAxCMYtIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshceChwIABIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=VF-7Kj99sNo&uach_m=[UACH]&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&template_id=494
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 0C4C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0C4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 0C4C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame 0C4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJQvLL6lyJ-SaO8po7RrAPO13kHvzZVM1qzap8mEtQDcOUUJAZpEE-v-RJkGUraqRDnXMzqp70HFMb3cT_M3r55b_xvg
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C4C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
cbfababd91166e5076a7e33bfb78f317.js
www.gstatic.com/mysidia/ Frame 0C4C 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 01:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14337
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 21:42:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 01:51:49 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		1 MB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aed4f2ab210632ae77979398599bac1102a939e094b85284752fe9bdf8701dfb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
160151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
68920
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 21:10:06 GMT
expires
Thu, 14 Mar 2024 21:10:06 GMT
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame BF8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsaQOxKUUZLvwDeu99u8PkO-BYKah_cRv64fprtcQ3fjDzvw2EAEghujldWCVgoCAtAegAa6T4L0CyAEJqQKZdH2VOtWxPuACAKgDAcgDAqoE-gNP0BCFQVyOTYjamujgpVoq79-ZTQUxFv8YQW_h8HSJN7Rg3h6k20p9IZlCN-bouwkatyY3CZV2WoZSXr3yXfoz1FjLhWqtY8t7dWIhY2x__1K4zwpxJEXVlODantQXAuQpRr4E7Nx3RsKPR-QbMyTs3zVuSFhNdJbKV6n7Bk5IWJM5a97or0sxfH4Z2bIJtSJyX3Sc4XsUAvuLbQizxfEX3me4wsc815E3ieJjIwHXRbN3xXKXavwmAGTPkZ-7eZ3SM841LWTKsUqneWOIcfmVvjGudZ_ytNYKCspYlXewItr_rRD0hkjwjeEUS8rzt4HmIKkLPsG8VK2Lsyd8h6WT6dR0WlBooNZRzURVm11r-1xFll9YnTCWFakCISbMiXQSHoX_2qaObqL_UnuhMf1CfACpoT--EEhejuuucGsZGLSGDKDS9ZXWREUJ_LoAphOQcP-JgJnEcnyJGkSB9xTayWLFz6hsYR6_ldBrcx14tI7DiJH0pi5-g3ZhIIa4mjeF5exvf37M9q7WWq-MyU8c2LfXuJjSjUuMCtIaClBnbVkMtYYl7ynnSQYPK3wi05PAT2k2_I5U5Y58K2iZe4eRGlyr1iYSDo91ecej1Mk9ihUfQxkMN1Obb0zZucD5OHNynnhfGslofbaPakSz9fI4O9zCCz2xOWVobMAEj5Hv4KAE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB7rsn8IBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuLcE0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=FtbbWLsSVCA&uach_m=[UACH]&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 94E2 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 16:56:42 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame BF8C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame BF8C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
truncated
/ Frame 0C4C 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 0C4C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 19:05:25 GMT
x-content-type-options
nosniff
age
81232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 19:05:25 GMT

Redirect headers

date
Fri, 17 Mar 2023 04:40:12 GMT
x-content-type-options
nosniff
server
cafe
age
46745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 04:40:12 GMT
css
fonts.googleapis.com/ Frame 885F 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:04:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 885F 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1HVVxKUUZJT4Deu99u8PkO-BYO-DxKFuv8ivrL8OzMeapv0IEAEghujldWCVgoCAtAegAbC6odcDyAEJqQKZdH2VOtWxPuACAKgDAcgDywSqBPYDT9DI6NVyJfjCKR8Xfufo-yCq1Vf5orJp9YR3kIyBYb6ji8-fvRmsKbTRK6PMNUHiLWnNSU6gJ6itCV4ug1K_i4AjFXI4nBo5rZhPhiGNiECYvjptYPb40naIjy5riYLbCqxoqyLRxhqXuK4HEwepsJ8N37-mNjSJ--dAVLUj3jom6BW6VdWGGPEdXnMWo0dVCQ84AG0F-fo3ZqGhxrwupB-YyFGbGoTOUbRfob8WJUhVDBIa99M6U8wt6y49b6jRPDY2QrFGTKU5f_2_-BK5qe408zQEqfXyF5JNmt6IeWbuiTpdyjTLDExbEdh9GFSkpRk7wd1O26q4i3D3FN2V7_dHgBfEboV_Pgg82i1cwBWLEhAUYFW8aCkCdKIviGw-gN1kBEC5sKooFlnuE1r9UQBjT3CUpvFLVckjIRIMCzmA5QfL1MzjPZ2uaZgwA9PFL8EtuIR5gqhH6Q2GWyMdr-6-ZqKwdx-JB6VZwcykQI1BB2-8udPI_MhaTCk4UPEmiqbXL6k_OefzPhr8s5Aq_lIRVTbHrK176_f6mPqsMNANCiHg7PuIOAYbU8JdBYYEToFfWJTQPiupz5NWVOeh0uUQXuuwQbygXz7sBMSq47ox2zHtf-OwFmhtjtu--aPO_cBl_Fo6BUKCni9diRm2pPtCQ0_7_cAEyZipquAD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ0aMB0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=cNnqvgEYleA&uach_m=[UACH]&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&template_id=494
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 885F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 885F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 885F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame 885F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7nNy17pCasCXuwUJTM2O-o0GRmg1Rx-7y9CaAa9H1mFEN8sjDqxJqaFr7mhACiM_g46BHL7jazooylj3zQ0SHlv2jWQ
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 885F 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
cbfababd91166e5076a7e33bfb78f317.js
www.gstatic.com/mysidia/ Frame 885F 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 01:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14337
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 21:42:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 01:51:49 GMT
truncated
/ Frame 015B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f34f9128b1025f2f33d5becd5c6df65b6c81370f9cc55000ffec085b91f08c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 015B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHJNelqpzMcQZ6TXUP28h_4eXGh9BD9CvvB9Sea48N3E9Mc5QiYxy9bhzllmhBpxtwHX7A2qkqP_Z_-PesJR88pLFKIfMtSNPDhE7dfZXTaFS4Feyn5udTIYoe-DK_yAo6DG-MXfKMFr6dQFqIy2M7yYhIJtr3FPCowyLQw5bLlWRuKd3NfGhx94a9ldA-AbF9a3zk6KB-KMr02qXWdScvAUDRh8K3UpsSJ3w0hNNyUc1vEj4hGqJ1MmJwcy88Fxhl8U1fUjnWGN3SiZa8dY5V8rOsHN0_OfI-a4VWSkCR-m3K-xLM2BeSoF4hTx5OCfMK4bAMZZK40A&sai=AMfl-YSis9CGksjUEikkCQsKL_EN_6h31E7C8ttcVn-51xv1hbCMwKW2OTZqaA-lVuiAcv8koEUoFq75VhwU_1Rz6lBkVJRy7t7BNJoAIAMfxpimbDRGGocHmf84JfTN0uQ&sig=Cg0ArKJSzOBkSXTxIS7pEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:17 GMT
css
fonts.googleapis.com/ Frame 42E4 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:07:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 42E4 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 42E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-XKaxKUUZLT6Deu99u8PkO-BYO-DxKFuv8ivrL8OzMeapv0IEAEghujldWCVgoCAtAegAbC6odcDyAEJqQKZdH2VOtWxPuACAKgDAcgDywSqBPIDT9Doj2Qh2DoQ4gNr_7dRjYTGouzD5TLf36Lm_gxOXkFkvgkH2hlrHG34Wji0rdCyAVY3QvwtRYvzjAE73CnKqAZ9XGoqwWychA_mzHK14yqxvbXqI7HGXOAGjoPuEIeYU1yzUR7yIecrsuNNA6g956Zw1EaRlXgNITrAAuIH9ewnFNKa3GL7ZaCw7bPg4VJyqp9GJ4_DKp0anv2t_7_crLKIjvD2BLYBedfMx1fgv-LwtS7sDHwC8K4DZKTgUZFfr99ICYbGb1bEuEm4xBU1ZD5GQ-rYxib57tlUivLXf0kIppGU5560GIExjrEYft4sIWN4abajPYz9Kq4z-o9VTzC09iC7peUpawBS5vvs1L5u1eqvvUx_pZlYDNOa78NKnYP-hKriAjlVXlEtOhsX-cpapiie4RIUKaDmKCskpXSYsmm_Pds7rOPQxJnjlK8Gvnh612hyev6qZnHurC3mKKBq-GpmDML4Xq7Qu5_gM0ysJW7y9sqSm7lmOYvLsQOdb_7ZfV5hafUu9gBe-7h3-WM-8GF2OHjdhSToPIEbB6E-djQOd357LUyaTVdea6VaOQzzOdWKDHni-cEt_EmvdytoU9KwYCn4hBE-tDhWE3UGZ0kAC8YoXe5BbgKbXwbTfE9zCUglfdrNSZkUl8S8NSPtwATJmKmq4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDMywHSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=jKSHuJPr_zY&uach_m=[UACH]&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&template_id=494
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 42E4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
server
cafe
etag
583283675565503348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 42E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 42E4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame 42E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQENUB1o2rbcMaXmiige9lrlADhglfQ6mI0rDzTAXW1ZLcY55AbVQiG-JlkQxKUgSEER4BiblHBcbPBA9jvleFN55FFVg
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42E4 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
cbfababd91166e5076a7e33bfb78f317.js
www.gstatic.com/mysidia/ Frame 42E4 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 01:51:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14337
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 21:42:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 01:51:49 GMT
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame B35D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 484B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cda1yxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBP8DT9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVQp2C_F2pKS9CQh78Lm-omoQHUiRd3LKKVocfUz98CH9r3w1r-Ln-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=hrXv82aNmcI&uach_m=[UACH]&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&tpd=AGWhJmt7k8tut9LNJIEo2rmTftZCVqtQfHvseLQeHt-RS-TUX6iUm4cIyIfpnTezCXOyj9S7J3O_gG4k1ehvbxZpZ3CPZL8PyHZFxWFH0zJeLsvltUOJNGAW4NngRA5bGx7WwdI_VYVm6u6lbCgq8q9jljPMpm41ym3ZsrvdGO7w-H4z0mamyxkYUcYtwAY5URk6lwwDQXijj2I3aEnGl8A8l0QhoKOk-OYCi5iqbtXvYjiAX0Rsjl22Oj8Sag95Pm1Vgx_VUgrhSRgOOIxdTbubhR-o-8zYEefaUiIPRkgra0-gygkn4zcpq-3dB-t6aw-JA_TLE7nwOjG6GM6WxH2zeoiiwa2Kekp-dtQGehto1zzSAgli4pnLavdYBCycUVzHOSgl1w-qG4tzrAIMP2WWM5DVImhTP0aLkTDwXLwfCkgfo6Q7tx0Y1gQFsbxt7MLd2-1IeVeDvX2Ikk9qNMXSorNHFakTkJ7el9SXakkkHPvsXrigz6NakLwx_WGrZ5QEWE6xtyUjqEJGLVVtpvLFopXsSdSw93tbBgAYGeJUlYBaHKDe5-Ldyq1uYZvayeONSQemdq2RMawmMokeN2U0Wb1hPkgBAXcMpxYNmYWkYuiAdIbzYU8SPv5zkAqolP35rBv76h7ah2UJaARLb8-mZNoUdBkdjy0ACLNcOFBnMPH4OXgdP9D0nGK5982Zm65W-YHe5c78Y0bS-S4ybCO3DR7AztqOSBDEfeCss2ypZU8PBo3jKTFX2FHxbC6m6FZ-paQQ0rfQEEqS3NvXhLb7QmZanayiz_muZRgYZ1_gHdz5v1WEnjcoEWCJqSRJ9Yn6s9HvdwsstymVKNzWA7Wd7QpglQeRrRV2fBWrpCsq_AzxAlyRPMpJaJfY8qgPSKKPNmDf2WJBjgaS82HegGj02OAlm5qYWLEd7RNhqjdfnXhMLKEhoaI-ZP9TnBx-Ap9tCXzhyiFfOggWsWH4aio6m81Uy47lFE81OxQyPKvKy-VnLhzy7FTBV8nFVGwcGyu33lcL_6hNQqvZQUOuLqqb98Q1hT4bhfNIv8JTj2CuLOD3ErBTesQnl7BycAt-qPHzmKiftXEPlDfFfr5tBMzxu64AMcAQ68FIDCbi9yckSOvtA6dmTe3gIA
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 484B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTQ2MjQyOTM3NzQ5NTA0OTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUtJcUF2VlZpeEJ4LWFIeFZ2ZGJNby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTU0NjI0MjkzNzc0OTUwNDk5L3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItODc0NTU5Mzk0NTYwODIwMi8/5Ubz0k5jK7JEzRHGs54s69C-izw&nodeid=4080&group=zrh&auctionid=7554624293774950499&pbs_auctionid=7554624293774950499&shardkey=7554624293774950499&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.179&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.382.0 /
Resource Hash
1f9377a599f6e86c27a0ed3005bc46cd7ed8040caa34501bb2efa7140c6d5e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
x-mm-nodeid
4080
x-mm-handled-by-owner
true
x-mm-bid-request-time
1679074756
Last-Modified
Fri, 17 Mar 2023 17:39:16 GMT
Server
MMBD/3.382.0
Content-Encoding
gzip
x-mm-latency
3 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x87, zrh-bidder-x71
Connection
close
x-mm-lag
1
Expires
Fri, 17 Mar 2023 17:39:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 484B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:38:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 15:38:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 484B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:25:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
15203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8617
x-xss-protection
0
server
cafe
etag
263085479041318444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 13:25:54 GMT
l
www.google.com/ads/measurement/ Frame 484B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqIdOvyT6G9wMB6QpBDRCEJggbIidQcgsCdfmI8VcpdFJigYhOBlO91gEcbLXqXHp9f47wvq-oqLIbTtmNyIoij6JN1Q
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 484B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 00:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
149614
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Mar 2024 00:05:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 484B 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
css
fonts.googleapis.com/ Frame 672C 		2 KB
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lexend:500,300
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
946c813e04d9730020ed021197661ff9de6424f3a356f6033de0146394e0b33f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 17:30:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:17 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 672C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 05:05:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
45214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 18 Mar 2023 05:05:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 672C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 04:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
47818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 18 Mar 2023 04:22:19 GMT
truncated
/ Frame 885F 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 885F
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 19:05:25 GMT
x-content-type-options
nosniff
age
81232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 19:05:25 GMT

Redirect headers

date
Fri, 17 Mar 2023 04:40:12 GMT
x-content-type-options
nosniff
server
cafe
age
46745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 04:40:12 GMT
truncated
/ Frame 42E4 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 42E4
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 19:05:25 GMT
x-content-type-options
nosniff
age
81232
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 19:05:25 GMT

Redirect headers

date
Fri, 17 Mar 2023 04:40:12 GMT
x-content-type-options
nosniff
server
cafe
age
46745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 04:40:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3527 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscQAo3Ja9yAtjS2jxI9-wvvQGjK4hkxuEwKQrrn1P2kXg2HDeMe59iJ26qNvUXgbQlE8g5SdHMOiQUMiFwA_msqoubB6uqxd6bS8VzGfvmixFdh8tP3wEzNvVWYTs2EljQo_dyj3Fz3SFoDMi1qz-LxKw9642U795zw0U0lxUbIDdtDV6LskcfKm00zIQHiZ6n1FepihibXrgKVOuOX14Bq37E8CMYnWFv4S3IrFcWfVgkWnWZGM1v42t1qdoiNDfjTYiV4o2yDBAmTZzYIIiVvFzkbJFdaY1jmCdhFoO7Md1T1ShyxwYkzVbjYPOqhAjuhl8_NFK4uj2HAmcnCHGt4LZx5KU86Q&sai=AMfl-YTmwkALKB1T8icLogB53ogZ8sYhjE18Zn-a-vG8-knM7OSR0s0DfB9jnq9vIVXSsYPWrOdlIdVyBWHQqIdD2JEd7dtUuWdNB5dnGSkOAi2oP8yCexI1tBbA6gd1HhU&sig=Cg0ArKJSzMO0xVE02rE8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:17 GMT
batch
services.insurads.com/dfp/mapping/ Frame 6355 		3 KB
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_300x250(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(1)%22,%22eoid%22:2725352768,%22eolid%22:5436026142,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:970,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(1)%22,%22eoid%22:3026232221,%22eolid%22:6012624441,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90(1)_0%22}]&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.11.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.40.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-40-0.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1720fb6924cceb31ddfdba47c9eebf8320ff5fb98399bd99064d1edd172a1bec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
request.php
hal90009.redintelligence.net/ Frame EDDC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=eadcbed2f3&subid=&uid=745c637a01e6fdbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8529104723653&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=2942938274273828652&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
afbc2811c699855758b1ee1d0033eda4d2b733222ae3bc7213ee79da7de15b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
87914300138108400951389012266009
Connection
close
Content-Length
1302
Expires
Fri, 17 Mar 2023 17:39:17 +0100
impress
ad.vidverto.io/delivery/ 		64 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.lebanonfiles.com&pzoneid=7471&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.lebanonfiles.com&top_url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&domain=www.lebanonfiles.com&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&referrer=&async=1&uid=6953200272
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1c4ab8e139a670ce5ad3bb5f3ebe5fd3ada40cb65f6dbfab775762e007a8379d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
pav2.min.js
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 450B 		83 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=14314&schain=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ce021cb61a37992319ffd6f0006341a3cf3c6d847fe41894a518d640f784cca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdti8XPmxAgrnQVujLYA1RzAxoOV5m8CY8H8O5R0tq4QJK0Pc4dOvkpDYs6JSQoZv-x2MPLKCudP-_smGgzoQpLhzWMvnYqp
x-amz-meta-version
0.7.0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16486
last-modified
Wed, 01 Mar 2023 13:20:43 GMT
server
UploadServer
etag
"15fcbfbce72166bd3ccc2085edac5fcb"
vary
Accept-Encoding
x-goog-generation
1677676843946075
content-type
application/javascript
x-goog-hash
crc32c=6tZayQ==, md5=Ffy/vOchZr08zCCF7axfyw==
cache-control
private, max-age=86400
x-goog-stored-content-length
16486
accept-ranges
bytes
01qrvgnrrbds
hal9000.redintelligence.net/zone/ Frame 484B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=7554624293774950499&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e5cb398e35614045069f8498e1525461d7239583a0cfb319b2dd6097c5ba73b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3705
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 484B 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7554624293774950499&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTQ2MjQyOTM3NzQ5NTA0OTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUtJcUF2VlZpeEJ4LWFIeFZ2ZGJNby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTU0NjI0MjkzNzc0OTUwNDk5L3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItODc0NTU5Mzk0NTYwODIwMi8/5Ubz0k5jK7JEzRHGs54s69C-izw&nodeid=4080&group=zrh&auctionid=7554624293774950499&pbs_auctionid=7554624293774950499&shardkey=7554624293774950499&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.179&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 569 46451a0 master zrh-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MT3 569 46451a0 master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 17 Mar 2023 17:39:16 GMT
img
tags.mathtag.com/event/ Frame 484B 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7554624293774950499&st=4562306&time=1679074757&nodeid=4080
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTQ2MjQyOTM3NzQ5NTA0OTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUtJcUF2VlZpeEJ4LWFIeFZ2ZGJNby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTU0NjI0MjkzNzc0OTUwNDk5L3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItODc0NTU5Mzk0NTYwODIwMi8/5Ubz0k5jK7JEzRHGs54s69C-izw&nodeid=4080&group=zrh&auctionid=7554624293774950499&pbs_auctionid=7554624293774950499&shardkey=7554624293774950499&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.179&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.382.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
MMBD/3.382.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x26, zrh-bidder-x71
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Fri, 17 Mar 2023 17:39:16 GMT
js
sync.mathtag.com/sync/ Frame 484B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTWpSak5EZ3dPVEV0TnpZME1DMHpPR0ptTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTQ2MjQyOTM3NzQ5NTA0OTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1LUtJcUF2VlZpeEJ4LWFIeFZ2ZGJNby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTU0NjI0MjkzNzc0OTUwNDk5L3pyaC8wLzQxMi83Ny85OTkvMzIyLzJhMDE6NGEwOjEzMzg6Oi8wLjAwMC8xNjc5MDc0NzU2LzE2NzkwODczNTYvNC9wdWItODc0NTU5Mzk0NTYwODIwMi8/5Ubz0k5jK7JEzRHGs54s69C-izw&nodeid=4080&group=zrh&auctionid=7554624293774950499&pbs_auctionid=7554624293774950499&shardkey=7554624293774950499&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.179&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 569 46451a0 master cdg-pixel-x26 config:1.0.0 /
Resource Hash
d7371570e1ade9afdbd03372121737a80479e268adcc8266c882ff5afd59b61a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Encoding
gzip
Server
MT3 569 46451a0 master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
close
Expires
Fri, 17 Mar 2023 17:39:16 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 94E2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
Fri, 17 Mar 2023 17:39:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6EFF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame BF8C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCCJY8ecqiLiHbDS4xyvPa2RlCdYutvRtNdY_pGDa9UzzrbeAatG-izR5L2XyGJSJz181hCtxmXMELJVm352QFk3eB5Q
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF8C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49519
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678880156327103"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 17:39:17 GMT
truncated
/ Frame 0C4C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99e7302fd65f4a9ff4737457e41ef076591829a2073cc0f9c92ae2b6f14fe8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BF8C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8422af227b6c788df1851d649f4c045fc5a84958564d4ffc91cc8bd2e24403

