de.fitnesslifestylehealthclub.com Open in urlscan Pro
2606:4700:3035::ac43:d6a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://de.fitnesslifestylehealthclub.com/
Submission: On October 27 via manual (October 27th 2022, 12:06:54 pm UTC) from CH — Scanned from DE

Summary HTTP 234 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 31 domains to perform 234 HTTP transactions. The main IP is 2606:4700:3035::ac43:d6a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is de.fitnesslifestylehealthclub.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.

This is the only time de.fitnesslifestylehealthclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3035::ac43:d6a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
9	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6 20	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.11.239.181 23.11.239.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.250.251.255 3.250.251.255	16509 (AMAZON-02) (AMAZON-02)
1	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	3.121.8.30 3.121.8.30	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.67.130.24 23.67.130.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	184.24.12.191 184.24.12.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:2::8	15169 (GOOGLE) (GOOGLE)
1	3.232.202.161 3.232.202.161	14618 (AMAZON-AES) (AMAZON-AES)
234	33

27 2606:4700:3035::ac43:d6a1 (United States)

ASN13335 (CLOUDFLARENET, US)

de.fitnesslifestylehealthclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

whoursie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

dibsemey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.23.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.11.239.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.250.251.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-251-255.eu-west-1.compute.amazonaws.com

samsung-germany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

pfa.levexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.8.30 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-30.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.130.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-130-24.deploy.static.akamaitechnologies.com

c.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.24.12.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-191.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:2::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hnekn7k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.202.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-202-161.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	824 KB
49	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 273 gcdn.2mdn.net — Cisco Umbrella Rank: 933 r3---sn-5hnekn7k.c.2mdn.net — Cisco Umbrella Rank: 436656	957 KB
41	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	220 KB
27	fitnesslifestylehealthclub.com de.fitnesslifestylehealthclub.com	560 KB
9	dibsemey.com dibsemey.com — Cisco Umbrella Rank: 463687	41 KB
6	evidon.com c.evidon.com — Cisco Umbrella Rank: 1164	16 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	5 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	233 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	61 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	2 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 409 rtb.openx.net — Cisco Umbrella Rank: 1521	832 B
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
2	betrad.com c.betrad.com — Cisco Umbrella Rank: 1531 l.betrad.com — Cisco Umbrella Rank: 1354	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	915 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	792 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	570 B
2	demdex.net 1 redirects samsung-germany.demdex.net — Cisco Umbrella Rank: 122412	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1137	344 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 651	764 B
1	levexis.com pfa.levexis.com — Cisco Umbrella Rank: 116481	532 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	710 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12352	556 B
1	whoursie.com whoursie.com	421 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
234	31

	Domain	Requested by
47	s0.2mdn.net	googleads.g.doubleclick.net de.fitnesslifestylehealthclub.com s0.2mdn.net
37	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com de.fitnesslifestylehealthclub.com s0.2mdn.net pagead2.googlesyndication.com
32	pagead2.googlesyndication.com	de.fitnesslifestylehealthclub.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
27	de.fitnesslifestylehealthclub.com	de.fitnesslifestylehealthclub.com
20	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net de.fitnesslifestylehealthclub.com
9	dibsemey.com	de.fitnesslifestylehealthclub.com dibsemey.com
6	c.evidon.com	c.betrad.com googleads.g.doubleclick.net c.evidon.com de.fitnesslifestylehealthclub.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net de.fitnesslifestylehealthclub.com
5	www.googletagservices.com	googleads.g.doubleclick.net de.fitnesslifestylehealthclub.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	samsung-germany.demdex.net	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects de.fitnesslifestylehealthclub.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	de.fitnesslifestylehealthclub.com googleads.g.doubleclick.net
1	l.betrad.com	de.fitnesslifestylehealthclub.com
1	r3---sn-5hnekn7k.c.2mdn.net	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	c.betrad.com	s0.2mdn.net
1	d.agkn.com	1 redirects
1	pfa.levexis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	my.rtmark.net	de.fitnesslifestylehealthclub.com
1	whoursie.com	de.fitnesslifestylehealthclub.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
234	41

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
whoursie.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
dibsemey.com R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
pfa.levexis.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-01-20`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.betrad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-28` - `2023-05-31`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://de.fitnesslifestylehealthclub.com/
Frame ID: 3C935B4BC527B39B35593A78EE95717F
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html
Frame ID: 45D4111AED9D1820AECA2658DA320153
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=250&slotname=9392899785&adk=1558319062&adf=1639912470&pi=t.ma~as.9392899785&w=300&fwrn=4&lmt=1666872408&rafmt=11&format=300x250&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408510&bpp=3&bdt=380&idt=261&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&correlator=6111507865856&frm=20&pv=2&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uG8p440mHM&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=279
Frame ID: 3A943AD7B2EB562BE8C2C40332A62855
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&adk=1812271804&adf=3025194257&lmt=1666872408&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408528&bpp=1&bdt=399&idt=269&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276
Frame ID: 78156B738CC084D97B5F10B856CB9813
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY__LO1AEwAQ&v=APEucNXPXlviKjkP5puaG6e5tjA6VWZ5BG3WHx8FqeoSOdrCIaqypBSZuClbNJuKl_6urvDJ4NMuO5JIv3hqC12li6er_hGu3HBaoPXcJgwtWEEZD5epEY3FMOKENMSeHsfP91Q1-X8bTOZnGbNFPkiy4vA0VWmTi9EYNiCryRrHzp6ASzq8cgk
Frame ID: 840F6535D72C284A8467F9B2AB29E1DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Frame ID: ED8FE0C9ED5CF890296A6530C670FFE5
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
Frame ID: 34F5C24738C65445E1F4E4375F075455
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D0BA4155630077DE8C428211B4D6EBE4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Frame ID: 06A266A4BEAF0E1FAC6F4CE2165C6C3A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Frame ID: B56EA42BFAB636D08041AC3804E694D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html
Frame ID: 902247311436855AE9E8E6DAB9EF984D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CEuBZWHRaY-LoN8mUxdwP-7aioAXwoM7ca_ne0a_SEP_jtY-1ARABIIbUnmVgleKQgqAHoAGR9_OaKMgBCakC4zogwOXlsD6oAwHIA0iqBKcCT9CUWf0pK0O6oYIY916PFz8cqfhYR4CYFCD5YzwV0D_1D-vOkgft-I2LMQhNboEfU2mcC7fppYjq585OoQoEcNoOEOkvYdWGuh48PB8UPwUr2bkvPsIdYMrAQXBH99Rsk2DAezvAy0ETqR3jpBPToWl6vsePMLZLJtv8bHzX-ubkBYtfwqCayacls2mVeIPx6Curf-5m6Z6_Qf7c4Gs9RXswMDXVDuWsWyG9DpRJSsQVrERHyNyFAiEaHEErjRxSZ_J-AHiD2B7ASjuCcvH6YbYoLvh_8YISP89Pm9t2WWGfRSiMB1L0oN0pZXWVdeQ4q2hC8-7Azw9XcQsQwp5MFJbsjgioV7onjs1xdfKpqA8JfsT8PrkSFaHDMlYzj7vFHTwbExUDFsAE6ZS-uoEEkgUECAQYAZIFBAgFGASgBi6AB5GvxPoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqN8K0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzOTc5ODg0MTA1OTIyORgA&sigh=hjqsWpdTij8&uach_m=[UACH]&template_id=419
Frame ID: 1E92BB85EAD711B6BA797A8FD547AD9E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65B87CD9CF4B0141156B7281BC09DCAC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 8F32CB714109351083B158D9FB68AC40
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: 1A530E800778D8B7D0EE67977DCEE3F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw
Frame ID: 2F8BDF0F3A17063BD5CEE729727D0FC0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGM21odMBMAE&v=APEucNXj7yeSwZYFDWL3JJQueTCiO7Td6TkDNkvApG9CzBVzjDfTH6gYX1FiShcPnOeVk-qETlp9JBx2fducp0dkM3Eic1IKpa2O9vNXPh2AKmaooL1z_NEJcYmm7ix7nd2rXnGGBkIC-aKYTIZuatDfmsDUkDry7D58JmHUz6ODs3LUvfTouKY
Frame ID: 2AE352CF97CB36C6AD580A0375745479
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
Frame ID: 0AD586E598BD933C19E9C697394FD715
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5995CC0E8133640FF6BCD2047C0E37B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 590B31EA2399508B2E7271782B2D381C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4742AE402461CDF825CE5B1D67BA5A1F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
Frame ID: E945D4FE916ED323BD22C731852A777B
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E6C7037775660CC4B74E6EDF0027A156
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: F37D32F80B3B5663560029F818A2C7D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Frame ID: FFB34D694EB59273AD450E1A798705D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0B7168986C4FE5EEAFD686E46E0AA5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04D0911C61F5000CDD498E69D6C6DADD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fitness Life Style Health Club •

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

234
Requests

91 %
HTTPS

38 %
IPv6

31
Domains

41
Subdomains

33
IPs

8
Countries

2926 kB
Transfer

5942 kB
Size

35
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245 HTTP 302
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1

Request Chain 58

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1p0WR.fd0V6re63I4Sq4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1&google_hm=2

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDPGtCvlpVsK3IdLR_Qf7Ec&google_cver=1

Request Chain 60

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0OTY0NjY0MDM0MDQxMTY1MA%3D%3D

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDoC-grIfJdiLyyGtZPCebE&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEE5XDwiFaGIyrU2hfedfozY&google_cver=1

Request Chain 129

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084 HTTP 302
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1&__user_check__=1&sync_id=d6e02ffe-55ef-11ed-866b-11482f420406

Request Chain 135

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=d6ddc6ca-55ef-11ed-93f9-1d0a0d900406 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDZkZGM2OGUtNTVlZi0xMWVkLTkzZjktMWQwYTBkOTAwNDA2

Request Chain 136

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1SVHZkOGY5RTJ1R3J6aDR6Nk5XdUJBc3Y1dUJuR2laV35B

Request Chain 139

https://d.agkn.com/pixel/2175/?google_gid=CAESEL-iC1dxUB7VEBVh4sr4FPs&google_cver=1&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8&google_hm=Q0FFU0VMLWlDMWR4VUI3VkVCVmg0c3I0RlBz

Request Chain 140

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPunc14wJh9ZSvfVKasm-SgBGu6Q2MOQc&google_gid=CAESEFxKXwqk58pW1uk8aXj5e1Q&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPunc14wJh9ZSvfVKasm-SgBGu6Q2MOQc&google_gid=CAESEFxKXwqk58pW1uk8aXj5e1Q&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcxMjA2NTEwMDAzNzczODE1MDE0NA%3D%3D&google_push=AZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPunc14wJh9ZSvfVKasm-SgBGu6Q2MOQc

Request Chain 142

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBReByHTGV2cG6WWP5_Q-fM&google_cver=1&google_push=AZmPxg-PZujnGrKOiW-dHAj4u7FUw9g5zaph2H6nnmSdDkkj3OsGVX-BIsdILwGkybPxJUFF3aBqXB55io8P8MJWGe0-1KBpviM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBReByHTGV2cG6WWP5_Q-fM&google_cver=1&google_push=AZmPxg-PZujnGrKOiW-dHAj4u7FUw9g5zaph2H6nnmSdDkkj3OsGVX-BIsdILwGkybPxJUFF3aBqXB55io8P8MJWGe0-1KBpviM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-PZujnGrKOiW-dHAj4u7FUw9g5zaph2H6nnmSdDkkj3OsGVX-BIsdILwGkybPxJUFF3aBqXB55io8P8MJWGe0-1KBpviM

Request Chain 143

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuyP1eqjdXdSi1cRoxZLZg&google_cver=1&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7xy7jg5_POgjDlt9plMv_pZOU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUDctMjctRlZXTQ==&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7xy7jg5_POgjDlt9plMv_pZOU

Request Chain 144

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_cver=1&google_push=AZmPxg81Xa8ibreiVw8x9lkmPB1Jqpqp2MtR69F38p7V1fVqa1VHeLvD84vyIi7VsMn7hQ4OnZjYNjm-Qdlsy_SiQm3_HK7hKUk HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg81Xa8ibreiVw8x9lkmPB1Jqpqp2MtR69F38p7V1fVqa1VHeLvD84vyIi7VsMn7hQ4OnZjYNjm-Qdlsy_SiQm3_HK7hKUk

Request Chain 176

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5hDbpPKJXlt3l4RTPyo6Y&google_cver=1&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6Kh95aXDGkkJ9JxQI83CLV5kDKm9KQdBVmBklLP HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6Kh95aXDGkkJ9JxQI83CLV5kDKm9KQdBVmBklLP&google_hm=Bq8oCOxh4dahLnnOc8pbjg

Request Chain 179

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBReByHTGV2cG6WWP5_Q-fM&google_cver=1&google_push=AZmPxg9TrmzZ9DVewy2IOmK3DphIs8wTrb1FNA32kJHYgOJ4TvsJ43URJK1qEwQwuXmSHMNruTmXRSNXpYIJ0zKvx24hki21FA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9TrmzZ9DVewy2IOmK3DphIs8wTrb1FNA32kJHYgOJ4TvsJ43URJK1qEwQwuXmSHMNruTmXRSNXpYIJ0zKvx24hki21FA