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123281
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:17 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 18:13:12 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6144dab8-ea58"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69e9bf8cabef87d7a120c9089bcc39139a0c79071355daae37e4a2ff223e4f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Tue, 14 Mar 2023 19:14:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6410c781-15dd6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Fri, 24 Mar 2023 17:39:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F39 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D2D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wlpwgwvFAVdoq2_v-6QU.woff2
fonts.gstatic.com/s/lexend/v17/ Frame 672C 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lexend/v17/wlpwgwvFAVdoq2_v-6QU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lexend:500,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2129619173a4b8ca1f15a79573ecdf8960d69c8d44339a6bb28e7e50add34e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 13:46:21 GMT
x-content-type-options
nosniff
age
273176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36200
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 17:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 13:46:21 GMT
truncated
/ Frame 885F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b1b9a574d73d63e58ba724835c8ff921e1570d277e95d529f524ba4c91c6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 42E4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a99b5cb9d3b889fac7ec13f8d554c73771f59189151a3b515521c39cecab9f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C4C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options
nosniff
age
130689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:08 GMT
request.php
hal900024.redintelligence.net/ Frame 484B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=dab6bae4ec&subid=&uid=9e6e5fed3fbeefa1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=289942907119&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=7554624293774950499&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
87860d4f23587aac75b7166f34acd8133fe01a5b5b9101d0f293c4ef47566655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
42599400123205300951393012266024
Connection
close
Content-Length
1301
Expires
Fri, 17 Mar 2023 17:39:17 +0100
view.aspx
pb.media01.eu/ Frame B98F
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=87914300138108400951389012266009&actionid=981741&produktid=&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=87914300138108400951389012266009&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=eadcbed2f3&subid=&uid=745c637a01e6fdbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8529104723653&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 17 Mar 2023 06:39:18 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Fri, 17 Mar 2023 17:39:18 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=87914300138108400951389012266009&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
50FF0765:DCBC_91EFC182:01BB_6414A5C5_FE029F6:C02D
/
adv.office-partner.de/ Frame 292C 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=eadcbed2f3&subid=&uid=745c637a01e6fdbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8529104723653&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 24 Mar 2023 17:39:18 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame D251
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=87914300138108400951389012266009&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
350 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=eadcbed2f3&subid=&uid=745c637a01e6fdbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8529104723653&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 17 Mar 2023 17:39:17 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame EDDC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=87914300138108400951389012266009&nw=1
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.125.139 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d8f3bd89db41306bfb87476587bbfd314c0af7eadc55d2813e24b9464d5e9615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
last-modified
Fri, 17 Mar 2023 17:39:17 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 17 Mar 2023 17:40:17 GMT
activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995
8019191.fls.doubleclick.net/ Frame 7E4A
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995?
392 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995?
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
cafe /
Resource Hash
f268426f3031ae58ddc23cfb08a8217af2c96ae10728b4eca3b3cb986fbeb7d9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Fri, 17 Mar 2023 17:39:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90009.redintelligence.net/ Frame B6E6 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=eadcbed2f3&subid=&uid=745c637a01e6fdbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DED0VjKnX9krQEJnCt9N1Ug%26exch_seat%3D20035004448%26mt_aid%3D2942938274273828652%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_cid%3D9d4c6414-a5c4-4601-bf25-bdd0afe6352a%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCihIcxKUUZIb0DKaE9u8Pm7igwAzPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3yAEJ4AIAqAMBqgT_A0_Q0_H61xTjvAnhAS63uR-fSE51bCBdjF0IcNor9bAdswmm0Tqd2kom8ir9ZKapB5Pf_h9ndcOUAE8rzTmlA9wo5MVgkw-wKbeoujdRwLMP2B5Hoj0VPcTHI8kRHHqzshtYLpErnuKyu83rFkN3AMLFjjFFsMiOjUXzsrORmMPAubFa-KmXa9IujPkmwgOPWsdjRn04JPq3OpXiq48XAxecFOHDF4snRCzjiTKvpe-_MWtwbqPh05vTVnrYW9icC5yWy22CCMbpgsdg3yNnG4TWVnMsLS5f9EJI22bivCHCIfQP9XfbNYx7w-6imxl9mnJ-G-16hg2uEs49Q8jc_Pw2mBXwcyjXlUKz-db4A0M-xalTrTlabvLzb4PknAp-a6PQUgvtChGtkBznPBzDWvPKbr7RNynBmfRfEJ7WC6-0T6uJPfjTAAZJgUVvA1idSVLndhtmnb2o8fzYsu--ItDnWX4scggWjmiCmAXxaocu0sUC2XwNZlbzzGIIJ3Z3NPkEv0MO13vijd0hRx-S4tAHeHTZBEIH4g_-tSfX3ph590VgfGOhmuvfgdFTkwy9OxXT-RaN8aKf2ijDYWnF63cW0h7LwhJzIVmDbP45okOf7Z7CIa7-mpXxL9N1f29AOgw58Q7bthdxkv4CG7gFhw5MgBdeO16jOXaX-u4AyvfgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDg3MzA1MDE5NTg0NDc0-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2OYxb63h-zy8fYvHPGtMWr4WxKIw%2526client%253Dca-pub-5512390705137507%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8529104723653&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
80c3ddee25632d988112d79f22722f2fd7ec01e23665f58dc902534e229ca35d

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2074
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Mar 2023 17:39:17 GMT
Expires
Fri, 17 Mar 2023 17:39:17 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame EDDC
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=87914300138108400951389012266009
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:41:50 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
50FF0765:DD06_91EFC182:01BB_6414A5C6_FDC0232:2FD2D
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 885F 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options
nosniff
age
130689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 42E4 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options
nosniff
age
130689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:08 GMT
dpixel
cms.quantserve.com/ Frame 6EFF 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEQDXcCjw2j4pq-0urko5QY&google_cver=1&google_push=Aa02lx_iK2cjk1qgqpRvGS5humh4AjNiXnLRFpKSHrbiCoSwXEQqx86y9veshLhJFjs4apd8Jde51iQ8_LGCCj7BMy-S92fCLQBhEGU
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 6EFF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAWbNWU3yRxDWK02FGRYYTU&google_cver=1&google_push=Aa02lx92CiLAuNYLJ6i7lDaW9pTXTYsHrjh3MYUiHEF3CW6VbwxmgNBGRjjCpjN_jpA1CT91qW2vKwjVfBgYi8T1Tb01Htd0l6yfC64
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIOBY3H2RUynBXQlb747oEE&google_push=Aa02lx-diwF0XTANHMazlx-uTgjRe5sS911hHiuSuhA8KUWramRNmPkstS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIOBY3H2RUynBXQlb747oEE&google_push=Aa02lx-diwF0XTANHMazlx-uTgjRe5sS911hHiuSuhA8KUWramRNmPkstS3N27nzOrs2aFG7_QpzoK1VolsSD9uLRx2p-RexfbbW_4k
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220040-HHN
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1679074758.941328,VS0,VE183
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIOBY3H2RUynBXQlb747oEE&google_push=Aa02lx-diwF0XTANHMazlx-uTgjRe5sS911hHiuSuhA8KUWramRNmPkstS3N27nzOrs2aFG7_QpzoK1VolsSD9uLRx2p-RexfbbW_4k
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5dgqyhUQ5JuJXSN4UM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5dgqyhUQ5JuJXSN4UM
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-_nSIzrJ1O44uavufnSpfgMMcDHxWPva2mGCMWYa2RtgkA1Rv3qdqlBxL0R3a5Bn5bLOu69fdqsJA5U5dgqyhUQ5JuJXSN4UM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Mar 2023 17:39:17 GMT
pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfV...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfVoPTsHElqKxY&google_hm=Geq3fO_5QCaOYlPlHMQ-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfVoPTsHElqKxY&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8-RM6WoG58_Bg2mgVw7KFB8hc_0k1tsZQrjzV5JxZXR8i5BzAid2r7BF0D67Q4ZECsLLlNszMQw8gcmgr7NUfVoPTsHElqKxY&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NZQlSSSFT-ODlYqU4KL9og%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NZQlSSSFT-ODlYqU4KL9og%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8TFrkjaDBGEYFzLtRJBAd4w41JT6U3StwWklr7-MdYxcpr0-EZm7svp3ngiAaFYkfUyaqhUw12gG7tfD6DL567KbEwfHJP2Mg
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NZQlSSSFT-ODlYqU4KL9og%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8TFrkjaDBGEYFzLtRJBAd4w41JT6U3StwWklr7-MdYxcpr0-EZm7svp3ngiAaFYkfUyaqhUw12gG7tfD6DL567KbEwfHJP2Mg
date
Fri, 17 Mar 2023 17:39:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6EFF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx8gQhWaNuv6ztwOERqleWhX1W1I8S7SL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx8gQhWaNuv6ztwOERqleWhX1W1I8S7SLFhPUQyI2_piKiQx-_i3B0V8-WX4_YX9jqJkVr6xzLKBETwliy0Y23zrRWQ8fhfyzxk
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx8gQhWaNuv6ztwOERqleWhX1W1I8S7SLFhPUQyI2_piKiQx-_i3B0V8-WX4_YX9jqJkVr6xzLKBETwliy0Y23zrRWQ8fhfyzxk
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 6EFF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsLYogKBc_KbCKk6aLLJYzHwSBEYJ3Y8v3iXr1svokEUYKHf-0qF6KWhROY2xQGjJnwBdM
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3426 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EDDC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69b75469ed847b6d856be5481d5b37fe57d8829a7355e55053e9136a38a63dbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5F39
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1&google_push=Aa02lx8ZI2J0Lx1u18-CeGGaMOh3Sv7AVk0WPftO-Pseh1phypQDJEd2wKMNF9pwE7ul4-jDb4lPoPL38_A99c9xMyKqutDFmZxlEgVP
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxMzQ3NjIzODU2MjI2NjY0NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 5F39 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAWbNWU3yRxDWK02FGRYYTU&google_cver=1&google_push=Aa02lx9GkTvclRjuxvVVHQKjTa07QchJBxfxOPoTNOQWAADuePjx2NhpbxaadXmss4rv-t9iEamKVUpZ4-V1anEYmrAw6LFR96uo7Tl5
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 5F39
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaS...
43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a9703b82c09bb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
187
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_ptm_1x4b8WbrY81sX3hYhcdDdUVMCbZHFf7jM5jHGcJPcPJ7Hj6TGveFAUC_C1hBnM2HC_Iz495MfH9BqGIg9q9a8IaSJ6uAR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a9703b52e29bb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F39
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU07OW7Qv_v_YCTg-VA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU07OW7Qv_v_YCTg-VA
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-a8Dk0py0ecaZB81qIBMo6yEIf40yfbxIi5B8be4F097ne1OZIY36B6Rr3v3eRJdjNWa0jXRJHUrkAEU07OW7Qv_v_YCTg-VA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Mar 2023 17:39:17 GMT
google
match.adsrvr.org/track/cmf/ Frame 5F39 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMTy83FuK1yMRXsw0Q4stYo&google_cver=1&google_push=Aa02lx99qos4Vqrhz615pzJU5LqDfZyP44D8MyXnbFQoChjkMGnx1I27d-7W_7mwTM2wODjzFyWb3N_3lm7RoSocBCCX6IvFl4JeXuvn
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5F39 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAIpJnhsfz5MvF4NyQF-t3M&google_cver=1&google_push=Aa02lx9X23ji5YIT1EjDvRL6hgdkMxm8hNNO5n2frseOwwiVNW8rQcqEXMduarJmEKx3t6TNwpftArZR_ytbp_xxhSqzULJhGC0AB4x7
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5F39
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8M84SMe8TgKFChUK0r6jFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8M84SMe8TgKFChUK0r6jFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-a5clY2NSjrIB6VuNLEFg6xN-TG9-qPHSQnSeXsaM9CakJ9Qt_C3xPar9UHsDbAJ4FsMrTlKLkdt-GveimD0GmT0kZ1uFCeC4h
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8M84SMe8TgKFChUK0r6jFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-a5clY2NSjrIB6VuNLEFg6xN-TG9-qPHSQnSeXsaM9CakJ9Qt_C3xPar9UHsDbAJ4FsMrTlKLkdt-GveimD0GmT0kZ1uFCeC4h
date
Fri, 17 Mar 2023 17:39:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 5F39 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSA6OjwzDLK4nEeWPsI9SOwP4wsBK9pxiXk8vq5N-YJJ5j3Ahuk4iFSFQ1qp5hp1UPpp7F
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3D2D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1&google_push=Aa02lx-15nfo_33uCFO59CYzyA6vNv-aQgjsU1t-f6yVedcCUCUHpN8f0UKpdiQAe6P4E9wVeSzqUVTeZDd63r_Gpa2FuYrROdkKqFg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxMzQ3NjIzODU2MjI2NjY0NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKZrxHMqlVuPGHn1O9tY0kU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3D2D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aW...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a9703b82c0cbb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
584
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-hNjwfTI_SZvuXpcQckutiKUI4N1VZAEBhi5rl7tm5QJwH3OD-F2VmzETFxOVbp6jICfK8Qxi9sYlPW6j_v5S2KhbXVz7aWuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a9703b52e2abb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 3D2D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMTy83FuK1yMRXsw0Q4stYo&google_cver=1&google_push=Aa02lx_tmVtl2LBLK86BGZOJJfsoZ1rc7z1ceCI3udP2DllGF32i3M2Xr9G1EWqhFJZKuEePCpGh8NCURDmWKc9BE6_hUN20l8mLm3U
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3D2D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGy9YFrxjJbAF7yUaVyrJjM&google_cver=1&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTU3MTE2ODg4NzEwOTc3Mg%3D%3D&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP3wDe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTU3MTE2ODg4NzEwOTc3Mg%3D%3D&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP3wDe4epxrZwETsww
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMTU3MTE2ODg4NzEwOTc3Mg%3D%3D&google_push=Aa02lx91rQv8BW1F6qdX1phj4ejb3kAM1ArTyTjEh2ECNwcvL9HZ4ies33TlkiJnc8tqbLGTcHm3zOJp4eHgrP3wDe4epxrZwETsww
Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 3D2D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCMVItMTEtTUJIRQ==&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1epd94yK0JlPbHkIslcl45BZA3Dg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCMVItMTEtTUJIRQ==&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1epd94yK0JlPbHkIslcl45BZA3Dg
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCMVItMTEtTUJIRQ==&google_push=Aa02lx9_62DbMtkyAMmEfPDwoDz9cfA9z9ZQHzur9-pWpMqp51mi0iXDZ_Uv-fTtVUIYFkgjKb1epd94yK0JlPbHkIslcl45BZA3Dg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3D2D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-nwOn19Y411q6Wr1cyAe66sxUQ580AV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-nwOn19Y411q6Wr1cyAe66sxUQ580AVKyPeu4prbQgzdtyfmaO_G2OIn-oP1k5YyrOd2g4RCQWwK1MdsrRqVeI0BfqLDlx5Ns
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-nwOn19Y411q6Wr1cyAe66sxUQ580AVKyPeu4prbQgzdtyfmaO_G2OIn-oP1k5YyrOd2g4RCQWwK1MdsrRqVeI0BfqLDlx5Ns
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
report
sync.teads.tv/um/ Frame 3D2D
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGXt6nhooaFXqphc4kAYJ3M&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_smUsUBNbC3M3X-trASYZvs3jKejHhtdNrcHowqIR_TxdCB87v1c9gilg5jozwOM7FHRGQYq6cdGMXmCnIkbtGO5sttVB15wa9
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Fri, 17 Mar 2023 17:39:18 GMT
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3D2D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHXsc2Di8P0uXLUPzbl3SAwuw2IrHEy1sDBz0P9GPjw99y1EMo3aHeoUflKRX7klJv4e3Gbw
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame 7716 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156400/7371/ Frame 450B 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156400/7371/pwt.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f9c77b2c4c8a58c7303d4114a4d6286b6b4c47c962f6d4812b5ab43164ff669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Fri, 15 Jul 2022 10:26:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143794
accept-ranges
bytes
content-length
66940
expires
Sun, 19 Mar 2023 09:35:51 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=eUiNR3wyakl5QTE5NWl2Z0VOelZoRDV1dzNyMlh0cWk2blpra2lIVGJjN2w5cW1JWmlVaC9WVlE2S2V0REEyV3lCczBXd01QNUhlVVBoZTlvZFFYT2NoRTRBdFd5aWRPdjdNK2hGeThNUlFHUGFQMXArN0VjV3VFR1I1UT...
476 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=eUiNR3wyakl5QTE5NWl2Z0VOelZoRDV1dzNyMlh0cWk2blpra2lIVGJjN2w5cW1JWmlVaC9WVlE2S2V0REEyV3lCczBXd01QNUhlVVBoZTlvZFFYT2NoRTRBdFd5aWRPdjdNK2hGeThNUlFHUGFQMXArN0VjV3VFR1I1UTZuZnNjc1Z1WFBYV1BNdjE1UjQvcmFnMk1kb1licURIQmtoQ1lrMDBLZUM5dVM4OXNXaC9tTzJuN0FjNmVmQlEyUGh2dFJhSlRSamk2MmVsdGR0ZWNMaDkxNTFXNXFDdEg2NndSa01lV2phUGZMcEN3Uy9sa3M5a2IrZytUOWJ1SXdEWm1ZWE83Vjl0cHFQWW5YSXFydm1qMUtSMUVFOHA0UjJMdHBZNy9sV0NiM2tvSEkzMD18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e9ec456b9813d0253701811d944b26e013a43f847b2a8504a4d1fb0be7280302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1129793
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=eUiNR3wyakl5QTE5NWl2Z0VOelZoRDV1dzNyMlh0cWk2blpra2lIVGJjN2w5cW1JWmlVaC9WVlE2S2V0REEyV3lCczBXd01QNUhlVVBoZTlvZFFYT2NoRTRBdFd5aWRPdjdNK2hGeThNUlFHUGFQMXArN0VjV3VFR1I1UTZuZnNjc1Z1WFBYV1BNdjE1UjQvcmFnMk1kb1licURIQmtoQ1lrMDBLZUM5dVM4OXNXaC9tTzJuN0FjNmVmQlEyUGh2dFJhSlRSamk2MmVsdGR0ZWNMaDkxNTFXNXFDdEg2NndSa01lV2phUGZMcEN3Uy9sa3M5a2IrZytUOWJ1SXdEWm1ZWE83Vjl0cHFQWW5YSXFydm1qMUtSMUVFOHA0UjJMdHBZNy9sV0NiM2tvSEkzMD18&cppv=2
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
417623
content-length
0
expires
0
rid
match.adsrvr.org/track/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2947769ec92f66ce734408585f10eb440c5eff110bd42861138307ebc374b982

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 16 Apr 2023 17:39:17 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 24CC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
37593
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 01 Mar 2023 07:12:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
20, 389242
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220050-HHN
X-Timer
S1679074758.051626,VS0,VE0
sync-all.html
adxbid.info/ Frame 9524 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a9703b5bb659bd0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 17 Mar 2023 17:39:18 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkIIUgmsxbPykCWIdgfYOvS3YCUAAW953DGBxg3pl4rTaRYWFknn%2FoPhxpeoQo4vdo5rKbXtpAC3j5Rm%2FL3y5moOPn5AwSUQTFuH4nZJAW5kyQB7xKcosXYiEVNPSUYbN2kkw%2FVD%2BjjlZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
s.console.adtarget.com.tr/ Frame F8B5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
bdaf96bc2c332c16a104b76e6e1e131fe89eb33e2fa668ed10fab6cc33a48146

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
947
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pbjs
sync.quantumdex.io/usersync/ Frame 2E65 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd778bd257f18e50868900051941777a4d88c7727e41e3434396b218176e1327

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7a9703b5092e9b2d-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
server
cloudflare
pbjs
sync.quantumdex.io/usersync/ Frame 7257 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6628cc9f42875f817734ec9f1b0851beb4d296da0b34198c5a9da1330e87a1

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7a9703b509319b2d-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame D7FE 		1 KB
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
96
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a9703b528343659-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:17 GMT
last-modified
Fri, 17 Mar 2023 17:37:41 GMT
server
cloudflare
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 68E5
Redirect Chain
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=c307389e-e069-4131-aa38-4ef8669b305c
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=c307389e-e069-4131-aa38-4ef8669b305c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Mar 2023 17:39:18 GMT
Etag
a46222d4bf8f1742
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 17 Mar 2023 17:39:18 GMT
Expires
0
Location
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=c307389e-e069-4131-aa38-4ef8669b305c
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
connectmyusers.php
cdn.connectad.io/ Frame 93FD 		1 KB
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
96
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
7a9703b528373659-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:17 GMT
last-modified
Fri, 17 Mar 2023 17:37:41 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 734F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
37593
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 01 Mar 2023 07:12:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
20, 390735
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220057-HHN
X-Timer
S1679074758.051378,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E7DF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49808
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
Sat, 18 Mar 2023 07:29:25 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=19eab77c-eff9-4026-8e62-53e51cc43e4f&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-sKbLAYpE2pkFwAGxfvXTMRH7BM..jNcxS5_J6g--~A&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=19eab77c-eff9-4026-8e62-53e51cc43e4f
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=731154651419706253&gdpr=0&gdpr_consent=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=731154651419706253&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.72.124.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-124-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=731154651419706253&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
server
nginx
content-length
43
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZAupKaYXwje3&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZAupKaYXwje3&ev=1&pid=560288&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZAupKaYXwje3&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7bbb45b5f-qvx6v
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08da220403fc314bda4d343f&gdpr=0&gdpr_consent=
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08da220403fc314bda4d343f&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08da220403fc314bda4d343f&gdpr=0&gdpr_consent=
date
Fri, 17 Mar 2023 17:39:18 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253Dundefined%2526uid%253D%2524UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=2695723713456944503
0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=2695723713456944503
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Fri, 17 Mar 2023 17:39:17 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1fe06adf-b79f-48da-971d-54222dc756c3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=undefined&uid=2695723713456944503
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
711890.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=undefined
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A&gdpr=0
0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A&gdpr=0
Protocol
H2
Server
52.29.235.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-235-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A&gdpr=0
date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame 17DF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame 4A8C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Mar 2023 18:39:17 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.563.0_en.html
imasdk.googleapis.com/js/core/ Frame 3849 		708 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55839
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
230581
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 02:08:38 GMT
expires
Sat, 16 Mar 2024 02:08:38 GMT
last-modified
Wed, 15 Mar 2023 22:09:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 17:39:17 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22345ee907e2767962f755774a3ab8fbf532680365b2da1b39cc3aa45788ed80

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=RitoZCs2Z0NycUw1by9penIzWWJ0L09pUG1CYU9NRlI3L2VraHlpZjZWemZ2b21tT25PaWplUFVVL3paR1pPbjV0SjJhNU1RMG54NEl5aVBsVUxBa2JKa3ZPQm1lOUNRU29QcDF2Y1lTQ3VGNGEyZzczOGV0dzl3MUcvRWpaUkkrZkpiV1grTXc2SVJoRlJFMlhGTDRIVEt5RnljNFZ6ZTRtVmpyVVd3ODIwSkh3bGNGQnZROHNhcVgzMVJmK0RnWW9XMXFzcGdYMStncFJvL01Db1QwRlUvM250TGxReEJMUnBWd2YzYWdMTjM0NWlCbU1mVFNFMmpOeE9pcXI2UnlpNDNWVVdXVldSYjNDeVFRSC8xNGt3dDlRbXFkYTBjOEFFMVo4eWczUC9kSzdRZFN1cGRZOXcxWTdQWG5hdk9tUE9LOGJWM20wTkkrOURxOVdITkpKbWVvK3ZaRVVpWTRpaEdzaHNQb3o1b0NqT2tEeE02Sm5KZ0piUEJlNVNNTFVrVURaOWJFZFB3QzM2NWw2NGdIdWRkS2thRmFPNi9FSEJTSWsrZEF4UkVEaWJYTGJBanAvUjI4ZDhhcDhnZ0MzY3RKYTd6VVdEdlNkTlA3TkNBYmt5YWtkTCtkOXNJZmZlOTZrUEUvOGVCSU0zSlZSSHpSOCtxU1BHTHcyR0Flc1ZOamhOdENGZjZNd1dIbk5pK254TzJsY09FK0xZd3hxR094QkpZalhldEUzYXpXMGxDaHZzcWVlUGNVMGZ0bndNQWVFeGhFOURSMDYxUG1xQWw1bjhVWEd1YmIxa3UzWEVlUjlMaEhqOE5DNHcwTWxWMW9SdVI3NnNiMjkrVw%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
533277
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
neu.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		2 KB
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/neu.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9cdd64c363874aa71172faeb861ecd3a6f65362e4b9f9e1077c370f089fba6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Mar 2023 22:07:14 GMT
age
70323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
955
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 22:07:14 GMT
cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/cta.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85427ab651caac7c7a95df7a96113bc3be356e73fdf689cd376e821640f299a4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Mar 2023 18:42:57 GMT
age
341780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1241
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Mar 2024 18:42:57 GMT
cta_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/cta_zweizeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09a80f3d899cf260301f4b556b8c1c4ab1402e18038e60e448de61bbfd21dc7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 16:25:13 GMT
age
177244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1248
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 16:25:13 GMT
packshot.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/packshot.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9b88abc7ea6a6b78478b858d46abafd1595b144964f1d92b0da41ab14f60d9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Mar 2023 08:09:08 GMT
x-content-type-options
nosniff
age
120609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19213
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 08:09:08 GMT
icon_muskelentspannung.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/icon_muskelentspannung.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6049983502a4f367b61eb71ceae525bbd94e7a62d4ec3c0c32b8e8c396f54d0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 22:01:53 GMT
age
243444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1865
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Mar 2024 22:01:53 GMT
icon_schmerzlinderung_nacken.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/icon_schmerzlinderung_nacken.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f86497a24923f2841cf7ca57dace58d1e04cdf8fd4861d03ddbbbc35ed2a1c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 07:56:21 GMT
age
207776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1975
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 07:56:21 GMT
icon_tiefenwaerme.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		2 KB
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/icon_tiefenwaerme.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
392742a245bc51ef722b937fc99446c8afc24d29d0627104797346dba70e6413
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 01:44:47 GMT
age
230070
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
967
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 01:44:47 GMT
doc_logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/doc_logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
786613c6729a584fc5e51a5d20dba54559edac15d58cf30d730f54c5a3050de7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Mar 2023 20:39:08 GMT
age
75609
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1290
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 20:39:08 GMT
signet_therma_nacken.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/signet_therma_nacken.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94580d04163b820ee0baf469bb56b316edb88e15b352aa14721c673ee48176fb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 04:11:37 GMT
age
221260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2851
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 04:11:37 GMT
logotype_area.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		2 KB
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/logotype_area.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed57a8f6d806a740801ebd395017df259c6514f9b53e9dd3a8a8a545a569e61
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Mar 2023 14:14:58 GMT
age
98659
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 14:14:58 GMT
logotype_area_landscape.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		2 KB
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/logotype_area_landscape.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7197983ffe2d508f0c0e2408944f06fa6a8302e99cd25d29257f572ffc37125
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Mar 2023 15:38:36 GMT
age
93641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
818
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 15:38:36 GMT
produkt_nacken.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/produkt_nacken.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7e36380db5f3a3f12328b38e6aed19b4bd05542366a2bc38470284e538a3816
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 17 Mar 2023 08:04:56 GMT
x-content-type-options
nosniff
age
34461
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6649
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Mar 2024 08:04:56 GMT
koerper_zuschnitt_nacken.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/koerper_zuschnitt_nacken.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06bf951b7ba273ad7ed12c0cbc5f70ed4e91015412800baf70a138244ace4c93
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Mar 2023 23:59:46 GMT
x-content-type-options
nosniff
age
63571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16634
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 23:59:46 GMT
koerper_nacken.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/koerper_nacken.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81111be90503c1a93ea3a7eec8c7d4d4d0c01545b8287f413406cb32bf494a2c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Mar 2023 17:47:08 GMT
x-content-type-options
nosniff
age
85929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19987
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 17:47:08 GMT
css
fonts.googleapis.com/ Frame B6E6 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 17:27:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:17 GMT
/
hal9000.redintelligence.net/scale/ Frame B6E6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
4b525152f2188715dc6d6c9971e59fe000e68ed70c83a16e859e5c8e38bd69bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9365
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B6E6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
33a1b313e2b0f843eecfa3e93cb87b4a0c7bab891b7b86632cb92887c9d3ab3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9288
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B6E6 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
f366e13b444c6186601c91705e2198bcc6fc119fe394f33cd9f559e74999b14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
7648
Vary
Accept-Encoding
Content-Type
image/png
view.aspx
pb.media01.eu/ Frame 4AF9
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=42599400123205300951393012266024&actionid=981741&produktid=&dt_url=
0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=42599400123205300951393012266024&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=dab6bae4ec&subid=&uid=9e6e5fed3fbeefa1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=289942907119&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 17 Mar 2023 06:39:18 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Fri, 17 Mar 2023 17:39:18 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=42599400123205300951393012266024&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
50FF0765:DCBC_91EFC182:01BB_6414A5C6_FE02A0C:C02D
/
adv.office-partner.de/ Frame BC93 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=dab6bae4ec&subid=&uid=9e6e5fed3fbeefa1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=289942907119&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 24 Mar 2023 17:39:18 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame 4BD8
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=42599400123205300951393012266024&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=dab6bae4ec&subid=&uid=9e6e5fed3fbeefa1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=289942907119&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 17 Mar 2023 17:39:17 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame 484B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=42599400123205300951393012266024&nw=1
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.125.139 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
142c95c0e6e5b5e902748c6d89ce8be100ca835be51d51bd4020b93ae263c5c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
last-modified
Fri, 17 Mar 2023 17:39:17 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 17 Mar 2023 17:40:17 GMT
activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123
8019191.fls.doubleclick.net/ Frame 6CBB
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123?
391 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123?
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
cafe /
Resource Hash
fa80a5d16f29b07c3f897364c63d9e1936189c526405837f3deda5625fc1617f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Fri, 17 Mar 2023 17:39:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900024.redintelligence.net/ Frame A3D4 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=dab6bae4ec&subid=&uid=9e6e5fed3fbeefa1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D_eqIRMPJrdlbyW7a6xgEEA%26exch_seat%3D20035004448%26mt_aid%3D7554624293774950499%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_cid%3D986d6414-a5c5-4600-8d41-10e13b984dd6%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCzFBDxKUUZPyBDuu99u8PkO-BYM-HjptcwIbZgsYCwI23ARABIABglYKAgLQHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQngAgCoAwGqBIIET9AcC4Hy_yMaoYjWNHDCYfYPSLXetAXWx9Fm6CbW1Lo9uY-nJrgEieei6X9O3x8951HWrTk0O0ExIH8sdFXuoUKjpV-7xuZrVxlitim7Q_NYmFFk3-1jL4atI2zbnIt-cbo1XsWTcdtey8CZzzWAKQSjQjKWEPFzvbZL6Ea-K9pllmr2Na1LfpAJywy5P1v5M1qiy-v4vv4npQ2feu7iZvE2ITsJPbNZKfA_j7odtcEFqRLnwgoi-anzywWVkilfMcFKNrkGiZuV1lyphVPxQzKgRsZzh69jcztUoK64fNWiF-15QMn4X_bqf0tfS4MtvuxC3DN7YZXhaTPxDaKKFZC0XBrocO1seG3AU7egwtDkR2bK8Om0uPhgecHXLjbufKw3PJnMD_ysZlJn9oO8GujdJ4ekNxdI8AvlBXpcyblrCSXa03ZfjntwbEZptoszB4tsxOqhtODJWnPK2v126k84MhqJkL3qQfp4ldnDn65ifrrpQpsomyjjrpDr3H89Rp3qhEBpg5gYXo0k3VkSW9br9o3b9ZMXjA19m8Al88K-6zk85kW10ANOv0x8V0Bf0N0g-M0kjZnDAgakxRbAyAhZhb7DGhMLWQEPlgbVrF1XGmR2Vz1krVRr2g5Xdi4286mFp2k-uiZYXWEo-dflMETVsbWcDWGZ2qVeTwOMEvD11-AEAYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0dC4hTB-rQrk0GDGi9j1Rv4jNfng%2526client%253Dca-pub-8745593945608202%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F30f6810583110272790456a336f56061.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=289942907119&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
199b7e12b35daefa59b59f347dfc84ee7431cd4f60500344ac93f70d1704348e

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2046
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Mar 2023 17:39:18 GMT
Expires
Fri, 17 Mar 2023 17:39:18 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame 484B
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42599400123205300951393012266024
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:41:50 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
50FF0765:DD24_91EFC182:01BB_6414A5C6_FDE6812:C02B
X-IPLB-Instance
40028
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
iframe
sync.mathtag.com/sync/ Frame 1FC9 		675 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=986d6414-a5c5-4600-8d41-10e13b984dd6&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 569 46451a0 master cdg-pixel-x29 config:1.0.0 /
Resource Hash
70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
Expires
Fri, 17 Mar 2023 17:39:17 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master cdg-pixel-x29 config:1.0.0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 292C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 12:23:21 GMT
etag
48472445140208031
expires
Sat, 18 Mar 2023 12:23:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 484B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39fb4e0255b5ab48267f54ddf5cf76e9fb24f10fca7768ccb00c8fcb0d8831e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8JAfrMNPlFmYjiRrzWjAgR-pjBmlJgXFuyzJn9mZofcVj_de6Tdoto
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:17 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0db3176ec3573a64a@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx_BHSf1AwC9W0LPZY8Mq5quZqSmJt5R364xc6z6J8JAfrMNPlFmYjiRrzWjAgR-pjBmlJgXFuyzJn9mZofcVj_de6Tdoto
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx_x7KnNrIZbcjnAQXOTIdq9mSeCkUcBazhhWgQvh8JPKecB5KlCENS5l685A2EJGqJx0abXzLSSYGK6t6EFwOiy...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=19eab77c-eff9-4026-8e62-53e51cc43e4f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=19eab77c-eff9-4026-8e62-53e51cc43e4f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0f117b28-aad4-488c-8269-94b37a021814&user_group=1&ssp=google&bsw_param=19eab77c-eff9-4026-8e62-53e51cc43e4f
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCNEUtMTQtQkJR&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V0GixwQciWyYzRxsCh6pN4dGgf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCNEUtMTQtQkJR&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V0GixwQciWyYzRxsCh6pN4dGgf
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCNEUtMTQtQkJR&google_push=Aa02lx9BdXaPvgkC6c3unwg8fELCV-Q3x8Wts-VDEuuRU_sT8C8CshDGDosSOsUm7PLw2i-Bb4V0GixwQciWyYzRxsCh6pN4dGgf
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-dy7Xpvn_kv1UKRZKfo9RJY-MZapkJ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-dy7Xpvn_kv1UKRZKfo9RJY-MZapkJ7UysEhU2Od-yr5VoLsZPEXn8S5PKJ6oGUqNHJMi1oyFL6OCIvi0h5rx9_WupnG7a
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&google_nid=index&google_push=Aa02lx-dy7Xpvn_kv1UKRZKfo9RJY-MZapkJ7UysEhU2Od-yr5VoLsZPEXn8S5PKJ6oGUqNHJMi1oyFL6OCIvi0h5rx9_WupnG7a
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBaPGGdkZ_ZEiJa323pfgEw&google_cver=1&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYL...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYLDkkCzH3I_mRI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYLDkkCzH3I_mRI
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:18 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9xt-4ZaPi0WQPMIunHcoo3moPiuWOaKfUq0bnLAhdjAuYI2GcLycsgLVPZzTzU3lwjiiQkrAdwu7ozbNYLDkkCzH3I_mRI
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
QUuxKYc9LG7qAuht3kNHsvHQ-NBr62SQdYLWa3t3Ny_c4iEabuP7fg==
pixel
cm.g.doubleclick.net/ Frame 3426
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEAq1-5ocuTaAFmeFaU9p4X8&google_cver=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFnumh1Lekue20aMavZqr2t0O1eYrksxQxxSHU3uDOBRHzshEd9TM1y72lWzXfMIDU330USc
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&mn_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&mn_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFnumh1Lekue20aMavZqr2t0O1eYrksxQxxSHU3uDOBRHzshEd9TM1y72lWzXfMIDU330USc&gdpr=&gdpr_consent=
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&mn_hm=MzIyMDc2MzU4OTA4NTMyODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx_cCTQ46I_EQzp53GxOH_iBPFnumh1Lekue20aMavZqr2t0O1eYrksxQxxSHU3uDOBRHzshEd9TM1y72lWzXfMIDU330USc&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 17 Mar 2023 17:39:18 GMT
sync
ssbsync.smartadserver.com/api/ Frame 3426 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENMHh_yCvQnHUR7x7gJDHr4&google_cver=1&google_push=Aa02lx8O4KfIu7vriYNoMsQG2OvqBpZa1GtMbcUgqkHf05NAu1Jtowsizh1lyICrCSB3GlvPSu_w6yciCwS6vMPS46Wo0t7rwFs
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3426 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ix8tiAPuNr99v8UAEWqg4hu3C4syMNscBZK2MZXUpdadqK9FFTE1ezbgKP9Tm_u0hLtERV
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=eUiNR3wyakl5QTE5NWl2Z0VOelZoRDV1dzNyMlh0cWk2blpra2lIVGJjN2w5cW1JWmlVaC9WVlE2S2V0REEyV3lCczBXd01QNUhlVVBoZTlvZFFYT2NoRTRBdFd5aWRPdjdNK2hGeThNUlFHUGFQMXArN0VjV3VFR1I1UTZuZnNjc1Z1WFBYV1BNdjE1UjQvcmFnMk1kb1licURIQmtoQ1lrMDBLZUM5dVM4OXNXaC9tTzJuN0FjNmVmQlEyUGh2dFJhSlRSamk2MmVsdGR0ZWNMaDkxNTFXNXFDdEg2NndSa01lV2phUGZMcEN3Uy9sa3M5a2IrZytUOWJ1SXdEWm1ZWE83Vjl0cHFQWW5YSXFydm1qMUtSMUVFOHA0UjJMdHBZNy9sV0NiM2tvSEkzMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
440783
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
img
sync.mathtag.com/comp/ Frame 484B 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 569 46451a0 master cdg-pixel-x14 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
MT3 569 46451a0 master cdg-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Mar 2023 17:39:17 GMT
setuid
sync.quantumdex.io/ Frame 7257
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b9eacb9b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 7257
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703badcff9b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-store
server
nginx/1.22.1
content-length
0
expires
0
/
s.ad.smaato.net/c/ Frame 7257 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, must-revalidate
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
9h5KH5Bw40b9aVJ9JypJlfpQtIANHIW9D-NGGmrLDkqmLgd9ddU1YQ==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 7257
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b979cc9b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
174b0cb8-ca9a-4d0d-981a-9ebc84af92b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7257
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b959969b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/ Frame 7257 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Mar 2023 17:39:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
v1
match.sharethrough.com/FGMrCMMc/ Frame 7257 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.124.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-124-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
0.gif
id5-sync.com/i/495/ Frame 7257 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 7257
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703bb4dd69b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Mar 2023 17:39:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Mar 2023 17:39:18 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&bundle=6o3CBl9ab3lCQXRhU0lNOUFCa3BLUFhGQVdzazJVTVlxbjBTUU01QVd4bmZsRkFSOFZVVUpLVnZqR21HTDVQbUZLZ3hVZkZxR0hTdFVMdlYzdmhXTHBtOVAzZk8yb0tMTUpnS0dNNnBUNjVic1k4VjVQZTE2MnBhRjNPWnEyS0RBTlh3NTNyZnFHZ0plWkhDNmNJTGlBd0lXRGVmNE5CM1R2JTJGSTBqa3VRTEVCT0FWSSUzRA&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
594579
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 450B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&bundle=6o3CBl9ab3lCQXRhU0lNOUFCa3BLUFhGQVdzazJVTVlxbjBTUU01QVd4bmZsRkFSOFZVVUp...
  • https://mug.criteo.com/sid?cpp=jPjCdHwydzU1dkVMcEJLdGlQNjdTYTBkMnZGOStMMmY4Ny9TeWdVVncvLzhXVlc3RWpCNThZUEhQUGx4UnFtM3FWUTBmT3VTZ2szcUxRSStXV09Xc21OMEVhaGt3cnVYRHIrUVVDWUlETXo3K2o5VUVoQzV5VWc0TGRzZk...
540 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jPjCdHwydzU1dkVMcEJLdGlQNjdTYTBkMnZGOStMMmY4Ny9TeWdVVncvLzhXVlc3RWpCNThZUEhQUGx4UnFtM3FWUTBmT3VTZ2szcUxRSStXV09Xc21OMEVhaGt3cnVYRHIrUVVDWUlETXo3K2o5VUVoQzV5VWc0TGRzZkdOOFNqa0psT2FNaXc5WG1YOEN6eTNPRSt1RUxpZ1M1R0FHb0ZNRmMwMFV5dEVmVzVjMllPNUxqQlZETlMyQnVpdTFYV0ZrNXA4MEZidUtJQ1lPSDd0OHNaa1FRc0hrMzN4bE5aaXc0S0FFVWx5QTl5K1Y0RlczRDQ2YlNTNzI3OXJRSUlIZ2NvK1dJWjYydERxVSt0OVFva1ZKOWx3OXF1ak1JTXdJMVFKMGhLWXUxb2IrQT18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1cfa1ebf9179d4b0d72e8af6557a8d4a1ddf52fa5a50e115dde950e60bf93a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3028601
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=jPjCdHwydzU1dkVMcEJLdGlQNjdTYTBkMnZGOStMMmY4Ny9TeWdVVncvLzhXVlc3RWpCNThZUEhQUGx4UnFtM3FWUTBmT3VTZ2szcUxRSStXV09Xc21OMEVhaGt3cnVYRHIrUVVDWUlETXo3K2o5VUVoQzV5VWc0TGRzZkdOOFNqa0psT2FNaXc5WG1YOEN6eTNPRSt1RUxpZ1M1R0FHb0ZNRmMwMFV5dEVmVzVjMllPNUxqQlZETlMyQnVpdTFYV0ZrNXA4MEZidUtJQ1lPSDd0OHNaa1FRc0hrMzN4bE5aaXc0S0FFVWx5QTl5K1Y0RlczRDQ2YlNTNzI3OXJRSUlIZ2NvK1dJWjYydERxVSt0OVFva1ZKOWx3OXF1ak1JTXdJMVFKMGhLWXUxb2IrQT18&cppv=2
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
660999
content-length
0
expires
0
css
fonts.googleapis.com/ Frame A3D4 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:21:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:39:18 GMT
/
hal9000.redintelligence.net/scale/ Frame A3D4 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
71af275527856854be2fd4e7578987cec3d55e7849926706fede0b7a94104dba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11596
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A3D4 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
002041589ceca7e802f2a2e042e3f44e33084b029dfe2d11aabdedae18ec540b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12112
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame A3D4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
8c36c01636740f369bdcf09f43fc0b3b99d14c1e843eeed64f7d69bc78b81083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9507
Vary
Accept-Encoding
Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame E7DF 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97229081&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:17 GMT
content-length
0
viewability
hal90009.redintelligence.net/ Frame B6E6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=87914300138108400951389012266009&a=8b7e5530&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 672C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
ts.js
cdn.retailads.net/ Frame 4BD8 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072206
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
ts.js
cdn.retailads.net/ Frame D251 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2442072198
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
packshot.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/packshot.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9b88abc7ea6a6b78478b858d46abafd1595b144964f1d92b0da41ab14f60d9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Mar 2023 08:09:08 GMT
x-content-type-options
nosniff
age
120610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19213
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Mar 2024 08:09:08 GMT
cta_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/ Frame 672C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6897791936204111872/cta_zweizeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09a80f3d899cf260301f4b556b8c1c4ab1402e18038e60e448de61bbfd21dc7c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 16:25:13 GMT
age
177245
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1248
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 10:47:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Mar 2024 16:25:13 GMT
dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995
adservice.google.com/ddm/fls/z/ Frame 7E4A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPuN__PA4_0CFZShmgodkm4PDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1994569073993.4995?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123
adservice.google.com/ddm/fls/z/ Frame 6CBB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPOygPTA4_0CFSDNOwIdkOYOUA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6776017022588.123?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2E65
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b949739b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0b72c742-449c-4599-86fd-4a653745e701
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2695723713456944503
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2E65
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b949729b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-KM7xtHlE2uFihgA3tJrjCK5IcaSYWL.Tg02neIQ-~A
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/FGMrCMMc/ Frame 2E65 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.124.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-124-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
0.gif
id5-sync.com/i/495/ Frame 2E65 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 2E65
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b9eace9b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=eb692a0c-9b2e-524c-b292-ec75d68649b3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
s.ad.smaato.net/c/ Frame 2E65 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, must-revalidate
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
3qpVxVSBZUwZotIjmTp_E2ymJ1ltRKMCj80cVAnKkplmPujFpQAl1g==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 2E65
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703bb8e749b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Mar 2023 17:39:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Mar 2023 17:39:18 GMT
setuid
sync.quantumdex.io/ Frame 2E65
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703ba2b5a9b2d-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-f381e935-85f0-33ec-995e-8472820901db
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-store
server
nginx/1.22.1
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 2E65 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Mar 2023 17:39:19 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
check.html
biddr.brealtime.com/ Frame 7FED 		977 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.21.29.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
6449
CF-Cache-Status
HIT
CF-RAY
7a9703b94f719c12-FRA
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
Last-Modified
Thu, 26 Jan 2023 15:01:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzI9T2QHE3HL5NlhSkrxSFRaSI449Q2q3DtxxrnHYPgNqb3MhrOwPxHJqnyVGrzl3QcXJe18euvt95aS4e08m5mGdBb2%2BhxXngrSEJdZi%2FhKLjmXYoaa28k43fbfjPtib3Np047m"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 44f658df84aa9c8ad66070ade8f68046.cloudfront.net (CloudFront)
X-Amz-Cf-Id
5H4fESYs4NmHNV_r5TgGn9yt7Ra6s3N_jVV0XGXD1HdK6Lzl_Dmhag==
X-Amz-Cf-Pop
DXB52-P1
X-Cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-server-side-encryption
AES256
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9D1B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
37593
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 01 Mar 2023 07:12:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
20, 389249
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220050-HHN
X-Timer
S1679074758.431190,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 7D74 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame A01D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6345d728449a20fe5febb6db01bb2c5a1e054bcc1a015d9b81e357b9bcf29607