Request Chain 180

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuyP1eqjdXdSi1cRoxZLZg&google_cver=1&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx5IwKYoIox-fPwoJw94lvkoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUk4tMy1HODUx&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx5IwKYoIox-fPwoJw94lvkoA

Request Chain 181

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_cver=1&google_push=AZmPxg88kbaoG7l7S9FI3vE0gVEy0Svz07OevcPsEt9TfTFMlupZPwimSSmkePv1ESquqSq9RTQ9ceIEHPOVbqoeskqHbdbr HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg88kbaoG7l7S9FI3vE0gVEy0Svz07OevcPsEt9TfTFMlupZPwimSSmkePv1ESquqSq9RTQ9ceIEHPOVbqoeskqHbdbr

Request Chain 197

https://gcdn.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6796775831CBF6C4252FE776B9898E119D9F0A64.A352A849911C7DD0AC22CDE55BF71F71E4FB6A9A/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5hnekn7k.c.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A0269DEA2F60FDF58164727C89DC1A01C3F848E.25FB28829ACC0658D8BB913DA487EAC2499DA9E6/key/cms1/cms_redirect/yes/mh/AK/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1666871545/mv/u/mvi/3/pl/48/file/file.mp4

234 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
de.fitnesslifestylehealthclub.com/ 43 KB
9 KB 144ms
82ms Document
text/html 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54a7c11887d953b19b58ca60b5ce37da7e4a42cea7d8b2374446f6e6d12a928

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 760b4ec64ef3910a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 12:06:48 GMT
hummingbird-cache: Served
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUQWryHQh%2Bf9aBos8co21sQLZr8PjezSibHqvU8g42OIztxh636q3TSb311hratjNQdIQYZ4ldhJ3dlWw5xFx0WrlR2pn9UUz3cLYGys9gEl8Yh2B%2B2e7baDq5zn%2F8rTzMvZm2Wd7MrmsMpgfQJ3aFZ5tjXh4c1Q3Z1qlnPwWEU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Host,Accept-Encoding

GET
H2 200 style.min.css
de.fitnesslifestylehealthclub.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 33ms
31ms Stylesheet
text/css 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 17:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6415
etag: W/"15b64-5ebf37e888cec-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8E6Jly1qeKAzTo40fwigJ4mBaNL5Nrw8AFai0JhkW8kuQCBsWurRKR8pkWigyoNhLd5YmvqtmlihckWgncGE23nv4n5dzgy%2BB4gUR2PZ7yh1wFWl67k219nlExGizTPMRwnSUeXK5nGPS6%2Bks6WEOW6Nv8ex1WkE14jR6gm5Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760b4ec6d80a910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7e735a9a96e8258a1261a02257c1a685e0bb4693ae779634b56375cf4825743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 12:06:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 12:06:48 GMT

GET
H2 200 font-awesome.min.css
de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/ 28 KB
7 KB 38ms
36ms Stylesheet
text/css 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/font-awesome.min.css
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2017 19:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6415
etag: W/"718b-551c8862da280-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4AVtAIwqoyux3gBXp6VMbI3M%2BXCpq8wMF4%2FKkUNE4GVD2Grjb1oKrIcvSJBHXZn%2BF2urV9kojE0xo0yvxatzgEa3icTiY%2BquVHV1iKgr5ODLk2H0jdbpBLd3XxeCt%2B%2B13aANiZWydws0%2BCIwbEeFGaXbq2OgaIRoLJtLicTN%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760b4ec6d80e910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/ 48 KB
10 KB 25ms
24ms Stylesheet
text/css 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/style.min.css
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fdfa198bd54dce8a49a03f57b6c46ccf7e823fdfcfbc633ac9d17c161a69a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2017 19:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6415
etag: W/"c020-551c8862da280-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csAUVC7jgLLqMsxl08YwkyhZZQ%2B4jkBM49pqRIeR3ks3Yr57RvpqeDXboL27FUabA9ffn2EJkJAnAktJXFI%2FAim7DOeDXzrBV1rSgWsf5mldcbk8LDdAfUAmUJ81ObWNubtZlbRykK3yMY5OT8wJmxeFeWNGvF1gPneBR0PD8Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 760b4ec6d812910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
de.fitnesslifestylehealthclub.com/wp-includes/js/jquery/ 87 KB
32 KB 30ms
28ms Script
application/javascript 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 14:13:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6415
etag: W/"15db1-5d1613b82fb38-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NkP50M2moXUJLp4S%2BnWifvffS9K%2Bi0U18ioQsWJaIXR0uJyAEFEYvYkZaynLRe2fwYAHLVOYE5PPFXi00RC2uqeyYbZiRy38i9lBL9ucLN8ZCpnVIPyxjUoVIyN6wSrATTXqKrOPQ5wz%2BJruabeXl8luHTJNdTRoK0J0uSGBqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760b4ec6d813910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 chocolate-milk-for-post-run-recovery-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 24 KB
25 KB 64ms
63ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/chocolate-milk-for-post-run-recovery-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 107b1738055a81bb97cbf3a66a63879d4464c5fa649e39fba3b93cddf1afbd58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:37:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "60d9-581de1bb44221"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsyQznDyuqd3rRDQ919WpBCpCzxZoMr5Q2uVJN%2FdqnnC52r%2FnvpYlbTuI6H%2ByIs3ydfelzDueK%2FHqe%2B9qF%2BukO2I9RS5tGbcLWoxvrPX%2FTUY1tWf499wmpNKZG4bH2DGoNJzqvaKP7M6li7DqspUJ4jSHIbZFzhuNlATyCpHqX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec749e59b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24793

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 167ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42e348ba492b80e2a08acdff616807ff725f7fd2e45ba3fa5fd90db3585043db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55153
x-xss-protection: 0
server: cafe
etag: 12883240239056653749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 12:06:48 GMT

GET
H2 204 4995489 Show response
whoursie.com/5/ 0
421 B 67ms
11ms Script
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://whoursie.com/5/4995489
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 27 Oct 2022 12:06:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
dibsemey.com/pfe/current/ 14 KB
6 KB 68ms
12ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/pfe/current/tag.min.js?z=4995488
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a1c6c2482a33b669ab424a662542c80adc1e170c28d931d730671149cb3aaed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 09:56:56 GMT
server: nginx
etag: W/"6357b2e8-39be"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 scripts.js Show response
de.fitnesslifestylehealthclub.com/wp-content/themes/root/js/ 7 KB
3 KB 28ms
28ms Script
application/javascript 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/js/scripts.js
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b068e8d293b433791e95524241135acf002d29fdf4116a2e9f110938998b2be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2017 19:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6414
etag: W/"1da9-551c8862da280-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dx61lFfDxFE0pmZpJULKRo5lRM6jx8jkV%2BLfvF8K5dxMElzc89EmRET4RSjyHxmCHnU7NORAyVp%2FHQqgQbHyJqWrJK67atu1xUXp%2F%2Fvrr5lE8jTX%2BbHLF9FaTaSscgXsrmMCNSrJ%2By50ROT32K77pnzIsVjMyf9tnkvmrQERxWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760b4ec719669b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
22 KB 174ms
84ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://de.fitnesslifestylehealthclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 21:19:40 GMT
x-content-type-options: nosniff
age: 571628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22768
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 21:19:40 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 23 KB
24 KB 138ms
48ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://de.fitnesslifestylehealthclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 20:53:45 GMT
x-content-type-options: nosniff
age: 573183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23784
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 20:53:45 GMT

GET
H3 200 glute-activation-exercises-for-athletes-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 39 KB
40 KB 80ms
78ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/glute-activation-exercises-for-athletes-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f6c2323eec926c857874a8583f30d7887f02552d2534d9000c0704408ecb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:37:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9d74-581de1baa5ee0"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10TM4kWa6zqcpSfi6vAkasADAB7B0r%2FA9hPJIENFYCqVg3POEU4ZVSk%2Ft%2Bg99Sx1yNjvTHAQsAT7OHWtRN5Nsz2ahbE90ObrV6iHcFDD0l%2BoYfCcMyonGB0Ua8YjJhtZxopbxUjhqzoWCAhcH87xisN08ru8omcG7u8PbPJCvtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7cb2e9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40308

GET
H3 200 how-to-safely-progress-your-side-plank-exercise-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 16 KB
16 KB 70ms
68ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/how-to-safely-progress-your-side-plank-exercise-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfcc1ee957408ba421f5304de3b5e2dd571576fdf895d8515f131fb4a715a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:37:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e60-581de1b9dcc20"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCQ6a1ZVbLmgjmgAZqkQNytH8Gw8ZYlOPjzQPhIodVVYolt3P9%2Fd2kNF%2FHKkk9c4hsBLe3AdG%2F5MnkK2uMgYPPV%2BrlLfHqzl2Pzws%2FUdVxPr1EoU9OSIIwF%2B2IjFs9tmXXfSAMkfv6KcMUVIsJJFqUcbT%2FjnEaeKD%2F8GHmF9%2BxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7cb309b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15968

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245

219 B
705 B

43ms
42ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

7ae2a89be2f6d815e0420d10c25106bc72bed6c9fc4634cab08c0039b175a49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:48 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 219
Expires: Tue, 26 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:48 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//de.fitnesslifestylehealthclub.com/;hFitness%20Life%20Style%20Health%20Club%20%u2022;0.7782119618253245
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 26 Oct 2021 21:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
de.fitnesslifestylehealthclub.com/wp-content/themes/root/fonts/ 70 KB
71 KB 37ms
36ms Font
application/octet-stream 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/wp-content/themes/root/css/font-awesome.min.css
Origin: https://de.fitnesslifestylehealthclub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2017 19:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6334
etag: "118d8-551c8862da280"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FO61BDt530XXcw1lz7XLmfXyCcA%2BWDRmC1d9vcDeEZuK5ZhAobI%2F%2FUvIxCvAE0Q8lIJJ2wZfAxXy3kxXQxmLFIfolD%2Fbx3dQ3LMTwEOdbYjcNw691n%2BpnuuncjZinaSbo%2BUh0tkSoglMmgboVmtJvcMJW07Iozx3XaszhVXPlU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7db539b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896

GET
H3 200 becoming-nursing-home-administrator-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 34 KB
35 KB 89ms
86ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/becoming-nursing-home-administrator-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 945091fb860a97d027680f6fa4e655e3f230cbe1b800790fd3b01411fd2b9890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8988-581de611722d0"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLLJO8x06Tay4U7KhlbDNKVyR7Xd6siJFLhhNizqjdwEXpK%2F%2F0XWrEmwLnh3Ljy3wxNaFrTllhC9TkkjX8q3NrLMNN15waxgmZ2mc9ran8tpVOH9NQN3rCXcMAg5hqexU4XZMaSAlwg%2BASLJedA8kyWb7S8mBtj8m03McgdsqV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb7d9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35208

GET
H3 200 five-up-and-coming-technologies-in-digital-health-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 27 KB
28 KB 82ms
79ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/five-up-and-coming-technologies-in-digital-health-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f42c75df42a21d64b1970eb94e12e297bdfbb80118f0294859f07986d7f604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:56:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6c23-581de610eb690"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCBHEEMDxMeeivDO%2FV%2B2EfETEtWjzubQfQZPFgId0ZOrcEnJDEoZp1fu0E%2Brb%2Bjkx%2F%2BNAVDcnfpx7gjKyiIi0%2F75wkapZ2FkIMoPKNpckGeX6Td6xnOnxMecyEwjZooYbfS%2FS14508z5SLeVsD9%2FaO2IOnpuBZFz4uS4sC5NUTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb899b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27683

GET
H3 200 reducing-your-risk-of-adverse-drug-interactions-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 25 KB
26 KB 80ms
77ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/reducing-your-risk-of-adverse-drug-interactions-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e351e8d3808636b995911f48070e624d1c9bcc2cd74b71099d42fb82a7b8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:56:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6428-581de60f4d591"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUAKWwF5X6R11kJdZyzjJVmSpNZnoqFPuRewcsIZMekru3xtdMlzvVTDK9sjOaGgKLz%2Fx7%2FcQxsnQIM29Omd%2Bj2bgUhnOUY2ne8fqydtdjRJWW5XBub%2B0FDsev6fmf4nGZ9cVPK04aMdystt7apphhXIAIzGiH1aKpXjjKkL5sU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb8e9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25640

GET
H3 200 7-tips-for-managing-your-pregnancy-with-cystic-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 35 KB
35 KB 89ms
86ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/7-tips-for-managing-your-pregnancy-with-cystic-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9a948bab4d2cd3de764f40d360f49fcf9e620ff971da2dd8d04d3c2b082b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 16:58:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8aca-581dd9050fafd"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F4hZhybTfNdI3DuCjetQZ6HK9GoVLZQqhg4wSUXKlYvnIxsvdgWoKNJeBiazqWxy%2FkCmjmzxlvq7LYNt1RdFoUY2IkfvLlw2OaWRq4au7SCqrzPCWls0MZ%2BZyMTv8WL5jZ%2BzR3G5LFEOmNrkCKHqcR7c6q6qrveysZgphRhC%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb939b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35530