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1696
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pbsync
usermatch.targeting.unrulymedia.com/ Frame 1292 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
/
onetag-sys.com/usync/ Frame D033 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 6C62
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 17:39:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Mar 2023 17:39:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9AE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49807
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Sat, 18 Mar 2023 07:29:25 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 450B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKgK_yqraClkFNridBA33J6n6yL7M3mhz6_1nEMU1IVKWYgpPZhdL8yQC6nYkfUhu8nb_BtCwyy427VXlTur_SWbaBiu4Sp4uBmJIDyotMSdK_FFfm7K7anm9KX4Uf09jJpzSoAxq-n4xzMx3Ouvkvq06MriNMAGRba-RXSZ4_HWl1KY6N-WpQFRggEgQNLVVhJpODhfX5C2b-ZrHy8KWYMP8jz_e2usd-awT_vSz6UNxH5qSumDl5qyJfuh3-kWDP_MB6QObeXp0szmDMXUEoIioIPTpe9B5lG0DlWZ9Lr6IJd8YAdk-4qnvgl8u2BhvehFuHO6BTFZ8jX_ap&sai=AMfl-YSteVKTv6gjUocNALgKmEzZbqnnt9kR4WVfzkQ09zryg8eKXEPpQW9cm4ZjU4j7NpQc5URoQE2EEx3lhccMz4YLiKUNwh7VacyNFsw8roQQqnx7yYsQfVgCcoW_Pfc&sig=Cg0ArKJSzMXr7YaZ22H2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:18 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:09 GMT
x-content-type-options
nosniff
age
130689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:09 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 14:59:58 GMT
x-content-type-options
nosniff
age
95960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 14:59:58 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123281
x-xss-protection
0
expires
Fri, 17 Mar 2023 17:39:18 GMT
1
sync-eu.connectad.io/syncer/ Frame DBC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a9703b8f81f3659-FRA
date
Fri, 17 Mar 2023 17:39:18 GMT
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 734F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
AN-X-Request-Uuid
edd8cc7e-1bd1-418d-ad1d-93a528bed87b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 24CC 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
AN-X-Request-Uuid
0d751079-448a-4b67-98a3-d5645f8a7df2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
eb2.3lift.com/ Frame 9524 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
gtm.js
www.googletagmanager.com/ Frame 292C 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6561bd491ddee6a9d2d57c666507f3455e6a21969618cc17d5ce807bc8053267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41375
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:09:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Mar 2023 17:39:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 015B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXq3E5BHU57GJif8PlygssyY0SotAdMfob_lcpGSbEbyfez5iWy516ji6XoKCQkM_qZ2hAM2nveLL775OFj7cr2JXyddm3bC9rMUtmZagv-1QN1b2J&sig=Cg0ArKJSzN1UmRW2C0mQEAE&id=lidar2&mcvt=1267&p=199,1599,200,1600&mtos=1267,1267,1267,1267,1267&tos=1267,0,0,0,0&v=20230315&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1850051439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679074756954&rpt=237&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame BC93 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e380b57bddbc001f4a7735a42344e387bc1304c3a11948eb4a05b60b55b343f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41321
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:09:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Mar 2023 17:39:18 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jPjCdHwydzU1dkVMcEJLdGlQNjdTYTBkMnZGOStMMmY4Ny9TeWdVVncvLzhXVlc3RWpCNThZUEhQUGx4UnFtM3FWUTBmT3VTZ2szcUxRSStXV09Xc21OMEVhaGt3cnVYRHIrUVVDWUlETXo3K2o5VUVoQzV5VWc0TGRzZkdOOFNqa0psT2FNaXc5WG1YOEN6eTNPRSt1RUxpZ1M1R0FHb0ZNRmMwMFV5dEVmVzVjMllPNUxqQlZETlMyQnVpdTFYV0ZrNXA4MEZidUtJQ1lPSDd0OHNaa1FRc0hrMzN4bE5aaXc0S0FFVWx5QTl5K1Y0RlczRDQ2YlNTNzI3OXJRSUlIZ2NvK1dJWjYydERxVSt0OVFva1ZKOWx3OXF1ak1JTXdJMVFKMGhLWXUxb2IrQT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Mar 2023 17:39:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
348098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 8CE4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
93e1604508eb3670d53ebc437b3e8d68636cbed3c81d8eb8a22a7f295ace04d9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1904
Content-Type
text/html
Date
Fri, 17 Mar 2023 17:39:18 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pbsync
usermatch.targeting.unrulymedia.com/ Frame 93EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D79 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49807
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 17 Mar 2023 17:39:18 GMT
expires
Sat, 18 Mar 2023 07:29:25 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0C50
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 17:39:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Mar 2023 17:39:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4759 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pvClk.min.js
analytics.webgains.io/ Frame EDDC 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=87914300138108400951389012266009&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
763
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
RDzgxsw_lPnqmrCf23A86EvxtrlnLa_w02UQCFTb_VAHP1nJ_Ygmtg==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame EDDC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1679075057&Signature=IkdB0-SyhivszK7vEhWt0KGE3f9og8m15r0Y4iIEaG2W-AhqZlC6eo0YCzKLCmYC5D5RTEeF~gCnIELt0FZ8UzDKpP7My1TneH6lLNFxFrMCrNbEqvIZRVDf-gAi1J6xR6v8uUQPUgC2OTDVXtZbF1lgACkME3HIKn-QYdHkqcNtXMf9~vFR0nifet6SXB8~LKOu1ys6cLHOBWcVPGSz0~MZ2HWApqdX0wEKP4lSGetXG241oI~BVVgxmiezvrKsJ6me2u9UbNAwK1nmgS1fc33bBEvkDF~~PmVrR-83TbI3uxUj5exIeuNnQImoU2EBPp-qN2y-jq717-ygWp0i1Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 17 Mar 2023 05:40:40 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
43119
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
qBUsZC3sSo3ADD0Jys7PR6NVTVv7CYO-3kpYenIt5OFX1RGIJ8h-tQ==
pixel
cm.g.doubleclick.net/ Frame 292C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx-E-wBDHQjgGViKsYrWAt8LT75FU9IDmj3qIr2Ez0l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx-E-wBDHQjgGViKsYrWAt8LT75FU9IDmj3qIr2Ez0lbljmWXtyZz9gmlC6s_qf4QeACkXSiMAPcLklnlcISLZZHVHnbtJ4ZRu0
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0db3176ec3573a64a@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZkFONllKdVgxUERlMlc1&google_gid=CAESELbFT4KkgQAktcgu9TjA_I4&google_cver=1&google_push=Aa02lx-E-wBDHQjgGViKsYrWAt8LT75FU9IDmj3qIr2Ez0lbljmWXtyZz9gmlC6s_qf4QeACkXSiMAPcLklnlcISLZZHVHnbtJ4ZRu0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 292C 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEB0CIpb2-9Z1K2_5OcnjYPw&google_cver=1&google_push=Aa02lx9fzwPb5f8AovrjSOS4i9w4OzCcIz3hNd_VnYNxY9T7MaRQ-agib3j6VQYvsqKh2NLO7uXc79XrQ18A1p__0l5EYsEwUjiXUC3H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9fzwPb5f8AovrjSOS4i9w4OzCcIz3hNd_VnYNxY9T7MaRQ-agib3j6VQYvsqKh2NLO7uXc79XrQ18A1p__0l5EYsEwUjiXUC3H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a9703b92dc6bb8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 292C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEy4bqPcty8eIzROjHvIo9A&google_cver=1&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M9euJad1OBHuzp2u08
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M9euJad1OBHuzp2u08
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F97C10DC90EA4B38BF79CABCFFBF2EF4&google_push=Aa02lx-ZzrCYSYNf7sWXZkhzbYBXzs64VgooT_Y7MZJtOvJRwph6paf6oij08ZzamL2HuvsGr5bfTzzzsOZmW6M9euJad1OBHuzp2u08
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Mar 2023 17:39:18 GMT
google
match.adsrvr.org/track/cmf/ Frame 292C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMTy83FuK1yMRXsw0Q4stYo&google_cver=1&google_push=Aa02lx_IvgQmXUKUFifDkb0CoXDpnOw-ydVIshbBITPd4rInztqOMHNVj16B7uZ1LA057bomNt0G6GmTmx03rsf0r6UCNGqswtbHuSbT
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 292C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPCM69NBWHOQpDbJx7xGTx0&google_cver=1&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fk...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_gIx1lYhgAF7k6xDhm4rMz5ezF3-2dw4qEByJeNuJGZVWfL0dI40m8qfCENv26cSaaTKozWkX2RrUoez4GS-fkDlrd5MJ007w&google_hm=Geq3fO_5QCaOYlPlHMQ-Tw==
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 292C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGwLb6g04g6n0Jl7la0IYdg&google_cver=1&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGwLb6g04g6n0Jl7la0IYdg&google_cver=1&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6t...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAzOTM0ODk5MTA4MjU4MjYxMw&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAzOTM0ODk5MTA4MjU4MjYxMw&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M1aMKPS1PXfuap9BqnrAaRsYl
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAzOTM0ODk5MTA4MjU4MjYxMw&google_push=Aa02lx8bBLl3zHabbDqVWGKttFsd6c0iFpeQ80BrKPBa3o9GwXWqWdFbsKWLt_OaY_4AvB6p_6tXgY5M1aMKPS1PXfuap9BqnrAaRsYl
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 292C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ7bf8YD1w9NBS8gWb0c-MA&google_cver=1&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCR0QtMU4tODFDUw==&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIhN8MpHv2u8EXz75xsJtYJhed6v5HO_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCR0QtMU4tODFDUw==&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIhN8MpHv2u8EXz75xsJtYJhed6v5HO_
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZDVFJCR0QtMU4tODFDUw==&google_push=Aa02lx-ylNSJxGBK6EYMJTd7KjZ4dhRs3JlEaJ_WrBaYQu1KRrlQEYPoNimsZikjItibYpHCEIhN8MpHv2u8EXz75xsJtYJhed6v5HO_
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 292C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lm5faM8tAdOEv-mGt8auHEJpIY2sE-LOMisfY8agsTQy9jEkT8jiS-zr8wJMn-aFTU65ht
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 484B 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=42599400123205300951393012266024&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:26:36 GMT
content-encoding
gzip
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
763
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
bQqvmGSh4RTzAa6M8gpQA3TpYzvMP3SgInZLocsL9_qbj-hEc-sBIA==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 484B 		85 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1679075058&Signature=pTaSOZ63nnjQjpVTC4dLTzzUImq2XaUYXXu5AiUQKlPr8tE73pgRqclNLJIAR74OYeq6irrhqcGdLW-9X9TFy3CBgmLx04iUSe6WybG0PzfKi5q~ZKF-95FvAJxTYtbAlFF-zTHryU~5gRV6JtAVxpy5X80LlgSDul64~-K3Kii962Sj6qDlLl~eadZn0Xw0NgBTzbPrjwlhAsk2IiDOpHQI~I~ETGirSo1Ke1auOj-vth-sCVoO5Q6rXc0Ts31mTt7vA1odxmrv2iNvEsI1bvZWvlACJWdhNmxY9qlp3RpcaI2oZ68NOM3DoT5rEVMqa3XSz6HDb0ZSN8hReeSKEg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 30f6810583110272790456a336f56061.safeframe.googlesyndication.com
URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 17 Mar 2023 04:01:51 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
49048
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
2-bFe5VN8I1uZNSFL48RSRMT1tA6s2FlCEGKbVeOI7bqnus_GhX2tw==
csync
sync.console.adtarget.com.tr/ Frame 99CE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dmRE2ng2WecU0QRM4qnJ&pi=admatic&tc=1
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dmRE2ng2WecU0QRM4qnJ&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Mar 2023 17:39:18 GMT
Etag
b5cb227a76f21383
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Mar 2023 17:39:18 GMT Fri, 17 Mar 2023 17:39:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dmRE2ng2WecU0QRM4qnJ&pi=admatic&tc=1
pragma
no-cache
cookie
cm.adform.net/ Frame 5AB5 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 17 Mar 2023 17:39:18 GMT
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 2308
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Breplace_me%...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743408%26extuid%3D%7BPUB_USER_ID%7D%26gdpr%3D%5Brepla...
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=e43c1a69-4fc5-4256-916a-8f086c5192cd&gdpr=[replace_me]&gdpr_consent=[replace_me]
43 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=e43c1a69-4fc5-4256-916a-8f086c5192cd&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Adtelligent

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 17 Mar 2023 17:39:18 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743408&extuid=e43c1a69-4fc5-4256-916a-8f086c5192cd&gdpr=[replace_me]&gdpr_consent=[replace_me]
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame F8B5
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b5cb227a76f21383
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b5cb227a76f21383
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Adtelligent
Etag
a46222d4bf8f1742
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b5cb227a76f21383
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Adtelligent
Etag
b5cb227a76f21383
Content-Length
0
prebid.js
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 450B 		443 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3a6cfc2b754092ab5b796e534e54c36380220c61abcbdf7819c3c55848a26adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvO3NEq51JvpyuBOSV_U3Lb5W0aLCeeSal_LiIlKj8T-HwVJAa02B6truLjYcpYgPfVyFeSSl8Dtf7cuqi7l35gBJ46LW2Y
x-amz-meta-version
100.2.0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
142533
last-modified
Wed, 01 Mar 2023 13:14:43 GMT
server
UploadServer
etag
"e62cf19f5e43122bdcf6112389f14810"
vary
Accept-Encoding
x-goog-generation
1677676483133116
content-type
application/javascript
x-goog-hash
crc32c=uDM6iQ==, md5=5izxn15DEivc9hEjifFIEA==
cache-control
private, max-age=86400
x-goog-stored-content-length
142533
accept-ranges
bytes
480_650.mp4
cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/ 		76 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd62-96d20f"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-9884174/9884175
Connection
keep-alive
Content-Length
9884175
dcm
s.amazon-adsystem.com/ Frame A01D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RX9VT6VBBYN6KDE6KDEW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P8KRVDN0MBW9ETRD0RY4
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A01D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A01D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A01D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBSlw3aEfnKQynXucJ8gjAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A01D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
ix
ad4m.at/ad/sim/ Frame A01D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame A01D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679161158
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679161158
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1679161158
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame A01D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=986d6414-a5c5-4600-8d41-10e13b984dd6
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=986d6414-a5c5-4600-8d41-10e13b984dd6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
MT3 569 46451a0 master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=986d6414-a5c5-4600-8d41-10e13b984dd6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Mar 2023 17:39:17 GMT
setuid
sync.quantumdex.io/ Frame A01D 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703b9eac99b2d-FRA
content-length
43
content-type
image/gif
viewability
hal900024.redintelligence.net/ Frame A3D4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=42599400123205300951393012266024&a=4722a083&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=42599400123205300951393012266024&a=ce1dabc5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
img
sync.mathtag.com/comp/ Frame 1FC9 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=986d6414-a5c5-4600-8d41-10e13b984dd6&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 569 46451a0 master cdg-pixel-x25 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=986d6414-a5c5-4600-8d41-10e13b984dd6&no_iframe=1&synclist=4&mt_lim=1&type=1&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
MT3 569 46451a0 master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 17 Mar 2023 17:39:17 GMT
async_usersync
ib.adnxs.com/ Frame 9D1B 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
AN-X-Request-Uuid
b98950f4-3987-4033-92d0-ffebeb4a0fa7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8CE4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7BXHDWXD13JGS0TDFMQX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3BTPZ5SWTDMBNRJANWZ9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8CE4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBSlw3aEfnKQynXucJ8gjAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDL-fAJRrbru7BwlZxsvyIM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8CE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEltG6qpDAkmc4gz9KzN29c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8CE4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 8CE4
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=dedf0352-f68b-4e6e-8740-a117da1e2c7a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=dedf0352-f68b-4e6e-8740-a117da1e2c7a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=dedf0352-f68b-4e6e-8740-a117da1e2c7a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 17 Mar 2023 17:39:18 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 8CE4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBSlxgACUdB7OgAG
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBSlxgACUdB7OgAG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220040-HHN
pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1679074759.748964,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBSlxgACUdB7OgAG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ix
ad4m.at/ad/sim/ Frame 8CE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 8CE4
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=171521e2-d6d5-415a-8d5b-54bf4e5e24fe
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=171521e2-d6d5-415a-8d5b-54bf4e5e24fe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=171521e2-d6d5-415a-8d5b-54bf4e5e24fe
date
Fri, 17 Mar 2023 17:39:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 8CE4 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAAFH8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7a9703ba2b649b2d-FRA
content-length
43
content-type
image/gif
U2ZvajBkdTBtK25IVkRQY25GQ2JZaVJqWkV1TFpZUk9YTitLQjdCK2k3MTVQR2QxcGx2Z0w5YzZxU0V1V2s0R1NmczUvMTBRWEFTUTNEbEg0dzJGTG4yNnRaUEtWZjFxM3dLWVNibGNhYUVGUEs1ZWd6RU4zb3FYNDNHWUJlZXUvb0M0c2JRUGhleGcvVFhOai9pR...
ad.vidverto.io/delivery/video/pod/ Frame 3849 		34 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/U2ZvajBkdTBtK25IVkRQY25GQ2JZaVJqWkV1TFpZUk9YTitLQjdCK2k3MTVQR2QxcGx2Z0w5YzZxU0V1V2s0R1NmczUvMTBRWEFTUTNEbEg0dzJGTG4yNnRaUEtWZjFxM3dLWVNibGNhYUVGUEs1ZWd6RU4zb3FYNDNHWUJlZXUvb0M0c2JRUGhleGcvVFhOai9pRy9lYVFwb0laMFd1bGJDcTY2bWNXME1sdzNSUzlZSVVBRkNPNHc4SW1RbW5mMkl1WkNOdW92WDQ1VzBSSTZwakZwbFl6UGZTbDVCZm9uZm1IWmVYeEtrTlpKVTl3NHk4UzlpUDdUSVQvekVhRVcwRi93QytpdzJnY2pKcTZUaGRBWHd6VlQyWk14R0ppMUlrU2FONEZvN3d6OEtFNElrWDVWNytZNHU1amhqZUlQTCtzWm9GN0x5S21RTzJCdDBNQWJiMHNROUpBck92WHdGTlBtcDFoNk9ma0o2eWRCWTBlVWVWMkRzZHg1MERtd3FneWYwcW1LVjVIMlkwOW10eDhpaWQwYVVqMFo5YmdWYW04aDRaa3M2VEZFQUNQWHN4SWRNNE1kMjVqdnFQQXlrRmZNY0hNN01hOE1XK3pRV3pjeW9kOHVDRis0OXY3d0d2VFFGd3l3MmkyWU5rVERFcVExWnkvbnMxbjB6RmU1VVNPc2dwNWlZSEIzQmhxOCtmVmI0bk1zUzQyODVnOGNwMUcrRUlJNUFsR0JLeGduUHBpZG83OTA1VWZuZlhHWkhFcGJNSjRTN0EraDNQUjJpMlNGdHVCT1NHSlZCZ2lLSU5MdFFnNmlsSi92bktTNVdHaWtNQTRZVnlRZ0QvS01SSGRvS293TnpSWlhRY1BCL25QUTlOM2hheU5aeXZiblNRc3I5Y25VZnpQWDZFMVU4ckxzajh0NlB4eTdVdTFNQmY2WjZDRzBFRHJlTTdCUTgzTnEwZ3RvVVMvZnpwVlJwMFFRMlhVZWV3PQ%3D%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
38bd491ab6ed5b337edb0cca5b1be78125d0ef995add571f0abb41db411b4e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
setuid
user-sync.adxpremium.services/ Frame 9524
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=3e29c0789947d565ca7838121622b2f721b02878f7bf3eb6154bc4af9c54e8d2
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=3e29c0789947d565ca7838121622b2f721b02878f7bf3eb6154bc4af9c54e8d2
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=3e29c0789947d565ca7838121622b2f721b02878f7bf3eb6154bc4af9c54e8d2
Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame A3D4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900024.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 19:53:32 GMT
x-content-type-options
nosniff
age
510346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 19:53:32 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame A3D4 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900024.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 00:28:56 GMT
x-content-type-options
nosniff
age
148222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 00:28:56 GMT
bridge3.563.0_en.html
imasdk.googleapis.com/js/core/ Frame DCC6 		708 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
230581
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 02:08:38 GMT
expires
Sat, 16 Mar 2024 02:08:38 GMT
last-modified
Wed, 15 Mar 2023 22:09:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 3849 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lfctrb5r&c=8250620160083&slotId=4125310080041.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EDDC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT7QdqBs9gHs7JUNhHHv1d9bYYFnhTJwMjgNdV73qcBwSU7Z8KI9_2yIQscEsyAK6ZTbiQw8abT8A9teg4_zk3-P6c&sig=Cg0ArKJSzCm2soYcTQkxEAE&id=lidar2&mcvt=1069&p=1110,436,1200,1164&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=457888345&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679074756727&rpt=1019&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C4C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFECmg-8QtSQIIC7FbWCJ5KVLIAmH42WpWlD6WvQvpjYC4gvZA25jJw0KYWCtyFCHQCsWZK-sL_J8arV4z3khEwB8lPGtL_10PNUvXxApAxAJMm8LwbtDJZhscfaGto9D2fkjKTA&sai=AMfl-YQyfvVJXNX1Avcq4HaTfI49IL6nPf1ezK1LPi4Y2yeOcO4Nt9sWBAMew005ikH-b8i-jPxmr1dp21x29ULEuJe9BXqmHFHUQ7eOPE8lMlXMvmrUSFNqup-FOoxo&sig=Cg0ArKJSzLFRlA1h3TzuEAE&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&id=lidar2&mcvt=1071&p=10,115,100,843&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3611282516&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679074756971&rpt=790&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 42E4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3R3Fd8_LG4HBoUytkskpfaZ0KFRBejRcZAbgU1uEDNzIskEbHfTVQLvuuOo37R_Ebj5d_-mQc7z_6cnFVOankqwvdi0D9cJr9KGTmovqZJ9ERpHjAub93elNVhjxSuzmZqeAL0w&sai=AMfl-YSiV4j0nybkQRFLfEG2HrqVDVjz1knRY5y-MjtC9aX3m_DbKfgDUL82RJP4Pw_3KwlH8xvb0d8BcudMny4L8uNX1qyUKtqq-pcuecQ2M0SBgVcaZJinhM5wqnqz&sig=Cg0ArKJSzEv_ITs6AOEbEAE&cid=CAQSPADUE5ymylmfBXW9xlw1g9Tyuj4o2TrBP9tlGd6dyRxX0rd25yvPl6b3FCP1aaH3Kfk-kWgqYNBuK2-yPBgB&id=lidar2&mcvt=1058&p=246,315,336,1285&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2342546863&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679074757002&rpt=809&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 450B 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230317
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84ef5a6a9fd3bdc28d9e32a44b7b7e38f4d9f3dde03417912f12327efd90235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 17:39:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5907
x-jsd-version
1.0.1649
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4566-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"633-2jbGiC/StRh88u78+IQnVTqWfbY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdSb6Tfb0lX4oKWU86dwaVhpBx13XQ5tCLL4zJJqyh8jRV04nA4YMuKPrKPbKW%2BYvWsMBPjZWlyblwXVnwkTLPNASiyTifzFYsgDM5R2mmmh8ak5r4skLgPa5WK9nWp37X%2BTkuo6vRcQ%2B%2FM%2Fivw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a9703bb7d6739ec-FRA
min.js
cdn.kdaimo.com/projectagora-483829/ Frame 450B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.kdaimo.com/projectagora-483829/min.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-98.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 01:24:29 GMT
x-amz-version-id
null
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2022 01:00:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
58491
etag
"61e4dbcc663e6d945cd8b7db1c35a1e6"
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
2849
x-amz-cf-id
HVqctjktFmi5UnPG_N6a-sOb5QpQeVwWOSmoNKfmxLrFoXl1bMev7g==
usync.js
eus.rubiconproject.com/ Frame 0C50 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
35acc7b065971bbf012d55ea1094d6179464ae7a9c98dcbda4eb99678b4f2fef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 00:18:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23889
Connection
keep-alive
Content-Length
9997
Expires
Sat, 18 Mar 2023 00:17:27 GMT
usync.js
eus.rubiconproject.com/ Frame 6C62 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.98.130.104 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-98-130-104.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
35acc7b065971bbf012d55ea1094d6179464ae7a9c98dcbda4eb99678b4f2fef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 00:18:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23889
Connection
keep-alive
Content-Length
9997
Expires
Sat, 18 Mar 2023 00:17:27 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		98 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C53923969%2Fmt_video_NPR%2Fmt_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&cust_params=mt_fln%3D1.8&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758955&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
e04559fdc8e0c0d86d1c3d315a3b6e795fdb20e336305fd1bca8b41dad7668bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21890
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3849 		91 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22679584040%2Flebanonfiles.com_%2Fvast_15&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758957&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ddcb4e8f654ad7567d9e1e12e36d6a584db042b2ac7b4fc1cb128fbb536af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16919
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3849 		92 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22679584040%2Flebanonfiles.com_video_preroll&description_url=https%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758959&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d673f6e1f7b5faf51bda557250d05095108abbd598b650fed193e107b52b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17428
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		98 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&cust_params=mt_fln%3D0.8&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758961&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
9412c082d36ceb582eaaa1b57bde393263d8a3dae33d950eb454ab93331b8931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21899
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		98 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&cust_params=mt_fln%3D0.5&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758963&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
651d3bed044a08910616209ae8ccb1e2ab7c55872e390ae1b123061da23da2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21898
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		98 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3904071645489437&cust_params=mt_fln%3D0.3&sdkv=h.3.563.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=709009155&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.563.0&sid=6A465ECF-4884-4FA9-9F30-1FE81CDD6E43&nel=0&eid=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dt=1679074758964&cookie=ID%3D9cf087de5a3cbf88-220b18235fdd000e%3AT%3D1679074753%3AS%3DALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw&gpic=UID%3D00000bc7e44931e4%3AT%3D1679074753%3ART%3D1679074753%3AS%3DALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw&scor=4153861538524268&ged=ve4_td7_tt1_pd7_la7000_er1479.475.1515.1125_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
acd33d783da12f60ed81f4e6173d079cf02e3f187680e52dbf286d3d7e17cfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21859
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/ 		149 KB
149 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
76c9040105688355d6ec14be0eb62a13c8cff947692ebcb0e709081ff7981cf2

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=9732096-

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd62-96d20f"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 9732096-9884174/9884175
Connection
keep-alive
Content-Length
152079
batch
services.insurads.com/dfp/mapping/ Frame 5351 		934 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_1x1%22,%22eoid%22:2761469273,%22eolid%22:5507213652,%22advid%22:4830452331,%22w%22:1,%22h%22:1,%22eId%22:%22main_lfiles_1x1_0%22}]&h=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.11.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.40.0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-40-0.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13e9fc41036924771859e01ac46fc3c781b2853b315a18f995fa285f9d1137da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:19 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
khaos.jpg
token.rubiconproject.com/ Frame 0C50 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 6C62 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
localstore.js
script.4dex.io/ Frame 450B 		483 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
929384
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr5Bf%2FXHXN1iOGxMO3FZsQ%2FiOTnWM7w63QQG3IGhc2uNCgTPrgxKZtFzF%2FvMzQijXlKwb5KOa1DBI3FzkuIxKMQ5D11duilIQWDHtZay%2BspjZ7sTKhUrkLe7Gkrk%2FAEtoZklApj0zyrVfe2F"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a9703bcfefd35f6-FRA
v1
btlr.sharethrough.com/universal/ Frame 450B 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.47.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-47-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:19 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
projectagora-d.openx.net/w/1.0/ Frame 450B 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 450B 		137 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ab4145f2aa894111335a256a9782193dfc4b0bfcac9b28434cf5a72f8311df99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
AN-X-Request-Uuid
92dc34a8-6756-4a80-b0b0-9aa05eeb3f86
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/58d04/1/www.lebanonfiles.com/ Frame 450B
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/58d04/1/www.lebanonfiles.com/ROS?rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D...
  • https://pbjs.e-planning.net/hb/1/58d04/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D...
62 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/58d04/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
da720d72df0a9806c124a95cd127112114754c0bdfba4efd503dea3d4c0da63a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Fri, 17 Mar 2023 17:39:19 GMT
date
Fri, 17 Mar 2023 17:39:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.lebanonfiles.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
62
x-sid
AMS-928

Redirect headers

date
Fri, 17 Mar 2023 17:39:19 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/58d04/1/www.lebanonfiles.com/ROS?ct=1&r=pbjs&rnd=0.5986532414346204&e=21105888%3A300x600&ur=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&pbv=7.26.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F
access-control-allow-origin
https://www.lebanonfiles.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-928
auction
tlx.3lift.com/header/ Frame 450B 		19 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&tmax=2000
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.157.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-157-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model
x-auction-status
17
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ Frame 450B 		114 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ebc5e696f48ee3e21b44b18eb495689a6d188f580895760343a0793580dfb8

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 17 Mar 2023 17:39:19 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1069
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7a9703bd1f719137-FRA
expires
0
v1
prg.smartadserver.com/prebid/ Frame 450B 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.lebanonfiles.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 450B 		36 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=660899
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8902748a5ad5a83a23401f05003b8a6d9b7e05418f3f7330438e3cadb1b527d

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqmUBrmaK99yUX6havMCj85NHA2dy3MkxWbOnyq5Ttp2bNxlz3yn4OXlsbsqAxGto7p3sfpiD%2Fcr%2B0SQpgrDbUS48tFqoE%2FX5%2F6QOep95uU4tEzmLOFLTTMmQRpk43iiNktad92v"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7a9703bd1a4a2bbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 450B 		241 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=302206&zone_id=1987608&size_id=10&rp_schain=1.0,0!projectagora.com,102200,1,,,&eid_criteo.com=27lKTF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdsNXBLbUxXRzQwZVZTNjQyN2ltZXZQTlpFRlVlbjRmVlpUSndnYkREbVJmMm1PakFnWEc1eFVSdWNhbU84Z01KWHJsblh4OVRtNFlzbmdpUk1kUjJnSDBvNmtEJTJCSyUyRjh0S3lJSTRkTmxyUU8%5E1&rf=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&tk_flint=pbjs_lite_v7.26.0&x_source.tid=f2748365-db2f-4dee-91df-1d4f85db91e9&l_pb_bid_id=181d3427e3e0f11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5151043304469307
Requested by
Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0199142ac31babc727bfe5a60f8d642c47c2f609b20aa1d39303b7b0909c9add

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ Frame 450B 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZP4MR8PE9VMSC2QH
Age
1928620
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
nVOMylqT6UQwOq7JBGHQguYQkGeCICUouRZ0w2lFBN0cZZlSSv/EGrLG4KIu1yUEUnSJ9ZTltug=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4uR0SQohNyMLaxwgorP9S7ohXvDobZjGvL20kwn9x%2BjxVImZB1TRn4GH8%2ByHF%2BVQ3oKWoHqj62aGAH7tynOQrrrnRMOoj4VtRBk9n%2FcvvlPq4gNp%2F4BenReOJOIYLkF%2Fr6AgAkxaSscrlal"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
7a9703bdcf4730f4-FRA
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6C62 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
480_650.mp4
cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/ 		156 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=65536-

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd62-96d20f"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 65536-9884174/9884175
Connection
keep-alive
Content-Length
9818639
csi
csi.gstatic.com/ Frame 3849 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lfctrbnh&c=8250620160083&slotId=4125310080041.5&ghmsh_eids=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3849 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lfctrc0o&c=8250620160083&slotId=4125310080041.5&met.4=ghmsh_s.lfctrc0q~ghmsh_s.lfctrc0r~ghmsh_s.lfctrc0r&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=ykZ9ae-0oHXwrO7w
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
vid.vidoomy.com/ Frame C57C 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 17 Mar 2023 17:39:19 GMT
etag
W/"640615ca-c23d"
last-modified
Mon, 06 Mar 2023 16:33:14 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AcO1qhGlZhD/Aq4CAA
x-77-nzt-ray
4c156224b583278fc7a514646ee40c35
x-77-pop
frankfurtDE
x-accel-expires
@1679935941
x-age
175618
x-cache
HIT
viewability
hal90009.redintelligence.net/ Frame B6E6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=87914300138108400951389012266009&a=8b7e5530&vb=v
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=87914300138108400951389012266009&a=8335e34b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
480_650.mp4
cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/jarsFFeGqSVoinz/1361/video/1861/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=196608-

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:46 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd62-96d20f"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 196608-9884174/9884175
Connection
keep-alive
Content-Length
9687567
csi
csi.gstatic.com/ Frame 3849 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lfctrc1p&c=8250620160083&slotId=4125310080041.5&met.4=ghmsh_s.lfctrc1q~ghmsh_s.lfctrc1q~ghmsh_s.lfctrc1q&ghmsh_vi=134%2C136%2C243%2C247%2C&cpn=uBv8mg-ovrF2teNQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3849 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lfctrca2&c=8250620160083&slotId=4125310080041.5&met.4=ghmsh_s.lfctrca2~ghmsh_s.lfctrca3~ghmsh_s.lfctrca3&cpn=UvHQtzzPHxli0IpY
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 734F 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
AN-X-Request-Uuid
a8283e18-dafa-47c9-b5e4-868bf8f32cb5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 24CC 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
AN-X-Request-Uuid
feb5ebca-c02f-4579-ab81-91730f73db6b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 3849 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~lfctrca6&c=8250620160083&slotId=4125310080041.5&met.4=ghmsh_s.lfctrca6~ghmsh_s.lfctrca7~ghmsh_s.lfctrca7&cpn=tWhwl4VuZikFZ0jY
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9D1B 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:19 GMT
AN-X-Request-Uuid
4d8fd769-ef70-433d-b1ff-2855eb84b7f5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.101; 80.255.7.101; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame 3849 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~lfctrcaj&c=8250620160083&slotId=4125310080041.5&met.4=ghmsh_s.lfctrcct~ghmsh_s.lfctrcct~ghmsh_s.lfctrccu&cpn=E1J7d6rdo-dUN0nK
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f8c2d162e6bcf02f84ae41c70dbc2a49b376f346bd8fe7d9c8aa2ea1ad35327