GET
H3 200 strategies-for-running-faster-race-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 14 KB
14 KB 82ms
79ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/strategies-for-running-faster-race-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9105c7c6853df61c33336d8b93160c0c3acd5e7a999641383c3cf84beb5a2cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 17:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "36c1-581ddc7082d52"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=breI6zz%2FOneRHgGU%2FK38BrROHwh6dlO8Msn1Id4RtEFNn3zXq4Qg4xwBGLdGw36xpy1A48rtJYZ5eC%2FZW7Mj%2FET4JYvty0GQEZHWa5PwKA3htd4JOR%2FTnOkSUr2ejZBsf7ax0f8iEdTBuRMmxBNweP3WH7%2FeYR%2Bqph4STKovfdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb959b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14017

GET
H3 200 how-hiv-increases-heart-attack-risk-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 10 KB
10 KB 82ms
79ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/how-hiv-increases-heart-attack-risk-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aac0d5ee5ba5d34098d8002e7caceb2cff53bd38d909e6d001448c35900a4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 15:28:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "272e-581dc50e7262b"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgzrUnEBio%2BC5ap3Dz0jaZd0Gxyqk4FsaVSqqaRtV7ZLphjAXwkuIsftQjjkzo7K0b258h408lKU9Icvkp1Rw7dxk4C4AdIf%2FSypCoQgkkTJgZVRI7qJQZSO1OJWwDuh%2F0fj%2FU3RKPvgsVWafPi%2FSBLm2%2FmTpr3qdAAWtcIBTVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb969b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10030

GET
H3 200 idiopathic-bile-acid-malabsorption-and-ibs-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 7 KB
7 KB 97ms
94ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/idiopathic-bile-acid-malabsorption-and-ibs-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace9c0fb72412732d2c2c2bb7958f6664e3a8b91a0447c536641759a3b0e9fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 16:46:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b99-581dd6685d2cf"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g3PPQqBa7vSwGDw57V5R0mC4T7HzQcBsv2FMQUgvicQ9tV3nYeL2NK8OWTDCW9WlRljBfs8lBjqkFH%2BeofGFFaXnS%2BKevlozeDEnR9vxx5GW50GoN86fbJDyiIbA0Dsh7UQakjlIzDWefAiwh9w5SR86mwJbI9cyHbjQZ1RQrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb989b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7065

GET
H3 200 how-do-brca-mutations-affect-cancer-survival-rates-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 7 KB
7 KB 98ms
95ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/how-do-brca-mutations-affect-cancer-survival-rates-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d3490c91f60abf82ed342b32a3633c3e42bfa8ae627e7e7f77842a01a37460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 15:55:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b31-581dcae4899d8"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMgO9HjitQRsUYzkfDg18vPAinL21ZlrdAYWOp7h80Mz860SuA68p164CjczF%2BC8KAJbzsmCcUIczSwrRsWreGAZHTnsmRy728ZrilaKLRiezKGKIvfH5KeAv%2FmMu%2Bv383KZVQOPR6kFRR2proB4QOmFT7Yonbc1SljeF2CbcJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb9a9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6961

GET
H3 200 understanding-immune-response-330x140.png
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 48 KB
48 KB 98ms
95ms Image
image/png 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/understanding-immune-response-330x140.png
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea89787496ff8dc419e0d70442e0a7868b7a7cff566b6b4902ac2b23659f3934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 15:28:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "be95-581dc50789d4b"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nY1%2Fkx7cfigwhA%2ByHc2PbIDGK3SuH4TwcTeVMRoFMEFlj8jgZfeWwHsnkvpMJzRmCnSFNHuh5vBuKCZS%2FhAQGLyeU2RgSUHA4hlvShCo2tDM%2Bvm1vW%2FTEs6AFNk6cSZ%2FrLNI%2FWyS6YcA9Yn%2FYlsiDkPGcxgvDHH3bJh5hYXaWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb9b9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48789

GET
H3 200 overview-of-pseudodementia-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 13 KB
13 KB 105ms
103ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/overview-of-pseudodementia-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5825716982aa51605a30c1032f1492b55506b52f3e69b78394dd2b60eaa68ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 15:02:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "322a-581dbf295390f"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiLbgf1y%2FqsdthMachfburfTw1NaHAZlDzTbN122%2BL8zos3%2F5iPdFgMjihQQvDwSFLfiA627rSqXmKGqQn8%2BljDruPE525WiwVdB3T7R3p5OLx2PbiezZwiFVilqN3vm7IJvJYD7WyfgPRfKDOBnj%2FMb2KeHaHMZcZdSg0lhZC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb9c9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12842

GET
H3 200 symptoms-of-chickenpox-330x140.png
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 41 KB
41 KB 116ms
114ms Image
image/png 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/symptoms-of-chickenpox-330x140.png
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 117d7c61d9a1137845badcbcd3024dadc5969783dffb76371ae844ab6ce9c535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 15:38:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a258-581dc720e1639"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FuAtp2LN4xxi4dSYIaL1WNv46MPqrc6E3Movz%2FbyPr5LvOKdAI3CozQWFpOfos8Jm15rLj6A3WL0nvNApWWwgURVZ6VwgerOnEoolQesHJIrQCGaf7gmmOK21YvZzKlF6PKqA10jsAKUoQyhXGHhh1Ury5QWt0CTJKqxI1TokE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eb9e9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41560

GET
H3 200 can-celiac-disease-cause-short-stature-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 5 KB
5 KB 119ms
116ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/can-celiac-disease-cause-short-stature-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ca4bcbe4f8aefb217834a99b7e9afe088cc51bb4dd4b584250c15801f75c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 14:46:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13e6-581dbbad72c4e"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNKgceH%2BL45FLHDeJ%2BTAVnUC0FliQwjJEMIAHk7fxqFrLX6sGVUrzJYrT%2BC48CLhueWNSVRHvV3gTaJ85U4SCuJ9tIJmXGzVkrUHwvfi%2Beqle8xU9Ou2oNoIYD%2Fom8f%2B0qnpQGWhj3a2xH2ljsJn2cyTCrYs2dHJgLwdgK7LVuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eba09b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5094

GET
H3 200 how-to-tell-an-insect-bite-from-mrsa-infection-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 9 KB
9 KB 119ms
117ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/how-to-tell-an-insect-bite-from-mrsa-infection-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837f7b9864349a861da76baa10faa2fa4e4e82fdbb78384a32251e54b771e21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 14:19:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2346-581db58fa8f9e"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9N%2Bsf9qVYbkT2qYSNPJshd97C6tNyJMeqjPTzNO5wDu7ufbVk0dV4v9Mp62%2BRWtLn4HIX4KbwiZT7815IVjtRNG%2FkP1lcpUXPZh9g%2F4ykWQJMDij1xyiwnsF2fogZr1rncFo5Z96QTvTh2QCxChj7a9QhTFtq7%2BD4fNeszk7FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eba29b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9030

GET
H3 200 types-of-pain-scales-and-how-to-rate-your-pain-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 10 KB
10 KB 120ms
118ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/types-of-pain-scales-and-how-to-rate-your-pain-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59485a547fdb99238dd34f9c7ec32b6b2edfacbe978087ee2539f06f51bd8bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 14:36:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2673-581db964ffab1"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HilP6cxvSWEEanb1I7x4U%2FDyTdwH%2BusVtGKD8ivxWVz1Muh1gAEibrAxLcrhHel%2B3Yij8WX5a7JJzZMWZYZh12TdylAVEorMbxc6tCY61wsWV2sVHQ1ENWvVQs%2BtM5IVzHm1edrZXJvbJE1UJBcFHOUozZ3aI%2BUI7RlzQGKV9vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eba49b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9843

GET
H3 200 how-is-hyalgan-used-to-treat-knee-osteoarthritis-330x140.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 7 KB
8 KB 121ms
118ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/how-is-hyalgan-used-to-treat-knee-osteoarthritis-330x140.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f6c043302bccc600569e3310b4a277bc13b224d4bb16274a58cf89fb072af88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 14:27:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1db8-581db74c98503"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au32rGxyV4M96BRDLhy0d3IEUuZh8rlBZnbFf4eaW5EKBOaRxidGe31o1dNSDOfCQ4AexhIyUFS0iAP2qPmphMkXfLe%2FVPCndN1b4JsRk7AVGul5QonkKw0bCDj%2F0XItymC%2FEUz6vAfk5CuTHd0b4uGfDFtD7yjIRQ293WJxzUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec7eba69b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7608

GET
H2 200 zone Show response
dibsemey.com/ 665 B
964 B 27ms
25ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/zone?pub=0&zone_id=4995488&is_mobile=false&domain=de.fitnesslifestylehealthclub.com&var=&ymid=&var_3=

Requested by

Host: dibsemey.com
URL: https://dibsemey.com/pfe/current/tag.min.js?z=4995488

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8526eab15b4e6d14a890a0a7c204520c223ed39c6860adc7d10c4015343ec2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-trace-id: 150b13a9e416387dccbe596dca399492
date: Thu, 27 Oct 2022 12:06:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 665

GET
H2 200 universal.min.js Show response
dibsemey.com/pfe/current/ 96 KB
33 KB 51ms
14ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/pfe/current/universal.min.js?v=3.1.401
Requested by: Host: dibsemey.com
URL: https://dibsemey.com/pfe/current/tag.min.js?z=4995488
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6b9a9086e35bb0de35aaffa58fdd45c917dc45166502b49202f4a76538bb7667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 09:56:56 GMT
server: nginx
etag: W/"6357b2e8-17e24"
content-type: application/javascript
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 is-cystic-fibrosis-sex-linked-768x330.jpg
de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/ 35 KB
36 KB 60ms
59ms Image
image/jpeg 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de.fitnesslifestylehealthclub.com/wp-content/uploads/sites/6/2019/02/is-cystic-fibrosis-sex-linked-768x330.jpg
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb3dc4de7b9f9aab240cde6ea2a8b928ef909ca768f0eee59d932cafc7ee18f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Feb 2019 16:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8c62-581dd904300dd"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0J7BCAp3fYnjPDyCMYwJfFvzYMJ7UWnEJFBs93SWm%2F%2FWGj9DBI7OYx%2F0CD8S4IJWX6thKbXqG8ogoxS8f3%2BbA5BHZyOgytxUOnRLpXZ36s4W45xOdC9IWdeZCyyT0tAnfezj03PA6nZM5QV9xc9e4QsK%2FrElSUhFyg7hha7FBHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 760b4ec90ebb9b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35938

POST
H2 200 custom Show response
dibsemey.com/ 39 B
337 B 13ms
12ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a97f5aa2ab7498344c009b3768ca41fd
date: Thu, 27 Oct 2022 12:06:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sw.js Show response
de.fitnesslifestylehealthclub.com/ 5 KB
3 KB 38ms
35ms Fetch
application/javascript 2606:4700:3035::ac43:d6a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://de.fitnesslifestylehealthclub.com/sw.js
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed6302bbdf873d278ecf6bc4848824bb1f5c54759b4284ca2af36a53402c404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Apr 2022 11:06:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6333
etag: W/"1474-5dbbe02468b00-gzip"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUSAGV4FT1TUCWWYbPg%2Fz%2BSFXCGk8%2FlPWAkILMnx22nmdmSDfFoGptgsetRIqx8SYLvijTzQ%2BM91O8yFnONTMNrW78UEDsTcE7orEfqDqmtVO4zO6fB7T29CZHDxVq4UQekh9d8GKQMcJTPfGxPiFYOqXJTEuTPpHbVtyuS5dMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 760b4ec91ee19b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 custom
dibsemey.com/ Frame 0
0 17ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de.fitnesslifestylehealthclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 27 Oct 2022 12:06:48 GMT
server: nginx

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/ 353 KB
116 KB 157ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6839798841059229&plah=de.fitnesslifestylehealthclub.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f2fe0f9cf10e41a6b915e83b98c72a9f682079e1ef2549a04141e3900b7a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118751
x-xss-protection: 0
server: cafe
etag: 15479456747236022533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 12:06:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/ Frame 45D4 10 KB
5 KB 117ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 17:15:11 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 17:15:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 custom
dibsemey.com/ Frame 0
0 13ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de.fitnesslifestylehealthclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 27 Oct 2022 12:06:48 GMT
server: nginx

POST
H2 200 custom Show response
dibsemey.com/ 39 B
337 B 18ms
17ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d5f2fcbe2ed4b4c1896f57b250165db0
date: Thu, 27 Oct 2022 12:06:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
556 B 57ms
22ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=129fa6437ede438ea8f0f0b57d93c2ba&zoneId=4995488&checkDuplicate=true&ymid=&var=

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ef9f10e753ddb71af7a40b824fa538b58bd1d09ae3065f23730d1ee11a1a8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 427 B
710 B 173ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=de.fitnesslifestylehealthclub.com&callback=_gfp_s_&client=ca-pub-6839798841059229&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6839798841059229&plah=de.fitnesslifestylehealthclub.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8ba06de399669317c0db54d09fb8e29e5a67652ce2b8257ce85c6d3afb82b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 143ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=de.fitnesslifestylehealthclub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=de.fitnesslifestylehealthclub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A94 70 KB
32 KB 617ms
541ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=250&slotname=9392899785&adk=1558319062&adf=1639912470&pi=t.ma~as.9392899785&w=300&fwrn=4&lmt=1666872408&rafmt=11&format=300x250&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408510&bpp=3&bdt=380&idt=261&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&correlator=6111507865856&frm=20&pv=2&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uG8p440mHM&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=279