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame 3849 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~lfctrcd4&c=8250620160083&slotId=4125310080041.5&qqid=CI_DzvTA4_0CFVDE7QodCRkJ6w&gqid=x6UUZMevDcbxtwe2sKK4Ag&fb=ima_html5-lima&sdkv=h.3.563.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lfctrcd5~ghmsh_s.lfctrcd5~ghmsh_s.lfctrcd5&cpn=baCCbEcQG51ZBOwp
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 3849 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-3191289882045155
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:16:42 GMT
x-content-type-options
nosniff
age
1357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 18:06:42 GMT
V2EVy0XKg1_EvG76Z2TeE1k9v6LmKCrbkB-qxNYMv5DIlQlOZFEo6CRe3iSrQ3UfsAo3Q_EnwQ=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3849 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/V2EVy0XKg1_EvG76Z2TeE1k9v6LmKCrbkB-qxNYMv5DIlQlOZFEo6CRe3iSrQ3UfsAo3Q_EnwQ=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 -, , ASN (),
Reverse DNS
Software
fife /
Resource Hash
466afcaef2f516434a9bccecd43d8cb87627fa61cba99906594467d4d9e660c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 15:07:39 GMT
x-content-type-options
nosniff
age
9100
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1871
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 03 Mar 2023 17:11:36 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 3849 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CEYMGx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoErgRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwlBrXeBxMHurgiHQykXBYu3KlsuzT4BChdufpoYF77K8gGdPqnaqeopmziu3H_2HTSKpfAaLuAhkiCtK79rICb1IL-1VouofW_VFZMz32_HhG0X95D_0aO64LobhsV4sU8eUsWSmdxfdq7uk0gUv3-nC_YB3XefzsO2dYRRz8kVnLL0MEi4S_wqOQhC039KNvQqTEHI9ffAMV3v2gnadgu96WBRYcYscvvYkA9VQSi4pamnSafJBGRomerUvOlwt7DSHKbWfEtY25C_YM8ALZMhPxYZ9AyMbkuP2Edgt32P87syYHhDLez6Gs3In3Ho-bDSoXABNGYzuWfBOAEAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQLEJcNjG-3dH6o6ACgOYCwHICwHQCw-4DAGaDQEPsBOAs8gS2BMC2BQB0BUBqBYB-BYBgBcB&sigh=CrlGs5nrRyk&label=show_ad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:19 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CgAcjx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoErwRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwFBnEOvRDDeCfQM9sgRfLx8HVYiTn4BCVXvFxe3mvzK-ADXPqfj6M8O2JVxVf_2BH2Kpe9bbuAtEmftG36WcNu14p_JVvTY_C92MK5zJKnxBPX06RKCkUu4ILomxng4cU_jErjS2dziNlOuU8gp_4Jny_Y8nYrfDsOLNXkRD8ko3E-08EiFCwFq-Qh_k4IK9uwXDLPR9YNzcNmbZ8gcprV-q7TT6fQu4jGSlyTvFwOCLMW2clZEidyq9kiwx5KUuf46C7WHi4Es2IazR0W0fRq_xha7HkaE7klLKhfpKYSN-zsxZUpAO-DdmMVInPRG7qODVqIwATRmM7lnwTgBAGSBQgIGxACGAFQAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK3dXagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOAs8gSwhMGGPul9KEpyBPX6vnhA9gTAtgUAdAVAagWAYAXAbIXHgocCAASFHB1Yi01ODk2MzQwOTMxNzM4OTc0GM2eaw&sigh=JZJfOg82OeE&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADUE5ymWNOtINs3vVH_D8Ft6qD265bbMBDGLJDDpJydVP9PLbyRXu8UEeZkF_4Zih1ZKz-U_6zXvJiQRxgB&vt=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lfctratk&c=8250620160083&slotId=4125310080041.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr2---sn-4g5edndl.googlevideo.com/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-4g5edndl.googlevideo.com/videoplayback?expire=1679103559&ei=x6UUZJ3pIP-Jp-oP0LmRwAY&ip=2a01:4a0:1338:92::9&id=b3b7f44d9b360a57&itag=22&source=youtube&requiressl=yes&mh=Rt&mm=31&mn=sn-4g5edndl&ms=au&mv=m&mvi=2&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1678098832388493&mt=1679074378&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAJOqGjWgkWe33PD39u-KJhRkyDAVWF45IboX_6XjgFkSAiEArtpyqVKzM7FI2-7MoAGmgIFzFlaeVcWF8rppUWdgo9w=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgUTyH2k8vRdzedWfHNHNjhb6jgGEAiXMAQS9MehQhqwoCIDd51LRVHjpTfGfyKwJgNlDGKjfYWwDEuyQGq05RPeGn&cpn=E1J7d6rdo-dUN0nK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:18::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a98a5c249c0805923855cb4287483464e9661330e50fb4db18111a9d2c312df2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Mar 2023 17:39:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Mar 2023 10:33:52 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1910120/1910121
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1910121
Expires
Fri, 17 Mar 2023 17:39:19 GMT
tracking-event
api.webgains.io/ Frame 484B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:20 GMT
server
nginx
tracking-event
api.webgains.io/ Frame EDDC 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.33.70 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:20 GMT
server
nginx
setuid
user-sync.adxpremium.services/ Frame 9524
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAA%265247
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAA%265247
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:20 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 17:39:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZBSlw3aEfnKQynXucJ8gjAAA%265247
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame C57C 		1 KB
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 17 Mar 2023 17:39:20 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
181103
x-77-nzt
Abk73BAFLp//b8MCAA
x-accel-expires
@1679930457
last-modified
Thu, 09 Feb 2023 09:51:05 GMT
server
CDN77-Turbo
etag
W/"63e4c209-42e"
x-77-nzt-ray
908339306b1b04d1c8a51464da888d0f
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 3849 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CEYMGx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoErgRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwlBrXeBxMHurgiHQykXBYu3KlsuzT4BChdufpoYF77K8gGdPqnaqeopmziu3H_2HTSKpfAaLuAhkiCtK79rICb1IL-1VouofW_VFZMz32_HhG0X95D_0aO64LobhsV4sU8eUsWSmdxfdq7uk0gUv3-nC_YB3XefzsO2dYRRz8kVnLL0MEi4S_wqOQhC039KNvQqTEHI9ffAMV3v2gnadgu96WBRYcYscvvYkA9VQSi4pamnSafJBGRomerUvOlwt7DSHKbWfEtY25C_YM8ALZMhPxYZ9AyMbkuP2Edgt32P87syYHhDLez6Gs3In3Ho-bDSoXABNGYzuWfBOAEAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQLEJcNjG-3dH6o6ACgOYCwHICwHQCw-4DAGaDQEPsBOAs8gS2BMC2BQB0BUBqBYB-BYBgBcB&sigh=CrlGs5nrRyk&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 3849 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.563.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 20:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Mar 2024 20:37:21 GMT
magic.png
bgstats.mox.tv/ Frame 3849 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:20 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
tracking
ad.vidverto.io/delivery/video/ Frame 3849 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/video/tracking?vast=tracker&vsp=VUpzb29NQ0l1SWVDWGpXM1UxUmZTMkI0cUJZeGZlQml0aWkyaUU1QTF6bWtYL1J6VEMvV0ZRVlRkUHpoNElCdzZKTGx0Ly9WOFRIMmt4NG1YcFFiZjVEdjVWcDZ2TDlTQWlMV054cmRWcmh2QWlGUzZnZS9Ec1lBc1cxZ3BpdzZURnpxV3YraFF1R1UwQVdKQVJwcHQxZzVvVllDd0YwdXdKNHloS0NxdzZvNVp2YlMrSlBTVVdXdzlVcm5LeDZXaHZxaXU5d2UveTI4K2JFQnhOeWtyb0dUajZqcnpsb1FtU1lEZDBKSjE4K3FnSTQwWW5rVG1HWTBNYVBDek9Wdw%3D%3D&cb=1679074758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
adview
pubads.g.doubleclick.net/gampad/live/ Frame 3849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CgAcjx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoErwRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwFBnEOvRDDeCfQM9sgRfLx8HVYiTn4BCVXvFxe3mvzK-ADXPqfj6M8O2JVxVf_2BH2Kpe9bbuAtEmftG36WcNu14p_JVvTY_C92MK5zJKnxBPX06RKCkUu4ILomxng4cU_jErjS2dziNlOuU8gp_4Jny_Y8nYrfDsOLNXkRD8ko3E-08EiFCwFq-Qh_k4IK9uwXDLPR9YNzcNmbZ8gcprV-q7TT6fQu4jGSlyTvFwOCLMW2clZEidyq9kiwx5KUuf46C7WHi4Es2IazR0W0fRq_xha7HkaE7klLKhfpKYSN-zsxZUpAO-DdmMVInPRG7qODVqIwATRmM7lnwTgBAGSBQgIGxACGAFQAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK3dXagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOAs8gSwhMGGPul9KEpyBPX6vnhA9gTAtgUAdAVAagWAYAXAbIXHgocCAASFHB1Yi01ODk2MzQwOTMxNzM4OTc0GM2eaw&sigh=JZJfOg82OeE&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADUE5ymWNOtINs3vVH_D8Ft6qD265bbMBDGLJDDpJydVP9PLbyRXu8UEeZkF_4Zih1ZKz-U_6zXvJiQRxgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
B29517072.361174374;dc_pre=CLq6jPXA4_0CFTCB_Qcd79IPLA;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/ Frame 3849
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_pre=CLq6jPXA4_0CFTCB_Qcd79IPLA;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_fo...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_pre=CLq6jPXA4_0CFTCB_Qcd79IPLA;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Protocol
H2
Server
172.217.18.6 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1808690.3665442DV3600/B29517072.361174374;dc_pre=CLq6jPXA4_0CFTCB_Qcd79IPLA;dc_trk_aid=551785544;dc_trk_cid=188080506;ord=1421649213;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B29213908.361005227;dc_trk_aid=551997116;dc_trk_cid=187662148;dc_dbm_token=AD1EzRQAAAA8CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIvNqux0moAu7ouKoEsALX6vnhA0A7EIH82egDij1J_VMzzCks7t84iUQw_w==;ord=2...
ad.doubleclick.net/ddm/trackimp/N1808690.279382BIDMANAGER_DFASIT/ Frame 3849 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1808690.279382BIDMANAGER_DFASIT/B29213908.361005227;dc_trk_aid=551997116;dc_trk_cid=187662148;dc_dbm_token=AD1EzRQAAAA8CjQKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIvNqux0moAu7ouKoEsALX6vnhA0A7EIH82egDij1J_VMzzCks7t84iUQw_w==;ord=2586414105;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=14938814038219924987;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMIj8PO9MDj_QIVUMTtCh0JGQnrEAEYASAAEgJOEfD_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 3849 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C1UvFx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoEqwRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwlBrXeBxMHurgiHQykXBYu3KlsuzT4BChdufpoYF77K8gGdPqnaqeopmziu3H_2HTSKpfAaLuAhkiCtK79rICb1IL-1VouofW_VFZMz32_HhG0X95D_0aO64LobhsV4sU8eUsWSmdxfdq7uk0gUv3-nC_YB3XefzsO2dYRRz8kVnLL0MEi4S_wqOQhC039KNvQqTEHI9ffAMV3v2gnadgu96WBRYcYscvvYkA9VQSi4pamnSafJEmQOJI4wLU3YBlyHqcqfwSpB5jGmDqJHw_R6dxSxNobKWi2kn6kFRPcEdY8GR2F-hEHwkcvgo9u9TPABNGYzuWfBOAEAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATgLPIEtgTAtgUAdAVAagWAfgWAYAXAQ&sigh=P5D6EjPdMTE&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D33554706%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2341%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1679074759842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/video/ Frame 3849 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/video/tracking?vast=events&token=VEZKQU45aXIza3lnazBhc2lrQXRsciswNmViaUthMlpJVG4zSWNtWXphQy9mUG1rbXNwQUdjeVJMNW9jMkFvNHlkNFFkeUQ4aGsycVNENnpEeExsbkRvM2hCQkNydDV6cUFiMmVKS3hpM2FkeERtdnBkOXNCdWl5QmRrZit1RXRMa09hUC9LUHI5SkFwbHZ2RlRWTXRBdTFXa0hTL0NNejJVSzFOeXh4Q1B2clNuT2tOZXgrWEI2a2E0dnZEZmdoYUNEb29zNkt1Q1AvV2J3SEFFR3VPUT09&cb=1679074758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Z89Eb8W1QJlV4dtQCWa0PSZ_rsU0so7PR72g41UJ3N1g7IeNmhsqQ6B4iui3I4I9ZIJRSuYifM9tiXDzXlsdv-gp9hP7iOFf5yJVkBHqdoo8NKQHKQtes5cIsQgMW8bEtX-kQw&sai=AMfl-YSKtGg1RSgqj-Zvem7YIsVcsgt4BO0mVOOLmIhhmqp23VdNprQu6QSjjKe1_MF-s6Sf-5Q_m4OUixBQb3oRZMVlA20Zo6OFhz5W0yXXJlnpEGMPgOTjis0d8qat&sig=Cg0ArKJSzIgGAsAXbt51EAE&cid=CAQSPADUE5ymWNOtINs3vVH_D8Ft6qD265bbMBDGLJDDpJydVP9PLbyRXu8UEeZkF_4Zih1ZKz-U_6zXvJiQRxgB&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2342%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 3849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=14938814038219924987&acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2342%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3849 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26ic%3D33554706%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2342%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 3849 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C1UvFx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoEqwRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwlBrXeBxMHurgiHQykXBYu3KlsuzT4BChdufpoYF77K8gGdPqnaqeopmziu3H_2HTSKpfAaLuAhkiCtK79rICb1IL-1VouofW_VFZMz32_HhG0X95D_0aO64LobhsV4sU8eUsWSmdxfdq7uk0gUv3-nC_YB3XefzsO2dYRRz8kVnLL0MEi4S_wqOQhC039KNvQqTEHI9ffAMV3v2gnadgu96WBRYcYscvvYkA9VQSi4pamnSafJEmQOJI4wLU3YBlyHqcqfwSpB5jGmDqJHw_R6dxSxNobKWi2kn6kFRPcEdY8GR2F-hEHwkcvgo9u9TPABNGYzuWfBOAEAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATgLPIEtgTAtgUAdAVAagWAfgWAYAXAQ&sigh=P5D6EjPdMTE&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26i0%3D33554706%26ic%3D0%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2344%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3849 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554706%26i0%3D33554706%26ic%3D0%26cs%3D33554706%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2344%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/video/ Frame 3849 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/video/tracking?vast=events&token=L1dIVmZUeFEzOWRoKzA2NUdyb2crVERsQTQ2akxOZFRXeEZUb3hIUmhzclJ2MnF5QlJkVVlvVXF4THdWNEp2SzJPeUM1TW0rMU0zc3NGU29tckx5di9qMEVMZkpoZXdRTGVhd284dE9GSnBKWCtqb2Vpdm1NV21hOWYxaVczVHRxZXkrUHF4L0lEYTBOM25MY3RQZWtJZVZSbzZ6VFlXdzFqZjQzcWV5SXlpMEVick9OYTlrRWxQbWticTBhOWdNejRMVi9LRktKZVhabFVpeHBGWTVldz09&cb=1679074758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Mar 2023 17:39:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 3849 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C1UvFx6UUZM_DD9CItweJsqTYDsvNja9vpPqBzM8R4-SDpa4kEAEgn5f8YmCVgoCAtAegAful9KEpyAEFqQJQ-evbadexPuACAKgDAZgEAKoEqwRP0IUDEcdDwSS_ucsycEl-0xMVszmHRWFbbnFokZkyTXlzcGdKCB407b8DODlWEx0THaFOJ12M7WcJcHlsT2vf79dP4EPleb2LRaThzdlZWWjiPZuIcZEYpqZzr_FKY3yacTpQcoG96cg0e-qSwrh2X9nOpuymYj8PxibcScL_xawPzR1zgggH3lp5PPjxF7o3FaJ6I0ngNAuFb7kml0_0uVRZ0WnBFyj80CzII7YHQa6bbgPQ5F62ju-y1dW8Bit2JytB6KBLQMIr_x7YsBG1OS9-4KoJ9BAWXB1g7j-jGqPlFwf1VuOcAGlzZ9HTHWm38nJEl7tIMMbuKqLxwp3GzShbTODWFjfyy3A06eYimWtXrJqMqGIdM9YkSOPwp4m2L1-VkZ0dfP0PXFU_WsG9bT77ppZu6QfbUvwlBrXeBxMHurgiHQykXBYu3KlsuzT4BChdufpoYF77K8gGdPqnaqeopmziu3H_2HTSKpfAaLuAhkiCtK79rICb1IL-1VouofW_VFZMz32_HhG0X95D_0aO64LobhsV4sU8eUsWSmdxfdq7uk0gUv3-nC_YB3XefzsO2dYRRz8kVnLL0MEi4S_wqOQhC039KNvQqTEHI9ffAMV3v2gnadgu96WBRYcYscvvYkA9VQSi4pamnSafJEmQOJI4wLU3YBlyHqcqfwSpB5jGmDqJHw_R6dxSxNobKWi2kn6kFRPcEdY8GR2F-hEHwkcvgo9u9TPABNGYzuWfBOAEAaAGVIAH-93EgQSoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATgLPIEtgTAtgUAdAVAagWAfgWAYAXAQ&sigh=P5D6EjPdMTE&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=admute&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,10%26mtos%3D0,0,0,0,10%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D10%26is%3D33554706%26i0%3D33554706%26ic%3D4096%26cs%3D33558802%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2348%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,10%26mtos%3D0,0,0,0,10%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame 3849 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=14938814038219924987;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1113,475,1479,1125%26tos%3D0,0,0,0,10%26mtos%3D0,0,0,0,10%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D10%26is%3D33554706%26i0%3D33554706%26ic%3D4096%26cs%3D33558802%26c%3D0.23%26mc%3D0.23%26nc%3D0.23%26mv%3D0%26nv%3D0%26lte%3D0.23%26ces%26femt%3D1664%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D115553738%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D2348%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1679074759842?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
23.json
id5-sync.com/g/v2/ Frame 450B 		215 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/23.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156400/7371/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
43ad1124b328db0391d895e195c8d9e68f10f298022da4a9c8a42678cef1c148
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lebanonfiles.com
date
Fri, 17 Mar 2023 17:39:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 450B 		0
0
id
id.crwdcntrl.net/ Frame 450B 		43 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156400/7371/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.48.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-48-43.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.lebanonfiles.com
cache-control
no-cache
x-server
10.45.29.102
access-control-allow-credentials
true
content-length
43
expires
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame ED06 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
477029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Mar 2023 05:08:51 GMT
expires
Mon, 11 Mar 2024 05:08:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame ED06 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:20:23 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA73 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49805
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 17 Mar 2023 17:39:20 GMT
expires
Sat, 18 Mar 2023 07:29:25 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
playback
www.youtube.com/api/stats/ Frame 3849 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44752052%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991&el=adunit&cpn=E1J7d6rdo-dUN0nK&docid=s7f0TZs2Clc&visitordata=CgsxRUdIT2NYWDkzMA%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.226&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.lebanonfiles.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=111.0.5563.64&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
pixel
ap.lijit.com/ Frame 9524 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Mar 2023 17:39:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED06 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.563.0&bgai=BLZxUx6UUZM_DD9CItweJsqTYDgAAAAA4AboFEwiHr8z0wOP9AhXG-O0KHTaYCCc&bg=!REelRxPNAAZEjmHWZI47ADkAdvg8WjaEfjrZDRBEG9FeKz8l24nqIAOwX_YmQgokZI707AoDpb3VvurvgaVeeDwz3rc6C9irWu8CAAAAcFIAAAADaAEHmQJL5Omjj7UiHXBGIRvMiXtflo0w8X85Mx7ZnyVWrPvBoNIPDc316DnZMTStfBeKPH-6Qt4MdBj3vQzWyeGQHbLTT05D5MbN_pD_p_LRo7tQZvjvz1DJRmEpHFXrbcTXGElTZF4xzjcfGqqsrgV0qZHL86ON0FT8D1rijnoI_8SpPM8XfGV50sG10w7ccuKfxp2oZC1aWhpwiPZ0Yo5719WaoAfYgp6atJTVzGrX1bNUQ8DuoHD_Co_iAZeio0Nyl1BeF_Xf2f-ufdTyVTJRXxKDwmi7GVF2Q_TZRxjx3AVQ79vLVbUICWCgM3BgMcqpmjWE2ikkMEZ-MOn2TWU7GpebenFFdDk-BufYG3_oIRAzFNWXK5IuwThBvR-oqqqClSsoANRYBsbCt-sWop-dXQpI6Q0jyMkunp0Z2ZLP0wtM83agah7FT5XheHz8aywxHXyDj2THmi1j_qy1iV_lE8qpr9QAJfblGHj8lbtB7c6zmZMD0YYdh2Kjf4kQ8aAgX6UkZqKuV-TLo8qCp94IaPAgqPpOGuvXH0pG0gy9Q5xzkSDLyCyhTjUsERoBpxKLW0wNSM97IWT27KIu9aHIUKQk-SA3f3MdFao8n4zFdYY-U92sMg8MdQpKu-dN_HPa1A009UZ12b0tcbjbfRrYzFgbG1vamzICC5xbTs-F2oyh8cX3mPcVsir3PWxNhAUTW9I1fSRL_YzQ8ngjepXHJclnoMI1PSQpLzo24TxlHk7ETMe9iKTt_MjfLlUUJpj4-JdCbYvMzpYo9z5oKTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:39:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 9524 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame 9524
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5039348991082582613
86 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5039348991082582613
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:39:20 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=5039348991082582613
date
Fri, 17 Mar 2023 17:39:20 GMT
server
nginx
content-length
0
content-type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.effectivemeasure.net
URL
https://t.effectivemeasure.net/tag.js?1679
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1200&ts=1679074753907&src=pbjs
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=44178689&m=&rtv=1&thost=www.lebanonfiles.com
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25d8%25a3%25d8%25ae%25d8%25a8%25d8%25a7%25d8%25b1-%25d9%2585%25d8%25ad%25d9%2584%25d9%258a%25d9%2591%25d8%25a9%2F%25d8%25a8%25d8%25b9%25d8%25af-%25d8%25a5%25d8%25ae%25d9%2584%25d8%25a7%25d8%25a1-%25d8%25b3%25d8%25a8%25d9%258a%25d9%2584%25d9%2587-%25d9%2588%25d9%2584%25d9%258a%25d8%25a7%25d9%2585-%25d9%2586%25d9%2588%25d9%2586-%25d9%258a%25d8%25a4%25d9%2583%25d8%25af-%25d8%25a7%25d9%2584%25d8%25aa%25d8%25b9%25d8%25a7%25d9%2585%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=44178689&m=&rtv=1&thost=www.lebanonfiles.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPX4olZ44U4pe6MrUkcGz0DI7ve4W5KvuepZPs9D6EhvC9obOAG7q4bsohkQwP9LxSnzzlD7PN8woWuCD8sN2gOwg&sig=Cg0ArKJSzMVlGYK3i0xJEAE&id=lidartos&mcvt=0&p=1013,1175,1613,1475&mtos=0,0,0,1022,1022&tos=0,0,0,1022,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=0.31&if=1&vu=1&app=0&itpl=20&adk=3555665173&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1679074755333&rpt=332&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lebanonfiles.com%2Farticles%2F%25D8%25A3%25D8%25AE%25D8%25A8%25D8%25A7%25D8%25B1-%25D9%2585%25D8%25AD%25D9%2584%25D9%258A%25D9%2591%25D8%25A9%2F%25D8%25A8%25D8%25B9%25D8%25AF-%25D8%25A5%25D8%25AE%25D9%2584%25D8%25A7%25D8%25A1-%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%25D9%2587-%25D9%2588%25D9%2584%25D9%258A%25D8%25A7%25D9%2585-%25D9%2586%25D9%2588%25D9%2586-%25D9%258A%25D8%25A4%25D9%2583%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D8%25A7%25D9%2585%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f2748365-db2f-4dee-91df-1d4f85db91e9&nocache=1679074759095&criteoid=27lKTF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdsNXBLbUxXRzQwZVZTNjQyN2ltZXZQTlpFRlVlbjRmVlpUSndnYkREbVJmMm1PakFnWEc1eFVSdWNhbU84Z01KWHJsblh4OVRtNFlzbmdpUk1kUjJnSDBvNmtEJTJCSyUyRjh0S3lJSTRkTmxyUU8&schain=1.0%2C0!projectagora.com%2C102200%2C1%2C%2C%2C&aus=300x600&divids=21105888_lebanonfiles.com_ros-1_300x600&aucs=&auid=543974604
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 boolean| credentialless object| __cfQR object| __cfBeacon undefined| $ function| jQuery object| TMNCWP object| $jscomp$this function| anime function| Plyr function| IScroll function| Swiper function| gtag object| dataLayer object| _Hasync function| documentInitOneSignal function| OneSignal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| google_tag_manager object| TWAGORAINARTICLE object| pbjs object| googletag object| AD_UNITS_TOGGLE_OFF object| AD_UNITS_TOGGLE_ON object| gptAdSlots object| regeneratorRuntime object| Leya object| streamamp object| triple13 string| em_ns function| _em string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| AdSlotCollection function| setCookie function| getCookie function| createGeoRestrictionCookie object| __tgconf function| __tginitcb object| __oa360ScriptsState boolean| __isGoogleAllowed object| pbjs325474 object| mc function| $mcj object| fnames object| ftypes function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats object| _mgIntExchangeNews object| MarketGidInfC1189476 boolean| mg_loaded_742725_1189476 object| runtime function| iFrameResize object| ProjectAgora function| pbjsChunk object| _pbjsGlobals function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate object| wpcf7 function| addcss string| ExitBeeObject function| xtb function| renderInvisibleReCaptcha object| pbjs325474Chunk object| ADAGIO function| SimpleBar object| lbfscripts function| getUrlParameter function| setUrl function| getHourlyNewsAjax function| isValidEmailAddress function| showCoverageLetters function| newsletterPopupRegister object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe boolean| __cfRLUnblockHandlers function| _extends function| _typeof function| LazyLoad function| ES6Promise function| FuckAdBlock object| fuckAdBlock object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| player object| xtbClient object| _mgUserPages object| onClickExcludes function| mgReject1189476 function| mgLoadAds1189476_030d6 function| MarketGidCReject1189476 function| MarketGidLoadGoods1189476_030d6 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint742725 string| _mgCanonicalUri object| _mgPageView742725 string| _mgPvid number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| __buffer object| GoogleGcLKhOms object| recaptcha object| _HistatsCounterGraphics_0_setValues number| adRefreshTimer object| __iat_api object| _mappingResponses object| __tgunits string| _mgUniqueHash1189476_030d6 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| ID5 object| ihowpbjsChunk object| ihowpbjs object| IHPWT object| Criteo string| _ONND_URL_EMBED string| _ONND_URL_CDN_EMBED string| _ONNPBaseId object| ONTVOpAdConfig object| ONTVOpAdAConfig function| ONTVOptAdPlayer function| ONTVOptAdAudioPlayer function| ONTVMiniatureEnabled function| ONTVdisposePlayer function| ONTVFSSwitch function| ONTVFSOff function| ONTVsendCommand function| ONTVhideAllMiniature object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| closure_lm_720667 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| aries number| vidverto object| aries_registry object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| projectAgora function| inView function| IMA function| VASTClient function| VidvertoPlayer object| _aries object| vidvertoPromiseCache object| closure_lm_304902 object| inViewWindow object| closure_lm_944951 function| VidvertoPlayerVideoPlaylistUI object| closure_lm_563100 object| _ADAGIO function| arrive function| unbindArrive function| leave function| unbindLeave