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7014296e1456623098040a792fe44beea47e4d983003b0dfb6968618b9f3403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:49 GMT
expires: Thu, 27 Oct 2022 12:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7815 324 KB
79 KB 721ms
655ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&adk=1812271804&adf=3025194257&lmt=1666872408&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408528&bpp=1&bdt=399&idt=269&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6053cb663e0ef5ba170a31eba9e6d7b04ac06639ff17b87f84bf6627358de485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 81157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:49 GMT
expires: Thu, 27 Oct 2022 12:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A94 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D42-JpivLypF9t0lfMsIHx4kXhasU4rVkB7WvlPqpkprxTm3HKvpIocxKpJ0XG4krfcWI6W0l7hyNyQAJzi43QxAVX4ulPmSrPZ-vzqt_O-abEih8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=250&slotname=9392899785&adk=1558319062&adf=1639912470&pi=t.ma~as.9392899785&w=300&fwrn=4&lmt=1666872408&rafmt=11&format=300x250&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408510&bpp=3&bdt=380&idt=261&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&correlator=6111507865856&frm=20&pv=2&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uG8p440mHM&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=279

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 840F 624 B
300 B 63ms
62ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY__LO1AEwAQ&v=APEucNXPXlviKjkP5puaG6e5tjA6VWZ5BG3WHx8FqeoSOdrCIaqypBSZuClbNJuKl_6urvDJ4NMuO5JIv3hqC12li6er_hGu3HBaoPXcJgwtWEEZD5epEY3FMOKENMSeHsfP91Q1-X8bTOZnGbNFPkiy4vA0VWmTi9EYNiCryRrHzp6ASzq8cgk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=250&slotname=9392899785&adk=1558319062&adf=1639912470&pi=t.ma~as.9392899785&w=300&fwrn=4&lmt=1666872408&rafmt=11&format=300x250&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872408510&bpp=3&bdt=380&idt=261&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&correlator=6111507865856&frm=20&pv=2&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=252&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=uG8p440mHM&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=279
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:49 GMT
expires: Thu, 27 Oct 2022 12:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 3A94 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 15:40:52 GMT

GET
H2 200 17009938870706975786
s0.2mdn.net/simgad/ Frame 3A94 48 KB
49 KB 131ms
37ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17009938870706975786

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d40ddab99a87d72df48c8c007daee96b0411c8cb04f206efef565e0ce633d3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 09:36:14 GMT
x-content-type-options: nosniff
age: 527435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49296
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 13:41:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 09:36:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 3A94 6 KB
2 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2484
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 17:27:26 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A94 0
622 B 140ms
66ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoH0ye06wtO6j3uv41aXwcA5oELCSxYcvvf_cMttCLIlmPLnd8AtVrDySNZvA_uaRCtvN5QC2-oAw9ujkX8yx1U05OwZtSOt8xN7Lw72O-czTO1Urg-_icR8hVhQ9SibLprF9voPj9ktPv-cubL0Q--3tv-LjnZG5XOi--akFVniE-N-F7mss4sqaaEufQOk73evgVyLCz-BjkBmYiTI9DYgdCjdf9klcjAD08xuP278to_i1Cg9D0OXVmVyhA7-oqAuaXRr2NbjZBgnRoWKMI90aJEugtWMntLHnUxSoVx6_yteo8NFJzUpNvPOTBWdtcrtG5lkZuwUy8gEV1NoXCE_OOtdcL-FSP73arVR3MXWh8Y4PtfzjOgo_y_pggbNYjlAfxccYIjk5uecMbp5zpc18tELcdNGx1NNp3SGaT0_oC76SkfiXY7pyotOzn-DDBEa-B52dHyMfUl7gk3pRn0gYgf0HWbKC1DpXtJLJOuy8M3an_L5WZqJYxVGHXnLrFgVm5bP8W_eI9hhBLj-cn8AgS8duLxnaKGoShBnFsnIvGl2ngFQDVxoNy4q6HoP-xJiGdme162IjIVKpv2D13wJU34h3EXKUGMONCDUXKiAbn_q9psRyCQ5raVt_C2m6a-GNo3er_2A389TmNCq09rVRdeiZT_p0ANWU-odTxo4iyMd19X6rM9tqEriGRLb_W0Hq4ndF_J-b8orQ9nabAcXULX_3iiNKYY-TAFfOWD_zx2abjpH4qBrplugaaPBSXbG0CyqsG0NxZdTVFXc3HPgDkn_8pWCFRNSnsskePMRE-jEW-qe_dnICkphDcDFzGYudx2wfZToHf0t2drHeZ8-xWpcojCLVpaiun5M0Z64aKolWddvSWbDis91ARv2cJgKkZspVtI123YITVNlTA6-KVFmorU4Ln6uxQf2t7nvQ2z1R0hNllsaCZwGI87xhH5Awz9lTJ_G7p98oCFR_BO1hFnp12E5M2vS-gLW1rHxs4N7LK-Qw_X_N40kwm3tg4xQh7w0AXimMirQPU15Uficz14d30WSErRnq9RH-Ws-Q9cCzZNXQ-pmwEgdm_LFKW4-Lo2-NAYCDJHB-AM50frarpzF_VFLy5yXeBBzQhXgiKt3yHsOoLgpvBN1EoU14Kfjxx-46pwIABIqC6Ec28T-0GHgZ1m5-hqRUyT1zsYzWgQCfz-secb_8vgKwhCVby3LNPZSohKYZoxYaMBf7R_0m91O3_EzOCB-1G1T9M_vEPEsaDSZ3wnVAX4cGrykTXL1MXPbitfg&sai=AMfl-YS8m_9vl4eYkPyuo9uiPFc_MdXILwllVVw63VBBI2oGrCmr0rwdIT42snMuPP06RKwdTixo0verjkL6thB_zdr0zzsi51xMsKLsxGJgND9TInT4AlbtfkHcjxv_3NoiRUrO1XHP5kocsAda33ciIjeTr0vXZEbWQOBFkZSeppwFeV600Zch0hCdmotcRUe61VcMFhtEwnY4AXHdYHZxrAWv1XsFCDVUEyHDNe9F8ZFGCg&sig=Cg0ArKJSzIK1CIKOldTuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221025.85756&arae=0&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 12:06:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A94 41 KB
15 KB 134ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:27:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 3A94 3 KB
1 KB 166ms
75ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 3A94 17 KB
8 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A94 152 KB
47 KB 134ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:49 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 840F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY__LO1AEwAQ&v=APEucNXPXlviKjkP5puaG6e5tjA6VWZ5BG3WHx8FqeoSOdrCIaqypBSZuClbNJuKl_6urvDJ4NMuO5JIv3hqC12li6er_hGu3HBaoPXcJgwtWEEZD5epEY3FMOKENMSeHsfP91Q1-X8bTOZnGbNFPkiy4vA0VWmTi9EYNiCryRrHzp6ASzq8cgk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 840F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1p0WR.fd0V6re63I4Sq4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1&google_hm=2

43 B
766 B

15ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY__LO1AEwAQ&v=APEucNXPXlviKjkP5puaG6e5tjA6VWZ5BG3WHx8FqeoSOdrCIaqypBSZuClbNJuKl_6urvDJ4NMuO5JIv3hqC12li6er_hGu3HBaoPXcJgwtWEEZD5epEY3FMOKENMSeHsfP91Q1-X8bTOZnGbNFPkiy4vA0VWmTi9EYNiCryRrHzp6ASzq8cgk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMCNZ11DZ2olW9BbdBghyjU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 840F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDPGtCvlpVsK3IdLR_Qf7Ec&google_cver=1

43 B
1020 B

16ms
16ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDPGtCvlpVsK3IdLR_Qf7Ec&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY__LO1AEwAQ&v=APEucNXPXlviKjkP5puaG6e5tjA6VWZ5BG3WHx8FqeoSOdrCIaqypBSZuClbNJuKl_6urvDJ4NMuO5JIv3hqC12li6er_hGu3HBaoPXcJgwtWEEZD5epEY3FMOKENMSeHsfP91Q1-X8bTOZnGbNFPkiy4vA0VWmTi9EYNiCryRrHzp6ASzq8cgk

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:49 GMT
AN-X-Request-Uuid: b188bbd0-68c1-4c90-ae78-2db3d4220fb3
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDPGtCvlpVsK3IdLR_Qf7Ec&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 840F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0OTY0NjY0MDM0MDQxMTY1MA%3D%3D

170 B
243 B

72ms
46ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0OTY0NjY0MDM0MDQxMTY1MA%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:49 GMT
AN-X-Request-Uuid: c1b54b33-ab0b-4771-8e61-3f68404a53db
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0OTY0NjY0MDM0MDQxMTY1MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/ 151 KB
51 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ce00f413ac9aaae938071fa45d4b23ce77a872abd6ca84316bc45a0aa22a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52374
x-xss-protection: 0
server: cafe
etag: 17785014236888811823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 12:06:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=de.fitnesslifestylehealthclub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=de.fitnesslifestylehealthclub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED8F 18 KB
10 KB 1021ms
1021ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

799467d8f4baf07cab1e89a0834e3724998c0ca90dc64dac9499132844ddbc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34F5 18 KB
10 KB 508ms
507ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a85f109da50e9b2d6d9ca24fb50846b041303f6fefcddbddb1caad85343ebc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3A94 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 029d4ec775c80bcec3e0fad7c581a13fe488dc12af7801b46214365c08fee79f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3A94 0
26 B 127ms
67ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D0BA 22 KB
8 KB 119ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/ Frame 06A2 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 19:31:59 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 19:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/ Frame B56E 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 19:31:59 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 19:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 06A2 4 KB
636 B 127ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 11:36:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 12:06:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 06A2 205 B
742 B 117ms
37ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:37:32 GMT
x-content-type-options: nosniff
age: 1757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 11:37:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 06A2 604 B
694 B 118ms
37ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 11:49:30 GMT
x-content-type-options: nosniff
age: 1039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Oct 2023 11:49:30 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 06A2 19 KB
8 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:05:58 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/ Frame 9022 19 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

811702538dbcf0a7a136ca3fe0e64babe8df2d4defdc06e1bd7b5ebc27efed8c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 97858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4206
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 08:55:51 GMT
expires: Thu, 26 Oct 2023 08:55:51 GMT
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1E92 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEuBZWHRaY-LoN8mUxdwP-7aioAXwoM7ca_ne0a_SEP_jtY-1ARABIIbUnmVgleKQgqAHoAGR9_OaKMgBCakC4zogwOXlsD6oAwHIA0iqBKcCT9CUWf0pK0O6oYIY916PFz8cqfhYR4CYFCD5YzwV0D_1D-vOkgft-I2LMQhNboEfU2mcC7fppYjq585OoQoEcNoOEOkvYdWGuh48PB8UPwUr2bkvPsIdYMrAQXBH99Rsk2DAezvAy0ETqR3jpBPToWl6vsePMLZLJtv8bHzX-ubkBYtfwqCayacls2mVeIPx6Curf-5m6Z6_Qf7c4Gs9RXswMDXVDuWsWyG9DpRJSsQVrERHyNyFAiEaHEErjRxSZ_J-AHiD2B7ASjuCcvH6YbYoLvh_8YISP89Pm9t2WWGfRSiMB1L0oN0pZXWVdeQ4q2hC8-7Azw9XcQsQwp5MFJbsjgioV7onjs1xdfKpqA8JfsT8PrkSFaHDMlYzj7vFHTwbExUDFsAE6ZS-uoEEkgUECAQYAZIFBAgFGASgBi6AB5GvxPoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqN8K0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzOTc5ODg0MTA1OTIyORgA&sigh=hjqsWpdTij8&uach_m=[UACH]&template_id=419

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 12:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 1E92 23 KB
9 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1E92 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 1E92 17 KB
7 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E92 152 KB
46 KB 133ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:49 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame D0BA 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9022 6 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 27 Oct 2022 21:03:58 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9022 34 KB
13 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 Oct 2022 09:40:58 GMT

GET
H3 200 bb5a73d6395d1afb4181f482f0ca25ab.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/ Frame 9022 89 KB
25 KB 52ms
51ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/bb5a73d6395d1afb4181f482f0ca25ab.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb82224c6e7753cda34fc0931de204441374edcce29c2e35f581d9918302176b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 22:10:37 GMT
age: 50172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25815
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65B8 143 B
166 B 35ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1E92 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beed1d87d7327e8dc524421f43e6f43bd87f935b571a6e208d0d4610e4459d61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 8F32 2 KB
770 B 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:55:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 8F32 23 KB
9 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 8F32 3 KB
1 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 8F32 17 KB
7 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F32 152 KB
46 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:49 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 8F32 33 KB
14 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

46ms
46ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
expires: Thu, 27 Oct 2022 12:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 __7f__700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/fonts/ Frame 9022 93 KB
48 KB 117ms
40ms Font
font/ttf 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/fonts/__7f__700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/bb5a73d6395d1afb4181f482f0ca25ab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2c515a894cff1514498e32abbb0afd9114d86eef29fd5b53885c2c75e6b376

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 22:10:37 GMT
age: 50173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48685
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 ___700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/fonts/ Frame 9022 93 KB
48 KB 121ms
44ms Font
font/ttf 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/fonts/___700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/bb5a73d6395d1afb4181f482f0ca25ab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2c515a894cff1514498e32abbb0afd9114d86eef29fd5b53885c2c75e6b376

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 22:10:37 GMT
age: 50173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48685
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 cbf25419e1c4c6fe92de17e8c67d0da2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 45 KB
45 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/cbf25419e1c4c6fe92de17e8c67d0da2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12256ca3c0e58f563c2bc73e385643b31f27c97df02328b35fdc9278353a730

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46263
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 4e5911a3bb5c01515568e20f6349e2b0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 5 KB
5 KB 50ms
50ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/4e5911a3bb5c01515568e20f6349e2b0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d28fa4f098d3bdbcd458e1c0d2e72d3d761526b931d90158c8f7efd19694c0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5535
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 13a42a506b7ad60a3fdc529516d195d2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 4 KB
4 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/13a42a506b7ad60a3fdc529516d195d2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dd3d4fd4bdc0f57547917c6ceeeb0a3359b93f7edad9be6b55548b8d18c2fe4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4509
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0BA 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPBSRWHRaY_XUNpu4lQfL453IDAAAAAA4AeAEAg&bg=!7-yl7KjNAAZPh4lnb4c7ACkAdvg8WhHM91k6jeHI-Q10XRWCe5pLouBuRrjyeXAhW-USQgKXZJbHTQIAAABjUgAAAAJoAQeZAtjJn2Tdzak2LyIbLFqZAwQV8q8FXO9Yn_8q572ZMZzRIKCjf-ISeImWwo7EcZSdAxYWv0If1ehdR1jwu-kyzLYKLiEboAFE9yu1lkgVQHx1iT4BosUX7564ksNwEjwK8ia8F4tv1JkNFnJK-8Dk-gbR-UF7WDt8AAwfARYlf9fRRisPWFGTl-kxhQdO6KNsfxUDMUzOhNg-YjFzEGsTMxanJBKYAwMrLwbm4EB8eruUd8n0Ye79iZsSOUz8r5rCagBKiJybyFqQEb7HN8sb38J3eP-CbVwnvcFx2qKn0ymAvFBUFL5GAqV0MnaMzB-WvLLHK41XyjJXYFEgb9opX47Yv9gNwKKF_XGQfjo2HTn96eJT8t3Hn_3BZLMbOKdfis1Ncnt6l0NbwZ0YNsWkJuulB9vqyirtGYHUOqh2nNS6MrQgqcebhD3L4lWysehbTWmyA4HJedluireqAWY19r6qZCz8ZI8m6hVWWGhaikKbwL24IKdW199tK6Q4SqUNN8Le6rDvm5Sy3MFcDVWW3QaOkcJFh8j7klipr1IxIXIK8iKKXhoEzQUg2fyIFJG7jNtLlC91EtzO6BpDh5D0Qo6ItqGmWzxL5laeWbz18b1JPwZxwxH4-tgormOzR7Sb0ZtNLEXmU7hNjkQA88P_d0ytk1RpA10cHTsl-exiiGW0GgEejTKVpmBYnEm-IYeqoxPRG6xwbakAv9PHpwvAHAKJxCC6vXvkqxcTD2sJaDRIWOI5Si0gnRaQ5a9BNUGrzvyMLMh-wtAinDTuM7N9mWZCbP1JYqraV_I3_Fn9QcbPUxlw_6G8GV8e2yPBO952bX3R17u7gt7dUedSHUkwD-mB18J5hiuHnGB3uxx883idapaktE0VubB6LBzBFxF4JBD-HOWLmBBD8TW-6Ga2EkLBpPAMq4vflXfaF60xbE_k6Pq8Uo6kJshn2tZ3oPz98AZVy_VxeXcUTw

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A53 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34F5 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMfbIMWQiEla344SkcHPb4RntHlqcGuSxowRhmDZO9mkQ6WTizurKyX_pLjmW67XQPu_hrQ0lKM5s5RuIoQObc6Y07_1gyoUp-7n8rLFtCFigXPpY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 34F5 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 34F5 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 34F5 0
0 127ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrMRBhWJrrwUwj_2_H_dC_lZTF3W15tOIzhxRwospv1ToVqTEPbmaW5XhvZnc6Lk65SDNFtqk-kA-3EtyFEJnjGiYnaA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F5 152 KB
46 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:50 GMT

GET
H3 200 cbf25419e1c4c6fe92de17e8c67d0da2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 45 KB
45 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/cbf25419e1c4c6fe92de17e8c67d0da2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12256ca3c0e58f563c2bc73e385643b31f27c97df02328b35fdc9278353a730

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46263
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 4e5911a3bb5c01515568e20f6349e2b0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 5 KB
5 KB 40ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/4e5911a3bb5c01515568e20f6349e2b0.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d28fa4f098d3bdbcd458e1c0d2e72d3d761526b931d90158c8f7efd19694c0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5535
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 13a42a506b7ad60a3fdc529516d195d2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/ Frame 9022 4 KB
4 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8317031010802430329/Wein-2-Rechteck-v2-Google%20Ads-HTML/media/13a42a506b7ad60a3fdc529516d195d2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dd3d4fd4bdc0f57547917c6ceeeb0a3359b93f7edad9be6b55548b8d18c2fe4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 26 Oct 2022 22:10:37 GMT
x-content-type-options: nosniff
age: 50173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4509
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:10:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 22:10:37 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F8B 640 B
316 B 62ms
61ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 34F5 86 KB
35 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK1_2_oZVj2H86j6e4-j6fg7sdK0o-rrN8y93X4eMsR5O7t0aq4ndfCvnYnoGszwzKmbjZhGDlDUcRV8I-7UeFi1afpg&cry=1&dbm_d=AKAmf-BilWO3oq_1PXPWY1i_-i_6K-IK5WlD8ozUihnlsbM6WVyQ16rSTNcKiXpeesWzL4ssDHhBvBKTznek_t1TxcWz74S8Xgfb5ckq3FSbgiZS7368ET_vqB6KTgPZKrkemDF9QgWS3M74BhhI2CtPyW1wKNSdjiUsfkaaYoI1sfZh8ukl-Pd6rtFM-A33DwMbPZZXX0iy0WPyc-KgHSYoWH68roLufbc_64P6crPl4iCPOCQUKmQhKw1Xpf0cE0ZxNPJh29MDmOe2iQ82IO8mCW7-vXPA4VO28rGXti-eGIxsiS2IE6eSScsVUf_s1_9fCl5v8z5OcEBuek2Ve4-7vl004XZaaXbfLskNvQKphCmv3SJFbQm0jumSonut9nKuI1lMe7LB4bu5iwxDjPQb-oY6SUVUE8aqX10WDfKSorD0X4Qxg3Cc8MC0xVFH8w9jc9efHLc7Dkehw4PvrLvAfSO-YbTsnCUorNgeTVkcEkVwAXJNE_2zkZe4LipacW65gQO5HGNZHl06cleoFFl51sqFD3bCIZ9ARIJjRghf45ViaDaMZ7fMwqBDH-2Lq1ZJd8oUQorS25QE85pwiprOVrTJP_vqBs7AhiYiBo73wGUbhj7Tyx48aXJsqMICYTNz49vyK6SwYcjcxmh55XvctRhHiKtJ6nUuIWh9ObMAPNR2u-Euu4mLtmVFn3ZA1Debq4uGl_p4Q_JZ1PaXZqzIwP7E-KAE_3z1Tq-_5US2KbegWvcHxsbe9HehcF1Lv8tSPvjFLI7wJDDbJ5RnanDawklRYbicCe-KedsnSNkhonjPoKFd6efw2O7M1dAXFvDfrHOyiFE98BpSN3Zqs41fFhk3sNrGTL1Le2yjNtKDCV0dNAiRA0ISNAbNTL27jaTU_OcYPgtp2WHXjfTdTY1rPPOyIF5JyAHMXQLnBzfzc42qPDIMLzMQEz0ScGZor6WL7JXPHR95e9NpeUL4rpdeF7a5b_Dzf3TfXM2ORuE3TP1sijS0l47zMIcVJF2JxAEJQ75lM5Zl72Uv29fePNuLiEc1tBLjr6o57nvoLmi7upPOJdKgivjalTjNaNVN4av8onB1rFF1V_bDP51qskqWDWEhT4YC7ZJEcU7HMkPvgG1eMU_SL3yOoPoRqdr41EFHy4d2ILU5Vem6QjURbarIN5bon8mM5l5CFwhRDL4_GMM1W0WsFgF8paHAlfP0WXVeiPgA1rLgfF8Nhue4P9xO-m05ajrO0YFL1VrZwqFgMyFubjyYhb2SgG9rRLwekCtgnFD7E7twsJWmCx2GS_pndfJwv2OncimaaDz0iOfFhAuDQhSdYAXVw-xdS7wh8RszMZWKU2IiSmK73A3eyVCkqNpgjLn_8AtxT7R1b7YQfT824mf0GfjNHIhl27FepCU16jT7lZr3dgAkmzCy1MFDT-nazOyrSAbqT4hWzweyFY9_oAME47kTTBW3yVhKrTtTBlIlb4D2fv2NJ4RvJd_VGB1vaPmEJPBmWrY4M8wm-Jkt_eIFYTmqHY51XD14KY1Gqd4eyZJPrdIRrmGmIfKZ5AkJvirwMaknp0mkl95rkHnkULuLsZ9kNdIPxOKwqtV6lPahrjDEaUaWjBQmVRbLkpQyYv1dEHdSXpvdV9D9wyJjQ-y9Db7b98lONM9zzMzGNMhFU0ZlDaapp399bNlg5Oc-gRN_A3rPsuzb6ONK8IzK-BNxWTbidLMa2MhCwZSNH_ax-b-KrQV1bi3MNTb9nwmOK2BeTBJGf8Rx9vxVzn-74AEbOOmO6eMk6hDHbIneX4qBM81CGuJzABC6u0yRcZ9KadKu1Bln6PMI9vtyuztFRMNH6IlLJEr4QJaHrO4-rmHgU1bCXdOsxDg0ntbkXZ-HoaQHsoRC7wzpv3uMyRSFOKKnpvWWOpVE-kNn5u93lyeYGQNxshLz6xzkESpGi551c3PfoLLQPxW-rc9sxzPqWx2bFSXifhgqi0o93BMKP9Zjn64OJfE2NiX-T-1O0-G12jjY4AHU-Vt97-kpDeAy_LvFlaYR-5f02QvDr58gN8odLisV2n1-4vJhblWJuNjCqQ5qoFtjVVpAKntzl1KxziFC2U93yNp8lAig3ZUWbacvduJCWpmY77z6gi4JOpQEnHn2l5Xt7ZukHv7kKiKaIbMf9CcX-IwOtTkUOTzQ_MUExZTx3RHGo0dgwxQAovFQ1VRu3dueSknnzkP8K-oCMKsQuOk-lnIDGmgNrJe937spoVxY3nIW0SvYmKJ9jX8lrmkST8Oqzo3a6xl7RBoP051d1BwllIlYcyXrDWz1eETsRwlJOa4YrP1Gn_swpERHyGUlwlcWutBH1CQljIYPcOfzhxiqf1IhWKVrsDOAc_JlmzoWKnbVtI5TqvdPDZyQZNm7Dl8DZxsoz9rjhIacOD2pqJAzLwaTr-OpuPhXLlHnP8IRwm--H-7YIeUku24F1ntBZ6N4OIKGvO-UZxTJdLhVlGwGSIuSVrLovJb4_U5zGI7a_QXpXVcV6SdrliDRLp69mmpQeZyWQ8LEIluWlk9Bvl4SgA1nOYxhG5Tj-jVGYFRl4XmyzkT2wP87vYXMID0dkMOGpTUFiqCpkWPPX9KT3vzznyYAd6cUoG6sGuFbTRh9qhsdMz73ix-10QWA18IWo2ZJrxKnL9_UZc_ptuhiSh1HFwj7AAbXKU3Z6gwUdpfznjzxZ92TUlV3XXdzlLRI-XGOItfzOGgodQ3iUPNy3Pz8kUw3S9p96ECOh6FTfgWTKAXdswn0XIii87SazkEFvcG32DNQRnrrMPZy2W1gqAyDxuig-0gWUN-i7bIYKnFUCBLmEeX7XW11veLAkR_arkgSI037zS-XC1GCiL5LylpVijN2BCtnzSUQU9D6UU3OvOQQT5tZHAzUiL78W8kwf3mgoGz2e0jddjuVE2h4Wro7g2oyK1pPp0j4dLTZpk3zhPugsJBZnhXBH963FMfebbGRDV58YkRSVGvzx0pdFuOcHK9kyVYD8KBZA2c-JuxAnNownbfYRHaeQUGZQo2XBYPcwPRgLFKp9KB5pFKlOajDzrc2ma7VvHZKu1xM6gUHZgGmZdk-wKm1ttRGbhB5Jkn-cfm-zjI0M37wKgEV7RJhuQ8q8CZSoDDiJRArdc-uD2f92Fi0aMUIJaw6roYuRtzmRK4XmQ7zaxhbHF459tSSfI9irkW92r54u1F8LS791b8T9BLX8PbEQ6l4ceuFOCjaWGpJSlI4P0BP32h3rk45UvF4Ife9zWHsUKb9WFYZqBoq0B5vOTtUCXFSJAMmCtXXr3-f5zHy560JCNdMys_MjLFiMf1RSL0MW2J5VCLSxHFuHY19gwnwrH_Dw2RlcwmwkZg3djnLfQ4nnJ2yPdFhsxdeodeFOENoZUxseT6M3x0AJKgAz34QUwoXFqIDJw4SU0sEaChcZVM6KemjNmznrTZ8THHlaSKcJhJQwABqugKUv7X8hyo-pLehRqoAO1y79RWyKauAwNekJLoztEzoBtnYnmEQIH1av3zxJtSaBCCUolFG_hREbcFlowOx7UH_LSBCkdYMMDIU8TFCLPY&cid=CAASJeRoTLKgme93WnpZy0baR_nMDPw5b0kEPxpD282hpXc3w-zgPBI&rfl=1%2Chttps%253A%252F%252Fde.fitnesslifestylehealthclub.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5730cdcc095178914db6abf729a04980c5e2b4137e0126e88b8aa84e6bc2f222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9022 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2F8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDoC-grIfJdiLyyGtZPCebE&google_cver=1