134 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: TU67xCxfXwLcHbBiEuehIXusWr5xwop3pWySQcikA_s-1679074752-0-AYraDpvL3Xp8J947u5uLZfBD5yZtAII0IKopDrCnLWQq/fwDEPnE4TwfIYAvN/K6aAfDM5NO5jwd+uf8+orDwks=
.mgid.com/ Name: __cf_bm
Value: mfzoVRD.Q2K2NlVnzK5fnGWjJNDauFdENMRb1iGwlV4-1679074752-0-Ae7QZnvEVshFF5pjMAmG2a4JEQstwOYcPhgZMuMnsHeGmrL9P9H927oKhq6tdoOiF4m2+0lh1J+Aw5EzjcK0mcM=
.tesseradigital.com/ Name: tpuuid
Value: aTliASvt2fubzjY6UhdAOj5S2hlNtq7wqqAT1cYDLeJf
www.lebanonfiles.com/ Name: __oagr
Value: true
.ads.stickyadstv.com/ Name: UID
Value: 3f13ac50b87f68176e1148978909ac8
.lebanonfiles.com/ Name: _gid
Value: GA1.2.420777504.1679074753
.lebanonfiles.com/ Name: _gat_gtag_UA_60620050_1
Value: 1
www.lebanonfiles.com/ Name: HstCfa1238494
Value: 1679074753241
www.lebanonfiles.com/ Name: HstCla1238494
Value: 1679074753241
www.lebanonfiles.com/ Name: HstCmu1238494
Value: 1679074753241
www.lebanonfiles.com/ Name: HstPn1238494
Value: 1
www.lebanonfiles.com/ Name: HstPt1238494
Value: 1
www.lebanonfiles.com/ Name: HstCnv1238494
Value: 1
www.lebanonfiles.com/ Name: HstCns1238494
Value: 1
.lebanonfiles.com/ Name: _ga_G4EQ7NKTZM
Value: GS1.1.1679074753.1.0.1679074753.0.0.0
.lebanonfiles.com/ Name: _sharedID
Value: 6af718b8-81ee-42de-91fd-998b9569b517
.lebanonfiles.com/ Name: __gpi
Value: UID=00000bc7e44931e4:T=1679074753:RT=1679074753:S=ALNI_MaPdXVCPOcMXEBf4tBjbkCcm1eBRw
.csync.loopme.me/ Name: viewer_token
Value: dedf0352-f68b-4e6e-8740-a117da1e2c7a
.bidswitch.net/ Name: tuuid
Value: 19eab77c-eff9-4026-8e62-53e51cc43e4f
.bidswitch.net/ Name: c
Value: 1679074753
.bidswitch.net/ Name: tuuid_lu
Value: 1679074753
www.lebanonfiles.com/ Name: Exitbee_vid
Value: 9ed31cdd-c8ce-4af0-9e85-9d0bac6e9265
www.lebanonfiles.com/ Name: Exitbee_sessionCampaigns
Value: []
www.lebanonfiles.com/ Name: Exitbee_nrPagesVisited
Value: 0
www.lebanonfiles.com/ Name: Exitbee_visitsCount
Value: 1
www.lebanonfiles.com/ Name: Exitbee_source
Value:
.lebanonfiles.com/ Name: __cf_bm
Value: ls5XUu9Nbj3GXF6.gZ0I4o.OK_CP8SxfiPNxZf0vveo-1679074753-0-AanD5Qh3cuhruQJHY6GWVVVYmxm3jCHIi94zUrwAwNICTqf+FDK2/JNHo1iZSPtTaf7Tc5eUrwellz6nf17BeDP5Vwg8RXx7LiH28Bg1SzzujaJC+4Q8tX2xWzv85LlhjQ==
www.lebanonfiles.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lebanonfiles.com/ Name: _pubCommonId
Value: e3466c8a-3828-4a7e-af1d-a98571c100e1
.insurads.com/ Name: ___iat_gid
Value: 0563F5ECBFBE9FA4
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-683cce95-4ab3-5c3d-6f24-ac2bdca6dd08.UF9VUKMSY3s1gNintEj%2F20qm2ZAc6F8QgNVQnj0qn2M
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaDzOlUqzXD1vJKwr3KbdCFD_B2U.R5uPQ7r1VsJWtPUXibal1DKjc7AbCc4JldOUSdIQm7w
.lebanonfiles.com/ Name: ___iat_ses
Value: 0563F5ECBFBE9FA4
.lebanonfiles.com/ Name: ___iat_vis
Value: 0563F5ECBFBE9FA4.df9e2e96c56d1c20b3000c95b5eb6f61.1679074753823.aecda175d7312b533643e6ddd262e889.BUUEIZEBOM.11111111.1.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkCSa-dIEijanHH0TS767p_-sDYUJ_o_eVG3fbP0_Fz9splZGh3TuZ_vvsS2d0
.turn.com/ Name: uid
Value: 2513476238562266645
www.lebanonfiles.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1189476%22%3A%7B%22page%22%3A1%2C%22time%22%3A1679074753981%7D%7D
.prebid.a-mo.net/ Name: __amc
Value: 1_1679074754_1679074754
.quantumdex.io/ Name: uid
Value: d542f0c3-338a-459e-b614-b3fb1dcc62d0
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 569660=5367939
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D10178%3B%24qt%3D25_632_7994t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 731154651419706253
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313617845%3B%24ql%3DHigh%3B%24qpc%3D10178%3B%24qt%3D25_632_7994t%3B%24dma%3D0&c=1&l=1123038242&lo=-964737712&lt=638146715546792188&o=1
.lebanonfiles.com/ Name: __gads
Value: ID=9cf087de5a3cbf88-220b18235fdd000e:T=1679074753:S=ALNI_Ma80oDZbjJuhqf6yIjB-wXKS2_qTw
.simpli.fi/ Name: suid
Value: F97C10DC90EA4B38BF79CABCFFBF2EF4
.uuidksinc.net/ Name: jcsuuid
Value: bmHbvTVTPlxLLe3dYv0b
.yahoo.com/ Name: A3
Value: d=AQABBMOlFGQCEAVvA-JswDKMTtFp8IM9AnEFEgEBAQH3FWQeZAAAAAAA_eMAAA&S=AQAAAtYU1G7xR-sDkRb5vGJYx7k
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1953de86-5e53-4be9-8d81-81beb5838526-003%22%7D
.lebanonfiles.com/ Name: _ga
Value: GA1.2.851671611.1679074753
.lebanonfiles.com/ Name: _gat_onn_tracker
Value: 1
.casalemedia.com/ Name: CMID
Value: ZBSlw3aEfnKQynXucJ8gjAAA
.casalemedia.com/ Name: CMPS
Value: 5247
.casalemedia.com/ Name: CMPRO
Value: 5247
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1953de86-5e53-4be9-8d81-81beb5838526-003%22%7D
.criteo.com/ Name: uid
Value: 3b96911f-fe0d-4815-ad11-5134fa8c8b8e
.3lift.com/ Name: tluid
Value: 2442332636583529561698
.mathtag.com/ Name: uuid
Value: 986d6414-a5c5-4600-8d41-10e13b984dd6
.mathtag.com/ Name: mt_mop
Value: 4:1679074757
.zemanta.com/ Name: zuid
Value: uB1ahmHU6rN833eEj5OY
ad.vidverto.io/ Name: moxuuid
Value: f4e94ac7-da0e-4ffe-8c87-427bd198ffa8
ad.vidverto.io/ Name: _mwayss_zone_imp[7471][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[7471][frequencyPeriodEnd]
Value: 1679161157
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 2695723713456944503
.quantserve.com/ Name: d
Value: EHQBCQHEKIEA
.quantserve.com/ Name: mc
Value: 6414a5c5-e6127-d36a2-d91ca
.adfarm1.adition.com/ Name: UserID1
Value: 7211571168887109772
.blismedia.com/ Name: b
Value: 6414A5C5A682B5969C31E9D6BLIS
.retailads.net/ Name: ppb2172
Value: 2442072206
www.lebanonfiles.com/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-03-17T17%3A39%3A17%22%7D
.adotmob.com/ Name: uid
Value: 08da220403fc314bda4d343f
.adotmob.com/ Name: uuid
Value: 08da220403fc314bda4d343f
.adotmob.com/ Name: partners
Value: SMA%3A1679074758056
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F0CF3848-C7BC-4E02-850A-150AD2BEA315
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyNjk1NzIzNzEzNDU2OTQ0NTAzIiwiZXhwaXJlcyI6IjIwMjMtMDMtMzFUMTc6Mzk6MTguMTExNzI3MDI1WiJ9fSwiYmRheSI6IjIwMjMtMDMtMTdUMTc6Mzk6MTguMTExNzIzMDc0WiJ9
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBSlxgACUdB7OgAG
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.media.net/ Name: visitor-id
Value: 3220763589085328000V10
.media.net/ Name: data-g
Value: CAESEAq1-5ocuTaAFmeFaU9p4X8~~3
.w55c.net/ Name: wfivefivec
Value: fAN6YJuX1PDe2W5
pb.media01.eu/ Name: DTU
Value: 16449001BA6ADF202E343D340103138B
.ads.pubmatic.com/ Name: KCCH
Value: YES
.admanmedia.com/ Name: admtr
Value: c307389e-e069-4131-aa38-4ef8669b305c
.admanmedia.com/ Name: ac_r
Value: CS160
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 58674ad3fb38b9e1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: eb692a0c-9b2e-524c-b292-ec75d68649b3
.betweendigital.com/ Name: ss
Value: 1
.lebanonfiles.com/ Name: cto_bundle
Value: dV-yZl9sRXVON0cwSDVnbWw4WWdLd2hoT3hoZVc1cWklMkZDcXJMWnUya3IxdHdhcHFkVmFVa2RuTGFFUndhdXNuVzhETVFpYmNCTTJNdzhvOFVhR1NZNERkekNJWEt6OERaYjZSZ084YWZyWm5YbldMVVl1eHVlUVlhUEdZQVd0Z0xDUzY2amRSQ1pFdnBlRGxTQktWdG9OMCUyQkxBJTNEJTNE
.lebanonfiles.com/ Name: cto_bidid
Value: dV-yZl9sRXVON0cwSDVnbWw4WWdLd2hoT3hoZVc1cWklMkZDcXJMWnUya3IxdHdhcHFkVmFVa2RuTGFFUndhdXNuVzhETVFpYmNCTTJNdzhvOFVhR1NZNERkekNJWEt6OERaYjZSZ084YWZyWm5YbldMVVl1eHVlUVlhUEdZQVd0Z0xDUzY2amRSQ1pFdnBlRGxTQktWdG9OMCUyQkxBJTNEJTNE
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2akh:195v~2akh:192w~2akh"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.w55c.net/ Name: matchgoogle
Value: 5
pool.admedo.com/ Name: tuuid
Value: 0f117b28-aad4-488c-8269-94b37a021814
pool.admedo.com/ Name: c
Value: 1679074758
pool.admedo.com/ Name: tuuid_lu
Value: 1679074758
.smartadserver.com/ Name: csync
Value: 66:08da220403fc314bda4d343f|92:ZAupKaYXwje3|139:0
.betweendigital.com/ Name: ut
Value: ZBSlxgAIxhjyoxI18LJNqaArmfBT182F8sx_IQ==
.futalis.de/ Name: raSIDb
Value: 2442072198
.creativecdn.com/ Name: u
Value: dmRE2ng2WecU0QRM4qnJ
.creativecdn.com/ Name: ts
Value: 1679074758
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjE5ZWFiNzdjLWVmZjktNDAyNi04ZTYyLTUzZTUxY2M0M2U0ZiIsImV4cGlyZXMiOjE2ODE2NjY3NTh9fX0=
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-f381e935-85f0-33ec-995e-8472820901db
www.lebanonfiles.com/ Name: cto_bidid
Value: Ey2-NF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdnT2xEelN3OVRpQ3hacmRMcUZHNFlOVHlxRUUlMkZRciUyRlRIVzRqSHVXQjVKZiUyQlpXUm1jc2NJbkxOUkhmNnI1UkdHTUFlWWRFbTg3MFlFU3Yyd0RlOERYcmI5YiUyQmtqVTc3WDVIJTJCRzQwaHZDcE9EblhzYTB0b2g0WUZQbWZYTUJabVNWQWMzZ0NzNFZDc0JUQjA3WGNKREVBJTNE
www.lebanonfiles.com/ Name: cto_bundle
Value: Ey2-NF9ab3lCQXRhU0lNOUFCa3BLUFhGQVdnT2xEelN3OVRpQ3hacmRMcUZHNFlOVHlxRUUlMkZRciUyRlRIVzRqSHVXQjVKZiUyQlpXUm1jc2NJbkxOUkhmNnI1UkdHTUFlWWRFbTg3MFlFU3Yyd0RlOERYcmI5YiUyQmtqVTc3WDVIJTJCRzQwaHZDcE9EblhzYTB0b2g0WUZQbWZYTUJabVNWQWMzZ0NzNFZDc0JUQjA3WGNKREVBJTNE
.adtelligent.com/ Name: vmuid
Value: a46222d4bf8f1742
.adtelligent.com/ Name: a737612
Value: c307389e-e069-4131-aa38-4ef8669b305c
.adform.net/ Name: C
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aTnseFNj6WlCyhURALhFPfo6vvZaYWEEqtXpDh7JU5kcunX10DhSGuGIS9OmMKTsCTZcY5Mu4wCHYsfaYZcTvgk
.360yield.com/ Name: tuuid
Value: e43c1a69-4fc5-4256-916a-8f086c5192cd
.360yield.com/ Name: tuuid_lu
Value: 1679074758
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.adform.net/ Name: uid
Value: 5039348991082582613
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1679074758890,"clickCookie":false}}
.console.adtarget.com.tr/ Name: vmuid
Value: b5cb227a76f21383
.console.adtarget.com.tr/ Name: a307080
Value: dmRE2ng2WecU0QRM4qnJ
.adtelligent.com/ Name: a318342
Value: b5cb227a76f21383
pbjs.e-planning.net/ Name: CT
Value: 1
.as.ck-ie.com/ Name: CID
Value: 118334632cffe68109c558a28eb90d6ed39bca54
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A4r5Zuja-UG_qQzqjXXdcvk
.rubiconproject.com/ Name: khaos
Value: LFCTRBYR-L-JT25
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0PURTKY2CLGQNb0fGVcfL/XWaA1sYWTLGb55ZO9yeic9llUCwWXxV6lZ7/0bfIKav9+T5IARt5UnKY++jymV4/8sQlAaEpLg8TS1P2tDIGrA==
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWFydHlhZHMiOnsidWlkIjoiM2UyOWMwNzg5OTQ3ZDU2NWNhNzgzODEyMTYyMmIyZjcyMWIwMjg3OGY3YmYzZWI2MTU0YmM0YWY5YzU0ZThkMiIsImV4cGlyZXMiOiIyMDIzLTAzLTMxVDE5OjM5OjE5LjM3NjA5ODAyNCswMjowMCJ9fSwiYmRheSI6IjIwMjMtMDMtMTdUMTg6Mzk6MTkuMzc2MDk3NTAzKzAxOjAwIn0=