43 B
114 B

342ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDoC-grIfJdiLyyGtZPCebE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDoC-grIfJdiLyyGtZPCebE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2F8B 43 B
304 B 467ms
41ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2F8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEE5XDwiFaGIyrU2hfedfozY&google_cver=1

23 B
172 B

847ms
549ms

Image
image/gif

23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEE5XDwiFaGIyrU2hfedfozY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw
Protocol: H2
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 27 Oct 2022 12:06:51 GMT
pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEE5XDwiFaGIyrU2hfedfozY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2F8B 23 B
172 B 967ms
549ms Image
image/gif 23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYs9SK0gEwAQ&v=APEucNW6fZVR8832Hda5TYsXXipwzuycWP3yFs4ILk4LKNCK3ZoDBi3UsD6XOP4lZz9AzMl9_IaGxx9QM7E5RLy_ZVqaHIh4_jT3gVeXL1qhYJUpU9q3bFlv0-pc-Ts1FhUAwLNdH9Dv9rfa3VH8n6jvnU_284QpUiNzxa90zeUSP8aM7_tXjuw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 27 Oct 2022 12:06:51 GMT
pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 34F5 170 KB
59 KB 110ms
37ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame 34F5 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DK1_2_oZVj2H86j6e4-j6fg7sdK0o-rrN8y93X4eMsR5O7t0aq4ndfCvnYnoGszwzKmbjZhGDlDUcRV8I-7UeFi1afpg&cry=1&dbm_d=AKAmf-BilWO3oq_1PXPWY1i_-i_6K-IK5WlD8ozUihnlsbM6WVyQ16rSTNcKiXpeesWzL4ssDHhBvBKTznek_t1TxcWz74S8Xgfb5ckq3FSbgiZS7368ET_vqB6KTgPZKrkemDF9QgWS3M74BhhI2CtPyW1wKNSdjiUsfkaaYoI1sfZh8ukl-Pd6rtFM-A33DwMbPZZXX0iy0WPyc-KgHSYoWH68roLufbc_64P6crPl4iCPOCQUKmQhKw1Xpf0cE0ZxNPJh29MDmOe2iQ82IO8mCW7-vXPA4VO28rGXti-eGIxsiS2IE6eSScsVUf_s1_9fCl5v8z5OcEBuek2Ve4-7vl004XZaaXbfLskNvQKphCmv3SJFbQm0jumSonut9nKuI1lMe7LB4bu5iwxDjPQb-oY6SUVUE8aqX10WDfKSorD0X4Qxg3Cc8MC0xVFH8w9jc9efHLc7Dkehw4PvrLvAfSO-YbTsnCUorNgeTVkcEkVwAXJNE_2zkZe4LipacW65gQO5HGNZHl06cleoFFl51sqFD3bCIZ9ARIJjRghf45ViaDaMZ7fMwqBDH-2Lq1ZJd8oUQorS25QE85pwiprOVrTJP_vqBs7AhiYiBo73wGUbhj7Tyx48aXJsqMICYTNz49vyK6SwYcjcxmh55XvctRhHiKtJ6nUuIWh9ObMAPNR2u-Euu4mLtmVFn3ZA1Debq4uGl_p4Q_JZ1PaXZqzIwP7E-KAE_3z1Tq-_5US2KbegWvcHxsbe9HehcF1Lv8tSPvjFLI7wJDDbJ5RnanDawklRYbicCe-KedsnSNkhonjPoKFd6efw2O7M1dAXFvDfrHOyiFE98BpSN3Zqs41fFhk3sNrGTL1Le2yjNtKDCV0dNAiRA0ISNAbNTL27jaTU_OcYPgtp2WHXjfTdTY1rPPOyIF5JyAHMXQLnBzfzc42qPDIMLzMQEz0ScGZor6WL7JXPHR95e9NpeUL4rpdeF7a5b_Dzf3TfXM2ORuE3TP1sijS0l47zMIcVJF2JxAEJQ75lM5Zl72Uv29fePNuLiEc1tBLjr6o57nvoLmi7upPOJdKgivjalTjNaNVN4av8onB1rFF1V_bDP51qskqWDWEhT4YC7ZJEcU7HMkPvgG1eMU_SL3yOoPoRqdr41EFHy4d2ILU5Vem6QjURbarIN5bon8mM5l5CFwhRDL4_GMM1W0WsFgF8paHAlfP0WXVeiPgA1rLgfF8Nhue4P9xO-m05ajrO0YFL1VrZwqFgMyFubjyYhb2SgG9rRLwekCtgnFD7E7twsJWmCx2GS_pndfJwv2OncimaaDz0iOfFhAuDQhSdYAXVw-xdS7wh8RszMZWKU2IiSmK73A3eyVCkqNpgjLn_8AtxT7R1b7YQfT824mf0GfjNHIhl27FepCU16jT7lZr3dgAkmzCy1MFDT-nazOyrSAbqT4hWzweyFY9_oAME47kTTBW3yVhKrTtTBlIlb4D2fv2NJ4RvJd_VGB1vaPmEJPBmWrY4M8wm-Jkt_eIFYTmqHY51XD14KY1Gqd4eyZJPrdIRrmGmIfKZ5AkJvirwMaknp0mkl95rkHnkULuLsZ9kNdIPxOKwqtV6lPahrjDEaUaWjBQmVRbLkpQyYv1dEHdSXpvdV9D9wyJjQ-y9Db7b98lONM9zzMzGNMhFU0ZlDaapp399bNlg5Oc-gRN_A3rPsuzb6ONK8IzK-BNxWTbidLMa2MhCwZSNH_ax-b-KrQV1bi3MNTb9nwmOK2BeTBJGf8Rx9vxVzn-74AEbOOmO6eMk6hDHbIneX4qBM81CGuJzABC6u0yRcZ9KadKu1Bln6PMI9vtyuztFRMNH6IlLJEr4QJaHrO4-rmHgU1bCXdOsxDg0ntbkXZ-HoaQHsoRC7wzpv3uMyRSFOKKnpvWWOpVE-kNn5u93lyeYGQNxshLz6xzkESpGi551c3PfoLLQPxW-rc9sxzPqWx2bFSXifhgqi0o93BMKP9Zjn64OJfE2NiX-T-1O0-G12jjY4AHU-Vt97-kpDeAy_LvFlaYR-5f02QvDr58gN8odLisV2n1-4vJhblWJuNjCqQ5qoFtjVVpAKntzl1KxziFC2U93yNp8lAig3ZUWbacvduJCWpmY77z6gi4JOpQEnHn2l5Xt7ZukHv7kKiKaIbMf9CcX-IwOtTkUOTzQ_MUExZTx3RHGo0dgwxQAovFQ1VRu3dueSknnzkP8K-oCMKsQuOk-lnIDGmgNrJe937spoVxY3nIW0SvYmKJ9jX8lrmkST8Oqzo3a6xl7RBoP051d1BwllIlYcyXrDWz1eETsRwlJOa4YrP1Gn_swpERHyGUlwlcWutBH1CQljIYPcOfzhxiqf1IhWKVrsDOAc_JlmzoWKnbVtI5TqvdPDZyQZNm7Dl8DZxsoz9rjhIacOD2pqJAzLwaTr-OpuPhXLlHnP8IRwm--H-7YIeUku24F1ntBZ6N4OIKGvO-UZxTJdLhVlGwGSIuSVrLovJb4_U5zGI7a_QXpXVcV6SdrliDRLp69mmpQeZyWQ8LEIluWlk9Bvl4SgA1nOYxhG5Tj-jVGYFRl4XmyzkT2wP87vYXMID0dkMOGpTUFiqCpkWPPX9KT3vzznyYAd6cUoG6sGuFbTRh9qhsdMz73ix-10QWA18IWo2ZJrxKnL9_UZc_ptuhiSh1HFwj7AAbXKU3Z6gwUdpfznjzxZ92TUlV3XXdzlLRI-XGOItfzOGgodQ3iUPNy3Pz8kUw3S9p96ECOh6FTfgWTKAXdswn0XIii87SazkEFvcG32DNQRnrrMPZy2W1gqAyDxuig-0gWUN-i7bIYKnFUCBLmEeX7XW11veLAkR_arkgSI037zS-XC1GCiL5LylpVijN2BCtnzSUQU9D6UU3OvOQQT5tZHAzUiL78W8kwf3mgoGz2e0jddjuVE2h4Wro7g2oyK1pPp0j4dLTZpk3zhPugsJBZnhXBH963FMfebbGRDV58YkRSVGvzx0pdFuOcHK9kyVYD8KBZA2c-JuxAnNownbfYRHaeQUGZQo2XBYPcwPRgLFKp9KB5pFKlOajDzrc2ma7VvHZKu1xM6gUHZgGmZdk-wKm1ttRGbhB5Jkn-cfm-zjI0M37wKgEV7RJhuQ8q8CZSoDDiJRArdc-uD2f92Fi0aMUIJaw6roYuRtzmRK4XmQ7zaxhbHF459tSSfI9irkW92r54u1F8LS791b8T9BLX8PbEQ6l4ceuFOCjaWGpJSlI4P0BP32h3rk45UvF4Ife9zWHsUKb9WFYZqBoq0B5vOTtUCXFSJAMmCtXXr3-f5zHy560JCNdMys_MjLFiMf1RSL0MW2J5VCLSxHFuHY19gwnwrH_Dw2RlcwmwkZg3djnLfQ4nnJ2yPdFhsxdeodeFOENoZUxseT6M3x0AJKgAz34QUwoXFqIDJw4SU0sEaChcZVM6KemjNmznrTZ8THHlaSKcJhJQwABqugKUv7X8hyo-pLehRqoAO1y79RWyKauAwNekJLoztEzoBtnYnmEQIH1av3zxJtSaBCCUolFG_hREbcFlowOx7UH_LSBCkdYMMDIU8TFCLPY&cid=CAASJeRoTLKgme93WnpZy0baR_nMDPw5b0kEPxpD282hpXc3w-zgPBI&rfl=1%2Chttps%253A%252F%252Fde.fitnesslifestylehealthclub.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 34F5 30 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED8F 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQUd2ojwcsy5IL8sryYGjYJq-BPpYbQ4kql9rLv32rI6W-MEupmkCKpP9lBTUgI86BR-pwSVXYu0ckle1PjutbUpyIC9lvmPn9NenT4jYdgVTYIYE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame ED8F 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame ED8F 17 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ED8F 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVRHiHqf8QTxi-6QrG-LKMK6QYplPpca1sCt1QC9NMDoOzPTruBS_qPAAQU6LY4cFDyRDsnXzPyai27eje5twMWXur1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED8F 152 KB
46 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:50 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2AE3 466 B
301 B 64ms
64ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGM21odMBMAE&v=APEucNXj7yeSwZYFDWL3JJQueTCiO7Td6TkDNkvApG9CzBVzjDfTH6gYX1FiShcPnOeVk-qETlp9JBx2fducp0dkM3Eic1IKpa2O9vNXPh2AKmaooL1z_NEJcYmm7ix7nd2rXnGGBkIC-aKYTIZuatDfmsDUkDry7D58JmHUz6ODs3LUvfTouKY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ED8F 87 KB
35 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDxpvlI6lPkdADFoe2DUJYdCJyHH3akxlI0F37H6Pu6-mUYrnrIE6--sO9Lz5Gt9zFZHFrgzjJMrLuJ5yjN7Rqa0nFkBg8JpCJk44Skv75MH_Yd3G573gyJDuNkI5NlbVqzATngWeRQg5dEg0xXwsDZZfRDs75XXKFv1sVu1HoB3fSivA&dbm_d=AKAmf-A9juaHTijrQtM75n23q7VsLvC0_t2n_4J6BpfuVE3UCc96kSKB-RmB_6C87efKIHx77KnzpPLMEC_HZvqqx_RYF0llJcS-FIqqLFG4yyLfBUFZGDh0KHyxdlBFe71Y3TsXC1VyEyh_rXRndjPVj7Ezv6Y0KrjDnR-m8UvhKpzRSLXidfcR6mn8beXIdXeHy_gTRVG1sYtQHzuZn2TwPHHt6gwWr01J9CKw2EIFkXjwghuzlfN3zWPJxnvEWJRkMienPlh5ks80CsceD2jLakQ4L-vfzjs1a1375vtq5ZGoV3XsruNBrNC9Sn_hxeW5rQDr25Uu8s3F67gdctkq3TSRcZLWh3ysztAGEiPTWySZJBw8JAz7NngZVyRreRjmtJfVxvveDtV6GW_K4r_OQCWjn6cT7nlXidskl5JuTNIYg6mdAl2kVzWgCe20SpvtYHnBs6yNQyGaMbGBvFAY-fGJ8vCw0hlWqFbSsxVB5uyibV1YKwkTbQF-Jh7rLpec6pCk-CuprRGli6a1ZPaAniLOKoYIU1REdrfrSTtPU275NAk2iK8VL-l4O0LISkG-f1P-H7lTTFZjZAfefjtiMLqmgfHi1pboHeofLqsxaB9i_Nwc7oUSiir8i0YMCmV5SQGCAhVX4a4dgsMZGMYkPufct4sRp7dFoGZriGzd_OIKDR58a6pczRGHHKRsdVxa_prz8NAj2yjKZiiW73UcWqZKQ440lwfTmeQUuUSsAm1sX16z4uPT7FcGevapgNW5QyXNor57S448fEzU8nRoGidFBVbCTWMbN4ubQ67IrV6vLQvaRZYF4uEZJChWUmdvcCAyCNFGghzSO-WrVhY-5bnkvXdu0FqMhq5u1HBBy8Yo0kzFm7YQBmCDUFMbtFx5WFB3t7pW-X_ZK7zKi1w0THn2758oJKyFRznH3-v8V164zIQyEOnB5g5djsLE5xeLkoh4tKCqz-UcNSpPlX3_4nwvRjVwFHcBjgDD6e4o51OC0qkCQaacB8atE0057FmQCTI5AWfX6dMRIC1hknHd8M2iKdHdD8uveKtlTB1zzQQHvGCsZQzdEyGxypqc6m60LdwNzwokUMWYgFkTXm7IEFQqeyj4ihuhEDdjKBsFIvW7x_EronzSW9uoF925zvyHWxeeayvm9Bh_hsEPWlzo-zLnJpHSE_Kr1P9zKosomA9LT0gj1guw6Yf2awlxzpQ4cfMkZinv3YqDwlz9xuhmX6NzqA3WF7vKlTf8QlRH0kqvc6znIa1oK6z8Kwsj92C5zb0wUQXqfG1F590d0b8vJMAinfydfZ5H_bmbOjXJE5jFsXGCjyqyeMqdbWxntU3RF7uY9zHyd6FeuP8xzEvfMBnuUEmdedjk3WYdhXzmg7V6SDJplrw6iAH2cuIp5zKmFJJA3D0TLnO3vYyhaCz5FBcJS2HBr2AqtlT5JjxYwfHGTSnXw0H_z0yQXczJRNe34K0oMFRYYV8h2Vq6bi3mkJGsqRrPGUDVeS8-q5m1wqpwy9Q7rcMsPKpFIMuz51TZH67PEAiDFpwBc-C7RBFC_npOYwyLTtuHsb0OD_B5qhu6lxQtjd8t1XT1EpVbEMFB3t7ByYbYDgrIthtm-_lepDgHVhkPohLicI8RUDSNbme-9CxCiFlsX1G6Ti6WlJDAMc602lxdF0OEkvI8sghvbYkpNvoohhU5vMiJ3e4WUUy3j6PrLHkImeyYFKu-jVfdMldzT78M2h1yxWLsbc8OjCdnftLARmv8XYzFSPDkoswxKhTqPXM3FI93BSvPlJr10PR31pcFNhsMWL89iBXbF8XSBz_NeueksYSfknC9N_PdhUPCw0lpk3SGgOXCOu7WqvcTEVT9AER_Wd727W1T_n-mYa10AhV4_zeLOnsKf0xagY-jYNvYmCsa5kx4unEnoJ3lm5hZFp9XghEsBfhnXKSMQlV40YEjhA91GUVPnpdpwWmFXgaZriqSk0_BwgSazPpcdt_wsiOlMz4h7g1P7Vd4dAy8UDUr3mpy_MWhV8-uZJvYzsgCW1zz5fZDwBSvu9ZQW04ZYAfKflnB2mGRTIZUho6jEKvRgagzbK6nvayG1PQqnuWd_PD1RFL4KDulT_BEwIpycQYvzl0xcAEblzUu9MBD95O3wBntZxRwrX0EQEkaSZ4l-O4ujWhvtORl5jprAGymcabS9kb4YLHgzF4c1-0l1JzbfRbTbhM9sbaNtp09BM84BhL5cr8wNkm90afaivFFcbCM35UFnneILyzJV343RN9IkAO8eLH0WC-xY5zAxOkK7ar46Ge1ODTBr7QWd0fGoSW-Gl5w4Zc5QGNLIZPBdIN05dEobXjP-SQ-oCvQuslp__GghCyMzA2tDzmVk7gZvGG7B4grWF7Xx8EPbVVf7GvQipfQa1UBr1cfq_HhZ4FU_YIl1Y6FLEAanV7mh9-JOcZspNmysv40tVZeuDf9za-o8LmegDZlQRXIFwZRqfX65-bRQ0zThDJli__S9nPSDwO5LaiF8ioZT6Iw8SBVaAq8mEdoZYAfzxgg9L3W9HbfEgbHD-Mvfi3iFTy4FXcJFE0dQ5k_DfZk5W3Vg3eKhIgYeuFJNVLGxusCVqxsM_ENr-rBBrh1QfpvPnG-pvaOVuqF6ooD06YKvGOobFLqBOlBe-zKaSRRJuDeXXbhWHO8Eg6v41Fl85CgqLkmEffsPTkmYhgRQwMCp2OAVHLv8Qko_wCZqsk6EIt0jsGGBTmHbo5GwodaOnlTSEjl1iSJB7-Za-EpE1MeelvWaHxWBmdDLeZ9nUF7j7PhPIaZEz7juExYdI8PyNwhjqj5AGBpAI2Qp9rxOuHa1lvvjcBtDa9Sy8qgJTCK1p2xgGaPMYYlI2c13qGMIWj6QIQUXrgwyVic1CYVG71CeuG1EuhTqbtQKDFAoKhzaCnv3bBy2wmuHeD6i3GCBm5DfC14U77haXPWAUdDijKT4IXS_iyM4yfEaT3C8pvehLL72bHvHebo9aAfbjUopRX1f1oy9vFKfKqfaFxDd2fXPxucbo0DX3DTGzoV5J7HTlXjZm9BdwkCUp4PTdzrNnSCRRxb00cTupCJ8xfqLThLO6wMtMdiAMd3QkHSWBXaLotr0Bj8qDM866M4VdK8R1LOR8YlhnnQooZyrWxkkzPknbaOrKKaLo8y5iTFZhrAG5WtcBJbumsgKBSpTArzNbdJjal21aguUUMYonWNH-aZcPwFjzUjPdypSYoAThxkBdN3_j22nlswPgJC3YhOegyocXblQfjjHgNuAUbKiNGJyeCTBCi8IsATq9tN_UdaBNczb7NN71DlT0TkUhFMhTIlAWKbu1DYcnHpJeUwoGdWBWddoUOvJGejeh5jPoEOVaZ-qUuT2BU&cid=CAASJeRoCBoXuE-MGURM8xVCLLDgEs1HT2QTeQ3vXGbc8I6Sr_G5oko&rfl=1%2Chttps%253A%252F%252Fde.fitnesslifestylehealthclub.com%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d33e3e0fbf419aa5f85ffe52126f141ab9e7996bde90b1eb26b7997aaf376f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A94 42 B
64 B 146ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5mvZAAOfbqg0v59aIVBQ7bBJtWsVLnEPqk8PaxNcbt55ykB0IMrVMDYZyL0_2SkVE9AlDXfW3Zxw4J6JYn56Bq5Av951yBjA9Yw1d_U2vuOsoZOsNbTcuEyVdpxH8YfuryB0rDg&sai=AMfl-YRlExhjqbs2lI81Agh9RJLtJ4WkRI9ycClgKXhHeQT3lBG1R4V8OQJDVLjs6NswVp1O3GKNMtJNyngrT4k&sig=Cg0ArKJSzOgwa0isvlIWEAE&cid=CAASBORodKU&id=lidar2&mcvt=1011&p=0,0,250,300&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1558319062&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666872408794&rpt=922&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/ Frame 0AD5 17 KB
5 KB 125ms
45ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7f0c112a1bb4c4d60b5b3ddc5a79667bac560b1614d29d7476b5b52790a3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
expires: Fri, 27 Oct 2023 12:06:50 GMT
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34F5 0
27 B 76ms
76ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkcvkelHzNuxnyP9CYlc1AYpbOvD41Y8iY-7d_qEoFnsNQmEDzWkMLdPXonGMiZF9eT9w_WO01oT6j-67okpPX4Tm4XcVSRZaIS_gBC4O3thgSzplYH1obWqJjITsbso5BO14XmXcz1hxINCEoT3n2NRdxGtrn7VJsUMTN_PSyZeHLaGLfiGvj-22SBty_Sh4AAJ-dPk-S-4NH5olAeJ2fEB1SQazpN572qKsC4lNdrBsq4kP5iokNtswA8tgRHVDgQlcR2oplhm2GnY6YZX2SDrYEsAS1tPx-Hf_l4LP7B-Ttx5w_ei2nmzfeQusjLlDAU_DXPyevBjarSyrpZ4G-06kM5r4MoGkbXI4IE9ZD90aiF-nrTxTCxSS41aprJ8P4iGWW5SFAYEXn_PdK3SwOLp8ADOLf4TXpx7t5vuoV-lVfxptTK1VBA-TwPBpDuOhJNAWTizeezc0S_7RNxdkwafOjOrdRrvIqmtP264N1aAyPoPJMZrL5_Miju3H7uvcCCqWFygefyqOgJk4fidWPlg2Iqj6DVdPre13asUz2cOEu2aQzQN_AWSAVzwn9OA7L2JervHWJH8tAGCp15MDtIbMjxL_CKSRgWHvsNb00l4dM3Fh1xNtzNsQ4sY3OaJQWESoKol-4BCLhOzTjR7BfqwlLRyyCE_93sBCmFn3lhsaFTs6WqNIUfXRBQ9-mYIK1NBrddMJY2NoDZA3xePQidSdQWXDwnmWcsQHh1i1KdGq5cFfruzJg3nvjuxXlC46Ltsi3__IosroBbp-qw1R8XaCzCKhWM5GZpKQRUzuY2aaB3Po_Z3-dbynL6pfZwgr2gYRz4dbztV73rSlgSFUHjQkg8x83dZlPO69aenT7d2cuTCnkKV8RcloeCNKp1SLtCXpV6GffSXEHpgjJGEafmmJNF461fJGK_Wo5qOJtqshPBMqylBhYOqqBgE_w6hh3kgWebRrFughQo83FGWV2UfpsVKTziu_jRBXRz7-ILiMSeq5D7GCArDxnZGSCku0Poi4at7mccTj6mMpzTBWnUgefbZxzU2sebPFkq8xBto_h4CpKocGlz2T4EwQ9OnzKOgi5iV6lcIbpI9-0-LVBiFjQn4FsKRVU2d0LN3EuySVSaVBuGCPG6o0lmhemJuKAwEOxZVPehTjdUZf_LT-IYj3DV9Y-k6WAKX3Wkz8CfRJxMBTOry1Yt51LLNwyzd16drL1pxTqB4EykOb2tns8R4jOclcOQ8XPRuROPSNq0WcfjzQXHW6dJtikxd8Hfg1ph1u4R5QIOgDXltK5Fgt0HwYnlK5LB_XsbKejK6zz0xZKAWfyvL4lZarLHmusltmBJYsrlDen_Bi06k-5iW8IV-BJwOOeUTWg308&sai=AMfl-YRWyo2W9I4g_OLJga6KR1HSBhYWaljDxls_MaxrHf7R-Xm8nqMw8LbdDrxGBBGCCDsqDg8FZrPsiuvSaJOSYo_yOa6PQgTbW1ySNLc608c5CZNCVPvfp_ZElqIOExpyq0nqVz1tVSp_h5xl5wbD4C2Mya7TDAGwOCjjDPCM7pTwGTLSNyO0LxHb1zm9B2HOiYS31_FVEjWKlvREYHJKVprrK2gGbA&sig=Cg0ArKJSzMp-43ob8PTIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=451&cbvp=1&cstd=446&cisv=r20221025.78367&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&adurl=