11 Console Messages

Source Level URL
Text
network error URL: https://t.effectivemeasure.net/tag.js?1679
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://analytics.leya.tech/events
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://analytics.leya.tech/events
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://30f6810583110272790456a336f56061.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/6897791936204111872/index.html".
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript error URL: https://www.lebanonfiles.com/articles/%d8%a3%d8%ae%d8%a8%d8%a7%d8%b1-%d9%85%d8%ad%d9%84%d9%8a%d9%91%d8%a9/%d8%a8%d8%b9%d8%af-%d8%a5%d8%ae%d9%84%d8%a7%d8%a1-%d8%b3%d8%a8%d9%8a%d9%84%d9%87-%d9%88%d9%84%d9%8a%d8%a7%d9%85-%d9%86%d9%88%d9%86-%d9%8a%d8%a4%d9%83%d8%af-%d8%a7%d9%84%d8%aa%d8%b9%d8%a7%d9%85/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.lebanonfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30f6810583110272790456a336f56061.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a-prebid.vidoomy.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad-server.eu
ad.360yield.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad.vidverto.io
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.projectagoraservices.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adsparc-d.openx.net
adv.office-partner.de
adx.adform.net
adxbid.info
aghtag.tech
analytics.leya.tech
analytics.webgains.io
ap.lijit.com
api.audiowat.io
api.floors.dev
api.rlcdn.com
api.webgains.io
as.ck-ie.com
b1sync.zemanta.com
bgstats.mox.tv
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.eu1.dyntrk.com
c.mgid.com
c1.adform.net
casale-match.dotomi.com
cat.fr.eu.criteo.com
cc.adingo.jp
cdn.ampproject.org
cdn.bidder.dev
cdn.connectad.io
cdn.exitbee.com
cdn.id5-sync.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.kdaimo.com
cdn.mgid.com
cdn.onesignal.com
cdn.onnetwork.tv
cdn.projectagora-adtag-library.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.vidverto.io
cdnjs.cloudflare.com
cdnt.onnetwork.tv
cm.adform.net
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
cms.quantserve.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.lkqd.net
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d.vidoomy.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fd.tesseradigital.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
get.optad360.io
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
hal90009.redintelligence.net
hb.emxdgt.com
hbx.media.net
htagpa.tech
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
im.bluevoox.com
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
img.rtbsystem.org
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
medialead.de
mp.4dex.io
mug.criteo.com
onesignal.com
onetag-sys.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pbjs.e-planning.net
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
player.kwikmotion.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
projectagora-d.openx.net
pubads.g.doubleclick.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
rr2---sn-4g5edndl.googlevideo.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.fr.eu.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.exitbee.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s10.histats.com
s3.amazonaws.com
s4.histats.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
services.insurads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.effectivemeasure.net
t.lkqd.net
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tpx.tesseradigital.com
tr.blismedia.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
user-sync.adxpremium.services
usermatch.targeting.unrulymedia.com
v.lkqd.net
vid.vidoomy.com
video.onnetwork.tv
vpaid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lebanonfiles.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
api.rlcdn.com
hb.emxdgt.com
pagead2.googlesyndication.com
projectagora-d.openx.net
t.effectivemeasure.net
t.lkqd.net
v.lkqd.net
104.122.24.29
104.18.25.185
104.21.29.134
104.75.89.75
104.98.130.104
124.146.215.51
13.41.33.70
135.125.160.160
135.125.163.79
138.201.63.149
138.201.84.252
142.250.186.162
142.250.186.66
143.204.89.98
145.239.193.130
146.20.132.125
146.20.132.189
147.75.85.234
149.202.152.44
151.101.65.108
151.101.66.49
151.139.128.10
162.19.138.117
162.19.138.118
167.71.9.19
172.217.18.6
174.137.133.49
178.250.0.160
178.250.1.11
178.33.54.87
18.196.91.239
18.66.147.98
185.106.140.18
185.180.220.208
185.180.223.91
185.183.112.155
185.184.8.90
185.239.172.77
185.29.132.242
185.29.134.248
185.80.39.216
185.86.138.151
185.86.138.16
185.89.210.46
185.98.54.153
188.42.34.64
193.108.153.18
193.3.178.3
198.148.27.139
198.47.127.19
2.18.233.201
2001:4860:4802:34::36
2001:4860:4802:36::178
209.191.163.210
213.19.147.44
216.58.212.166
23.56.202.187
2400:52e0:1e00::1053:1
2404:6800:4003:c11::5e
2600:9000:211e:3a00:1b:5138:8a40:93a1
2600:9000:2156:c00:6:b871:4f00:93a1
2600:9000:225e:5a00:11:a4de:2580:93a1
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700:10::ac43:2ac9
2606:4700:10::ac43:8ae
2606:4700:1::6813:844e
2606:4700:20::681a:9a9
2606:4700:20::681a:b47
2606:4700:20::681a:f53
2606:4700:20::ac43:4a81
2606:4700:3030::6815:1b4
2606:4700:3034::6815:4466
2606:4700:3035::6815:583
2606:4700:3038::6815:eb89
2606:4700::6810:3965
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:272
2606:4700::6812:d63b
2606:4700::6812:d73b
2606:4700:e0::ac40:6605
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:18::7
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:803::2008
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9a
2a01:4f8:d0a:2321::2
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::f
2a02:2638::1c
2a02:2638::2
2a02:2638::b
2a02:26f0:780::5f65:36cb
2a02:26f0:780::5f65:36d8
2a02:6ea0:c700::10
2a02:6ea0:c700::19
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f128:83:face:b00c:0:25de
2a05:d018:d29:3601:e064:ebd3:78e:3d3
2a06:98c1:3120::3
2a0b:4d07:101::1
2a0c:5c81:5126:0:ae1f:6bff:fec1:ad72
2a0c:5c81:5142::2
3.122.34.231
3.19.54.139
3.71.149.231
3.72.124.192
3.76.145.89
34.160.128.112
34.91.62.186
34.95.81.168
34.96.105.8
34.96.69.62
34.98.64.218
35.157.179.180
35.210.53.219
35.214.223.115
35.240.50.85
35.244.145.108
35.244.174.68
35.71.131.137
35.72.102.203
37.157.2.234
37.157.3.20
37.157.6.252
46.105.201.240
46.228.164.11
49.12.22.42
51.75.86.98
52.217.110.86
52.29.157.226
52.29.235.130
52.30.48.43
52.45.175.185
52.45.36.100
52.46.143.56
52.48.197.145
52.56.125.139
52.59.47.75
54.166.40.0
54.39.156.32
54.76.176.197
54.86.168.219
69.173.144.138
69.173.144.139
69.192.160.199
69.20.43.192
70.42.32.31
76.223.111.18
8.2.110.113
8.43.72.97
80.77.87.161
85.114.159.93
88.198.250.30
88.99.219.174
94.23.99.218
95.101.196.17
98.98.134.242
99.86.4.53
99.86.4.64
002041589ceca7e802f2a2e042e3f44e33084b029dfe2d11aabdedae18ec540b
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00ddcb4e8f654ad7567d9e1e12e36d6a584db042b2ac7b4fc1cb128fbb536af4
0199142ac31babc727bfe5a60f8d642c47c2f609b20aa1d39303b7b0909c9add
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8
04db1928cac9786ab103fd8921943f73e1e58330f9894c7b908cb9d6b962da4b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06bf951b7ba273ad7ed12c0cbc5f70ed4e91015412800baf70a138244ace4c93
08129002a7756b17e0aae7e3ed9d34b35c452ed45b5257cd6d3facaf5bd7ba00
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08c0a169e42b9a12d00f4898924ad5584d0253d232429c086c80da98ce165b81
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a80f3d899cf260301f4b556b8c1c4ab1402e18038e60e448de61bbfd21dc7c
0a99b5cb9d3b889fac7ec13f8d554c73771f59189151a3b515521c39cecab9f8
0afdfec0cc81ad101710150812834831dd21e1d766c380af5114509ff56b7eb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cbad294c2f2ce4acd63546e56bea6160edef2c9d977d588bb1b93c0318a247b
0dc004efea24aa712cb2aedf919f7242fea7c01a9c21e2f7aff3295434ebde8f
0df36faa8c0da70e17455582d9546a49749d3b4053b285f85f706d90be77e3ec
0e99dceb74dfc52a12a56efb5233ec8616a7783b901b41bbb6c9101ab6a2a0f2
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0f9b88abc7ea6a6b78478b858d46abafd1595b144964f1d92b0da41ab14f60d9
11027288203d775576631fa57d347b1b54030253be83b3df75f7f533c9b58184
12dd7b8755a638f1651e503474007d9657a60b3f6d6ddec1ff3db40fc49479a6
1324f3b6cbd7035a34c23da1de22fb5fdfa1c0835e08947ffa44d4fe0ff899e8
13afcab64b8c66c96be0eff217e95651d580ee75c4935f4ba70f617edae7fbf6
13ca7d5a10e63dec03e36b3f8e37fb0e930ebc6663e45feb8d0a3d298d2ede13
13e9fc41036924771859e01ac46fc3c781b2853b315a18f995fa285f9d1137da
142c95c0e6e5b5e902748c6d89ce8be100ca835be51d51bd4020b93ae263c5c3
154f491b7bef9b61928dc3d6ac467d3756f852d01c0dba9f2252a76f168780cd
1662673e705d056f1136367af8c01ef50479cb6f2b582b92721fdf2f795acfef
1720fb6924cceb31ddfdba47c9eebf8320ff5fb98399bd99064d1edd172a1bec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18198dd4e9db466bd66ce5f0725e3a66e2edd69c225a4294bb101e795bbc7bd5
192ebef426b22b111685ce290f96063bfdc0b306a7329dcb88228dd8567e1d26
199b7e12b35daefa59b59f347dfc84ee7431cd4f60500344ac93f70d1704348e
19a2e703c09b3d066e18f4426c332665bf08ec02456bcccdb20d2fffe4645ab9
1ba0bb4de815659c2505292ed7831b408f0db44755f551d0c313e93c7add27aa
1c4ab8e139a670ce5ad3bb5f3ebe5fd3ada40cb65f6dbfab775762e007a8379d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cfa1ebf9179d4b0d72e8af6557a8d4a1ddf52fa5a50e115dde950e60bf93a27
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1f8b8c050b9481a6ec459e18f0a6545294badc0eaebbb96ac6a9e62ec6461d0b
1f9377a599f6e86c27a0ed3005bc46cd7ed8040caa34501bb2efa7140c6d5e35
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
207347e1a4ad445b2848e910522f6704f7576458035f7fc4e76eb40843086003
20afd57e231b9599edab83831cad941af57de89d7c83e41f2ed7261c40c68855
2129619173a4b8ca1f15a79573ecdf8960d69c8d44339a6bb28e7e50add34e46
22345ee907e2767962f755774a3ab8fbf532680365b2da1b39cc3aa45788ed80
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
25b1b9a574d73d63e58ba724835c8ff921e1570d277e95d529f524ba4c91c6da
25ceb57152d47b1b70d0f6e948d063c2cdeb07414012e187f1f9c21d7dd572fc
26623ec57b6c6eea6fd54e3144c836d63a96ca3d9e8e3e4f9adcdcbcb0761820
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2947769ec92f66ce734408585f10eb440c5eff110bd42861138307ebc374b982
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
2dccf7f9810606ee70b59dc3af133a2c6199140065491e63c552d81354f0c3fa
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f9c77b2c4c8a58c7303d4114a4d6286b6b4c47c962f6d4812b5ab43164ff669
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e13823362acf879454f804faa5af4b68dba238411a4d2b09777bd3c5a78d34
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
33a1b313e2b0f843eecfa3e93cb87b4a0c7bab891b7b86632cb92887c9d3ab3b
33a5d93226c471727eb7a4a464cfc8fc2f05244eb9a1bf1ae11d0ee91196c4e7
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
35acc7b065971bbf012d55ea1094d6179464ae7a9c98dcbda4eb99678b4f2fef
37cb31effe0fa7997e40575b2d239b9fd99fa789fa7f4a9e16cd8c55cb86163c
383157851e45807a63fb6eb952322d5f2bf85f0e31ff48b4465df325762980cc
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38bd491ab6ed5b337edb0cca5b1be78125d0ef995add571f0abb41db411b4e59
3917a0d5c7d1b4ec6947d41f4a6d80c42c5b2464d022ac51a13a39f72bf409d5
392742a245bc51ef722b937fc99446c8afc24d29d0627104797346dba70e6413
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331
39fb4e0255b5ab48267f54ddf5cf76e9fb24f10fca7768ccb00c8fcb0d8831e2
3a6cfc2b754092ab5b796e534e54c36380220c61abcbdf7819c3c55848a26adb
3a8cf336bd0e88b85f0ae919c0ac7f13879de9b92fd189a3df75b10892493895
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c6a90618fc2712b784027a994a4352b4f1550f70ce6cb7977727d607a914b6f
3c91cf3d59a05f7b05088e8a7e1da9729de1fbbdf6f0b343efdd528990f2ea28
3ccfa4a76edac3cd8fcf47be7829d3b32a6cd50e67a82ad726cde38ca8692847
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9f33096b8532a3128a70b3b36bbf4cbaaa841cda67b385c4ffa18b54eabbd3
3df6bf1f9974a1194c6281c470821766bdd5234f827c85574c29a23b2535ad55
3fd987b7f6c4b60da84129f8859c07e0ed226563cd43e99423cb03c8554e64d3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400c031b3f3f33060b58a001393f6929ca5805005e2c600c2226390786bdec3d
40a96aa97fba3b0aa62dd5c212276194fe404600db20a1a418d804567fe4c582
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
432644d6ec2313be7ba34700bdcb07470e2096342fb077c65e3aa82221003416
43ad1124b328db0391d895e195c8d9e68f10f298022da4a9c8a42678cef1c148
444eb17b5e45f8497ffbba1c5d159235e8e0d6bd80a2871e83446e6f61ca9c5d
44b23f71822fa35c7de72d378157aa2c53849c4e214b621516ccdd28744078a1
44cf3192e90fd0b6232a7a3e57cd3f64998abefe8f22814c8360875c9030d4f4
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
456662aae3bd37725b228025300d27afd619736aa5199566eab1520d38928a78
459dc02737a8127153538d8b7811fbaff4e4e0ce003936a61f2d06b3975b10e2
45e52b195862e9378c856484ae50e8010920fcffa4ea9718487c5e816f6a298a
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
466afcaef2f516434a9bccecd43d8cb87627fa61cba99906594467d4d9e660c3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47378a92a4ec690858a4da12d307d31318a38e2f2025730ac71807ca70710ae1
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
493479b2fda31e00b9e746eb408a83b8fe71b63be559c3a1e19b3178c0b90356
49bbeaec8421f28fb39b4bc934bff467094548415c88d611130721bba6977f71
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b525152f2188715dc6d6c9971e59fe000e68ed70c83a16e859e5c8e38bd69bc
4b72b85b9d16b8c10a1f33b857ba56470a568cf4c0b619fe8479c65ac221b656
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2
4bcc02c1d504c49c614fca88e36c16e1f0da38477b698cef4bbd8ba509ffda69
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0c77ad56a5ac46b57264ee63dc0cdf9e49430f9e1019148e612ec9c73391b2
4e38e9a14a0fdd979519a0d0133ec80d7e7ed20415c51d49c6a5c15641779dcc
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc
4ed57a8f6d806a740801ebd395017df259c6514f9b53e9dd3a8a8a545a569e61
4edb46d66da4a2d149d780632a0a17255c26f55435c93aa2b53e876f14325cb8
4f96bcae7a737b306756cedb90c79490a7d10eacb924b0b57f16c07ce4310454
5035c036290ff41da4268e63d8f4e60c5ea8e5329bb47d74487a583911148376
503a5a594fd98409fca2b16782f3d380f7ed158256babf01241846d9666f901c
52799c39d821f55fe7ece5e312290e9ac8f100b6a0559ec4dc88e453aef4aef9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564e5f42b89b491d9918fce33acc1501cc70c27be006628fe88247c7c2a3837c
57a0c74f062fa152047241275e720737d0d6309612b3c481ccee6f20942b5576
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d
5c03ee9322411dcea3be97020b5107165186ebaa7c3865c123247e2ec2029627
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6004e4eb8b18df44cdf9abfe01bc8ef8f904e04903223258e60496e322366324
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
6345d728449a20fe5febb6db01bb2c5a1e054bcc1a015d9b81e357b9bcf29607
651d3bed044a08910616209ae8ccb1e2ab7c55872e390ae1b123061da23da2ce
6561bd491ddee6a9d2d57c666507f3455e6a21969618cc17d5ce807bc8053267
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
67585081208651091723dcc01c23bda7f694783e12310260d2c1b2446f45c61c
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45
69b75469ed847b6d856be5481d5b37fe57d8829a7355e55053e9136a38a63dbf
69e9bf8cabef87d7a120c9089bcc39139a0c79071355daae37e4a2ff223e4f66
6a896b03559bf7727747587facbfe9277069911df6ec57b0d225a20858a4a093
6b3b95d4eac63cf3698118392c8d6e6902a9deef2cfc178158a612285fd04ad4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392
6d3e8aa04471ca235093290325bcf511af7c9ced7cccfc2ee6d6ed2a2198fe0c
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52
6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569
70c8863d1f8191f5eae09e3895ec780548d805598b5375b401d957c8b873b39e
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71af275527856854be2fd4e7578987cec3d55e7849926706fede0b7a94104dba
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74c55c727324e6075a5cdc72cefc5f1553a9d6654f18de2464d4d8321247aeb5
76c9040105688355d6ec14be0eb62a13c8cff947692ebcb0e709081ff7981cf2
76d673f6e1f7b5faf51bda557250d05095108abbd598b650fed193e107b52b3c
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
772b6412479aaa7d946a63e7cf3780cd3fcf40efb90ea3154ff2bacd2b01f3cb
7758a4fd4f12e3dcce82f7ee68f926f28fad12d9073b88eced439b6a6fe12343
776718c6eb0777b5e36771becca77d8794e48b443557dc8f2d35f5e1d63111a5
77df3f5f36dfe87379ed9476607f59f01836ff276dc01b940d8f89514c80efd5
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
786613c6729a584fc5e51a5d20dba54559edac15d58cf30d730f54c5a3050de7
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a9109e59bf1b08532c30c26c207e0f956436333cf1755da1d1e4602f607b37a
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d46828835b5ab33ab1258295bce5afe4cce39a0c8a857765f9684364597866f
7d8f2e8e473ec5e0911acc1c656a1365cdbbab0f8b8e9592eec15c5c2ff41432
7e9cdd64c363874aa71172faeb861ecd3a6f65362e4b9f9e1077c370f089fba6
7e9e84cfacbfd1f40751fb754c9ac00f8a49435e1829de0933dd02c1687fcc97
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
7f75ca7860044a4d97db5005423385e646eaa20fdffdbd9d39ff1be1017fcb88
7f8c2d162e6bcf02f84ae41c70dbc2a49b376f346bd8fe7d9c8aa2ea1ad35327
80aabb73a69b95e0752662290edb66237c76f07ce8b4f0b37d8ce7f691aa4740
80c3ddee25632d988112d79f22722f2fd7ec01e23665f58dc902534e229ca35d
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402
81111be90503c1a93ea3a7eec8c7d4d4d0c01545b8287f413406cb32bf494a2c
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
85427ab651caac7c7a95df7a96113bc3be356e73fdf689cd376e821640f299a4
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
87860d4f23587aac75b7166f34acd8133fe01a5b5b9101d0f293c4ef47566655
87f2930339039d1c0b978a4de532ff29545bc906099c5780c7e115a27310bca9
883affe4d4fb73c6e129502c031f95d288c6430cdb54e7c0791e4b5faee3cbd8
88da1fd9f530a1501a171171ec38002698c3b35f5ff55be96ad37270a7bc1cf8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a049dd59ce9c60b2d0d8623e685193d914ef74e0e8a3c984a7eca905ad73450
8a83544c0699cadde3934ba304e82083f9d10ff350652f0c221a573ee3affc6c
8b0ca3a5c19d981abb885180aaa4aeb38065ff343a9517667a7bbea2fbc00166
8b7f2152445dd2163476d9737488b8a4b627fa26bf2a53a5ef757ffc94fb16c8
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8c36c01636740f369bdcf09f43fc0b3b99d14c1e843eeed64f7d69bc78b81083
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7134212f927125020c613d4cf3604d8ba95588bc109aa08e757d6c04c7469d
8e01a16bf30547342fe547ab303cfc4f1f7276d6e4e567fe4e84f11dbc5f41ca
8e0818942d330fd4461bb84213e1be8550aa4db81101fef7ea4f224a39c3c064
8e58689759c405ffb5445572cc884bc90dfa7746bd6c6689aa4f373e6b5c8b67
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
908e524d74c4a27b027a61f3782df68c03f7cd9e14ae16b44ea67f8897915d3b
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93e1604508eb3670d53ebc437b3e8d68636cbed3c81d8eb8a22a7f295ace04d9
93f86497a24923f2841cf7ca57dace58d1e04cdf8fd4861d03ddbbbc35ed2a1c
9412c082d36ceb582eaaa1b57bde393263d8a3dae33d950eb454ab93331b8931
94580d04163b820ee0baf469bb56b316edb88e15b352aa14721c673ee48176fb
946c813e04d9730020ed021197661ff9de6424f3a356f6033de0146394e0b33f
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c
965f930a055ba9057226cf4b50e357979f19137cd83729d2e69188bc3ab9e811
96ec05a9961fb93dcf64c38ad356556952869c3a251f16f00420d372f5cd0abd
9750f710e33b68e3d4551759753b699afe70c81f26c8fe5082ea16b3b1dd18ee
989ed7368c77cf5967ad412c84e9048c26abbba2779f7aab0cbb2d3e89dd58f7
997ec54d8ea5e03039ee16191ce735693a7390838923f0a06388887ac7357bf2
99e7302fd65f4a9ff4737457e41ef076591829a2073cc0f9c92ae2b6f14fe8ef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
a03490f3bf940e831c668d3855b6a61713bc50543405acb77aac286d566b4348
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b15ae48bab09072f723635be4ff379525cbf3e0c1391842f700ab249ba55ab
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3527b208e444c6fb7270ad375b497c02e10c59968e6a94f1a5384ea6b1aaabe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a591245ed241622e99a10d81d53d702dc496ac24ccfc0590f74a8bdd80d6b81c
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a653356131860182f0318daa173986aae920198dd0500839b0f080dd15b06fd1
a693a45873bf3e360af397745aa39bd953ce4ef8218af58f4f31033a6388d84f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84ef5a6a9fd3bdc28d9e32a44b7b7e38f4d9f3dde03417912f12327efd90235
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a934b5a286326f584fdfc16523d87b130f3ed3335a6519808d2b008d1b961970
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a98a5c249c0805923855cb4287483464e9661330e50fb4db18111a9d2c312df2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
ab4145f2aa894111335a256a9782193dfc4b0bfcac9b28434cf5a72f8311df99
acab2c4c521803c7a03cbfb80fc7de394241a6329320c0034137afd798724fe6
acd33d783da12f60ed81f4e6173d079cf02e3f187680e52dbf286d3d7e17cfed
ad2890951b6a6be2175bb25dd3055ba7d70d93e2df4b2088868569b16a8ea98b
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed4f2ab210632ae77979398599bac1102a939e094b85284752fe9bdf8701dfb
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af2db4ec88bcf35f3ccb8a978dacf76591dc2c541b5c5b22c8dc79208eb8c688
afbc2811c699855758b1ee1d0033eda4d2b733222ae3bc7213ee79da7de15b1a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b083b66445b283153512fda283018c691ef8610dbea80a0b1282b5527032b918
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b35fc04115f8138f9fe7362d471c5f6a6d577b9854751045edf5f4f90d6d8e4f
b3b4cfdef12699a8fd084878254e34071e6408138901f9b11afecd96bb9ac4ad
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7197983ffe2d508f0c0e2408944f06fa6a8302e99cd25d29257f572ffc37125
b7197f1eed16b76fafdd92ae8a32ad34270dcdde0d20f1ff581c8b11c95f428a
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b7e36380db5f3a3f12328b38e6aed19b4bd05542366a2bc38470284e538a3816
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4322a3c57f14d39a7ff7ca45f311f9131f0f95047a4ca19a781e3e803f8aaf
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcbf5baf3fbe1ce55828221062341d9a30a688ce01378be721ad3123041ae6a4
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdaf96bc2c332c16a104b76e6e1e131fe89eb33e2fa668ed10fab6cc33a48146
bdea92cb6ea4c837ed6f73d78f5a41430747420a549a9c4081eb43232ebe82d6
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c0fe85a38d5f44dbdd02db8ff960b714bac5d0bd6ce67acb501977910632b382
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a523e8538bab263f59f1cd799e5d89592bea18863b84320b7b20a08150cc67
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6049983502a4f367b61eb71ceae525bbd94e7a62d4ec3c0c32b8e8c396f54d0
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a79fa3693b0c3df66d9ed47fdd937019645eff5653af1c4cb78a48ac2f937b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be
cc04aef500cfdb77091b41f197210771d3bca5fe802b3fd259d56f68f7d269bf
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8422af227b6c788df1851d649f4c045fc5a84958564d4ffc91cc8bd2e24403
ce021cb61a37992319ffd6f0006341a3cf3c6d847fe41894a518d640f784cca2
ce0de054fe43eeda32f2cf4b4e09988e7645402c76140490e597bfee6e35c61e
ce251c535bd0c1b63eeb17265d2bfa33c4106caf58d061cef26aa7d3407e62bb
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0b08f3a8d48f206e679455a35355ba232af1c569053910dcc62ff2dda67d36c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1275b95069de35f7ed77e2c85e1fcebc1bcbfb04fcfe86e897d72dbd016ea9b
d28721e670e9f217b04c28a7e0cd4c54457a4603cf94d582dcd9d929c2824ccd
d4689948bf60aeb394fde77e4b131bae6e1848dc9fbf376eba35ddbf776e5cf8
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
d574f6520896627ad2e548717d6f7b70b6d95b5c7b9b01607cb6328658cf6919
d6a367f99eadfd25eeb9b0a17124331b22b885969d5dc46051cf6dd913f28f72
d72686ef003bbd74d1ee471148b1d82e2c77cfdab9b0b393655a0762cf150dc2
d7371570e1ade9afdbd03372121737a80479e268adcc8266c882ff5afd59b61a
d7769d34413948b167e8357b1e8322ce3ba32e96571fad70d0eb3406998cb253
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8ebc5e696f48ee3e21b44b18eb495689a6d188f580895760343a0793580dfb8
d8f3bd89db41306bfb87476587bbfd314c0af7eadc55d2813e24b9464d5e9615
da720d72df0a9806c124a95cd127112114754c0bdfba4efd503dea3d4c0da63a
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df8d8a0e27e9f274a54a74483a1f73d1e88d68f9d45802a6f0ca0a41ed84c630
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e010cd62c0e942d64021ae76d2cd4e2ad3ac18589310d847d5ec90179f05662a
e04559fdc8e0c0d86d1c3d315a3b6e795fdb20e336305fd1bca8b41dad7668bd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e380b57bddbc001f4a7735a42344e387bc1304c3a11948eb4a05b60b55b343f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45aac94911c702627ff8f85358938607c804a9ccc5d398e0f329af005f28e57
e48f833dc7fdd25eca6c731721a68a85c2f8c12e6e5828298c12386c5d8e141a
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5cb398e35614045069f8498e1525461d7239583a0cfb319b2dd6097c5ba73b5
e5e6232d4d8de0ad72b4934d0c0bf12f9ef70be2170bdb7536ef3ea09cc466e7
e66dd4920233a86773bc204a66cb444074c0d5fdc21ef69b75ad12740a109a01
e72dafa73c834424b8c8ae43f78623459eb93fc0a0e4cd40894271f4e9e1736e
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
e7997225bb226143c3541a87a0bf028afc4535b6a69c9f2348db7c24524ce0bf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e946662959e8e023c3b3d827bda7da3cf4708be8bd4deaada707a1bbd4b2c22f
e9ec456b9813d0253701811d944b26e013a43f847b2a8504a4d1fb0be7280302
ea4279c2c2f6e427fe47c9c836c37afd7ccac323925634fd58901bdb03f4b2f5
eaf36349454a33d50275a1c27829e64acd26ae745c92847fbeb2ecad382b231a
eb98850ff4d6ed93866b2b1de6f1b84e76f689bc40c4331307a22eb1b37164c2
ec197cbb8a4b8ceac8e453b93a951ac5eb86c5dfc0f82a905af84113fb314405
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eda1bd91720080fa90dad8c1174930de3af2d69fe135519fbb729d91ef77a707
ee9cf3ebc5d7942b7af27709e6cc5730ccdc6204a4c5448d98ecf55617694e45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22d543994683aa0fac123c8c84095ef1b1b4dc20161819eda7ec37c3182d298
f248e52a8229d0709ae85b03e5609a2435b76d9a2a319b03fc9953e25b68d986
f268426f3031ae58ddc23cfb08a8217af2c96ae10728b4eca3b3cb986fbeb7d9
f275a5dc030fd68ddb1aacdf1c91561dc8c3930cef98b780cad73d8574126fa0
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f34f9128b1025f2f33d5becd5c6df65b6c81370f9cc55000ffec085b91f08c88
f366e13b444c6186601c91705e2198bcc6fc119fe394f33cd9f559e74999b14c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8902748a5ad5a83a23401f05003b8a6d9b7e05418f3f7330438e3cadb1b527d
fa80a5d16f29b07c3f897364c63d9e1936189c526405837f3deda5625fc1617f
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fb6628cc9f42875f817734ec9f1b0851beb4d296da0b34198c5a9da1330e87a1
fc075fd28c7c5fe13c0de6252ea367f0b679ad6b5f3a6403111b16539eaee1a0
fd778bd257f18e50868900051941777a4d88c7727e41e3434396b218176e1327
fde1da3c70b8a9901824770ff25f1a70d7c685572117b335d5d8344758f9b457
fe3f3ec36444f6fd8bf7e7879764e829226dd0d6d69b3669ed152e28c5e87d34
fe425a4f92df6dac0628adfbd3c931fc75988842caad39f3745a109e4a9f459e
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48