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

firstevent
samsung-germany.demdex.net/ Frame 34F5
Redirect Chain

https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084

42 B
966 B

35ms
34ms

Image
image/gif

3.250.251.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084

Requested by

Protocol

HTTP/1.1

Server

3.250.251.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-250-251-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-0d06541aa.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: CPpvKt/BRNg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v044-0f3529585.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XqvkoQchTaY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=176782985&d_adgroup=23233&d_placement=344833720&d_campaign=28462340&d_cb=1523824084
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 tman.cgi
pfa.levexis.com/samsungde/ Frame 34F5 42 B
532 B 160ms
109ms Image
image/gif 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pfa.levexis.com/samsungde/tman.cgi?tmad=i&tmcampid=8&tmplaceref=344833720&tmclickref=176782985&tmtag=image&rand=1523824084
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
x-aes-version: 1.0
server: nginx
content-type: image/gif
p3p: CP="ALL DSP DEVa TAIa OUR IND UNI"
cache-control: no-cache, no-store, must-revalidate
x-ens-event-id: 7dcaa33b-ab40-4e73-abcf-2cd2697e234a
x-offsite-uuid: 11dd2e06-6f10-4375-873a-02ca02cb6a74
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 34F5 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 12:03:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F599 1 KB
643 B 42ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 34F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c022e8aba3e1aef37259ac56892a5bb4d5e17d208218301cfffcf7b583d6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2AE3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1&__user_check__=1&sync_id=d6e02ffe-55ef-11ed-866b-11482f420406

43 B
548 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1&__user_check__=1&sync_id=d6e02ffe-55ef-11ed-866b-11482f420406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGM21odMBMAE&v=APEucNXj7yeSwZYFDWL3JJQueTCiO7Td6TkDNkvApG9CzBVzjDfTH6gYX1FiShcPnOeVk-qETlp9JBx2fducp0dkM3Eic1IKpa2O9vNXPh2AKmaooL1z_NEJcYmm7ix7nd2rXnGGBkIC-aKYTIZuatDfmsDUkDry7D58JmHUz6ODs3LUvfTouKY
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 12:06:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 27 Oct 2022 12:06:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEHvLhRbzYuOrrOIWnKmmPYo&google_cver=1&__user_check__=1&sync_id=d6e02ffe-55ef-11ed-866b-11482f420406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 102
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE3
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDZkZGM2OGUtNTVlZi0xMWVkLTkzZjktMWQwYTBkOTAwNDA2

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDZkZGM2OGUtNTVlZi0xMWVkLTkzZjktMWQwYTBkOTAwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELSxlNgCGM21odMBMAE&v=APEucNXj7yeSwZYFDWL3JJQueTCiO7Td6TkDNkvApG9CzBVzjDfTH6gYX1FiShcPnOeVk-qETlp9JBx2fducp0dkM3Eic1IKpa2O9vNXPh2AKmaooL1z_NEJcYmm7ix7nd2rXnGGBkIC-aKYTIZuatDfmsDUkDry7D58JmHUz6ODs3LUvfTouKY

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Oct 2022 12:06:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDZkZGM2OGUtNTVlZi0xMWVkLTkzZjktMWQwYTBkOTAwNDA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AE3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1SVHZkOGY5RTJ1R3J6aDR6Nk5XdUJBc3Y1dUJuR2laV35B

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1SVHZkOGY5RTJ1R3J6aDR6Nk5XdUJBc3Y1dUJuR2laV35B

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1SVHZkOGY5RTJ1R3J6aDR6Nk5XdUJBc3Y1dUJuR2laV35B
date: Thu, 27 Oct 2022 12:06:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 590B 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame F599 35 B
464 B 43ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5hDbpPKJXlt3l4RTPyo6Y&google_cver=1&google_push=AZmPxg-oGjJCvqWy9bfPSMAtJoFJvh7tUNEZMaoIglVxbDxv3IlChJQsVWlPvIiMsKlAn37WZtCql5mrHIDHCm0UYtEQaCN5JRw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F599
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEL-iC1dxUB7VEBVh4sr4FPs&google_cver=1&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8&google_hm=Q0FFU0VMLWlDMWR4VUI3Vk...

170 B
188 B

50ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8&google_hm=Q0FFU0VMLWlDMWR4VUI3VkVCVmg0c3I0RlBz

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 12:06:50 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9wc9sbWjAQ54OSlBFIrlKji8B4-wizw7I70CGOqmSc6_0GPSk1YT6U3hcJIU08vIIIq8e8iDTPhDQsY5pq7axlmK9I_S8&google_hm=Q0FFU0VMLWlDMWR4VUI3VkVCVmg0c3I0RlBz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F599
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg999yYF...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg999yYF...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcxMjA2NTEwMDAzNzczODE1MDE0NA%3D%3D&google_push=AZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPun...

170 B
188 B

50ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcxMjA2NTEwMDAzNzczODE1MDE0NA%3D%3D&google_push=AZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPunc14wJh9ZSvfVKasm-SgBGu6Q2MOQc

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjcxMjA2NTEwMDAzNzczODE1MDE0NA%3D%3D&google_push=AZmPxg999yYFs_idvbv6DULE7Tq9rREVsw7gXv_4O-qmHNFfz4Puk9oBHwNixPFTNdfPunc14wJh9ZSvfVKasm-SgBGu6Q2MOQc
pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 27 Oct 2022 12:06:51 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F599 43 B
350 B 114ms
39ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKP08RoG0BiCLWGpIyYFFlw&google_cver=1&google_push=AZmPxg_-aOkKM0WJMo5MaLOhqYvI1__J5WsjPahdk62cSU82GeD8653n8edFz8g_08qpa9WxANdDIzJSyWaDnHBU92axtSLxFMA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=1787702786&pi=t.aa~a.2169922776~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=1&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0%2C300x600&nras=3&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=dD3RraFS0g&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 196raef7edte325784khto5uubenedls

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F599
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-PZujnGrKOiW-dHAj4u7FUw9g5zaph2H6nnmSdDkkj3OsGVX-BIsdILwGkybPxJUFF3aBqXB55io8P8MJWGe0-1KBpviM

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-PZujnGrKOiW-dHAj4u7FUw9g5zaph2H6nnmSdDkkj3OsGVX-BIsdILwGkybPxJUFF3aBqXB55io8P8MJWGe0-1KBpviM
date: Thu, 27 Oct 2022 12:06:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F599
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuyP1eqjdXdSi1cRoxZLZg&google_cver=1&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUDctMjctRlZXTQ==&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7xy7jg5_POgjDlt9plMv_pZOU

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUDctMjctRlZXTQ==&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7xy7jg5_POgjDlt9plMv_pZOU

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUDctMjctRlZXTQ==&google_push=AZmPxg9OT_ApDM5WfGl4uSQSQ07g4zewRs-GDNhOyIaMDBIs-o6QxrOnPGbTiRVqocCEE1qmib7xy7jg5_POgjDlt9plMv_pZOU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F599
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg81Xa8ibreiVw8x9lkmPB1Jqpqp2MtR6...

170 B
188 B

50ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg81Xa8ibreiVw8x9lkmPB1Jqpqp2MtR69F38p7V1fVqa1VHeLvD84vyIi7VsMn7hQ4OnZjYNjm-Qdlsy_SiQm3_HK7hKUk

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg81Xa8ibreiVw8x9lkmPB1Jqpqp2MtR69F38p7V1fVqa1VHeLvD84vyIi7VsMn7hQ4OnZjYNjm-Qdlsy_SiQm3_HK7hKUk
cache-control: no-cache
cf-ray: 760b4ed7eb65bba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F599 0
12 B 54ms
53ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kbrp0h7idYgmuHnBqIvgKRbJ2d5lTJftRotTFX1inIoXe0LgxNNFFLl2pp2v3WXag9_l61

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame ED8F 170 KB
59 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/ Frame ED8F 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDxpvlI6lPkdADFoe2DUJYdCJyHH3akxlI0F37H6Pu6-mUYrnrIE6--sO9Lz5Gt9zFZHFrgzjJMrLuJ5yjN7Rqa0nFkBg8JpCJk44Skv75MH_Yd3G573gyJDuNkI5NlbVqzATngWeRQg5dEg0xXwsDZZfRDs75XXKFv1sVu1HoB3fSivA&dbm_d=AKAmf-A9juaHTijrQtM75n23q7VsLvC0_t2n_4J6BpfuVE3UCc96kSKB-RmB_6C87efKIHx77KnzpPLMEC_HZvqqx_RYF0llJcS-FIqqLFG4yyLfBUFZGDh0KHyxdlBFe71Y3TsXC1VyEyh_rXRndjPVj7Ezv6Y0KrjDnR-m8UvhKpzRSLXidfcR6mn8beXIdXeHy_gTRVG1sYtQHzuZn2TwPHHt6gwWr01J9CKw2EIFkXjwghuzlfN3zWPJxnvEWJRkMienPlh5ks80CsceD2jLakQ4L-vfzjs1a1375vtq5ZGoV3XsruNBrNC9Sn_hxeW5rQDr25Uu8s3F67gdctkq3TSRcZLWh3ysztAGEiPTWySZJBw8JAz7NngZVyRreRjmtJfVxvveDtV6GW_K4r_OQCWjn6cT7nlXidskl5JuTNIYg6mdAl2kVzWgCe20SpvtYHnBs6yNQyGaMbGBvFAY-fGJ8vCw0hlWqFbSsxVB5uyibV1YKwkTbQF-Jh7rLpec6pCk-CuprRGli6a1ZPaAniLOKoYIU1REdrfrSTtPU275NAk2iK8VL-l4O0LISkG-f1P-H7lTTFZjZAfefjtiMLqmgfHi1pboHeofLqsxaB9i_Nwc7oUSiir8i0YMCmV5SQGCAhVX4a4dgsMZGMYkPufct4sRp7dFoGZriGzd_OIKDR58a6pczRGHHKRsdVxa_prz8NAj2yjKZiiW73UcWqZKQ440lwfTmeQUuUSsAm1sX16z4uPT7FcGevapgNW5QyXNor57S448fEzU8nRoGidFBVbCTWMbN4ubQ67IrV6vLQvaRZYF4uEZJChWUmdvcCAyCNFGghzSO-WrVhY-5bnkvXdu0FqMhq5u1HBBy8Yo0kzFm7YQBmCDUFMbtFx5WFB3t7pW-X_ZK7zKi1w0THn2758oJKyFRznH3-v8V164zIQyEOnB5g5djsLE5xeLkoh4tKCqz-UcNSpPlX3_4nwvRjVwFHcBjgDD6e4o51OC0qkCQaacB8atE0057FmQCTI5AWfX6dMRIC1hknHd8M2iKdHdD8uveKtlTB1zzQQHvGCsZQzdEyGxypqc6m60LdwNzwokUMWYgFkTXm7IEFQqeyj4ihuhEDdjKBsFIvW7x_EronzSW9uoF925zvyHWxeeayvm9Bh_hsEPWlzo-zLnJpHSE_Kr1P9zKosomA9LT0gj1guw6Yf2awlxzpQ4cfMkZinv3YqDwlz9xuhmX6NzqA3WF7vKlTf8QlRH0kqvc6znIa1oK6z8Kwsj92C5zb0wUQXqfG1F590d0b8vJMAinfydfZ5H_bmbOjXJE5jFsXGCjyqyeMqdbWxntU3RF7uY9zHyd6FeuP8xzEvfMBnuUEmdedjk3WYdhXzmg7V6SDJplrw6iAH2cuIp5zKmFJJA3D0TLnO3vYyhaCz5FBcJS2HBr2AqtlT5JjxYwfHGTSnXw0H_z0yQXczJRNe34K0oMFRYYV8h2Vq6bi3mkJGsqRrPGUDVeS8-q5m1wqpwy9Q7rcMsPKpFIMuz51TZH67PEAiDFpwBc-C7RBFC_npOYwyLTtuHsb0OD_B5qhu6lxQtjd8t1XT1EpVbEMFB3t7ByYbYDgrIthtm-_lepDgHVhkPohLicI8RUDSNbme-9CxCiFlsX1G6Ti6WlJDAMc602lxdF0OEkvI8sghvbYkpNvoohhU5vMiJ3e4WUUy3j6PrLHkImeyYFKu-jVfdMldzT78M2h1yxWLsbc8OjCdnftLARmv8XYzFSPDkoswxKhTqPXM3FI93BSvPlJr10PR31pcFNhsMWL89iBXbF8XSBz_NeueksYSfknC9N_PdhUPCw0lpk3SGgOXCOu7WqvcTEVT9AER_Wd727W1T_n-mYa10AhV4_zeLOnsKf0xagY-jYNvYmCsa5kx4unEnoJ3lm5hZFp9XghEsBfhnXKSMQlV40YEjhA91GUVPnpdpwWmFXgaZriqSk0_BwgSazPpcdt_wsiOlMz4h7g1P7Vd4dAy8UDUr3mpy_MWhV8-uZJvYzsgCW1zz5fZDwBSvu9ZQW04ZYAfKflnB2mGRTIZUho6jEKvRgagzbK6nvayG1PQqnuWd_PD1RFL4KDulT_BEwIpycQYvzl0xcAEblzUu9MBD95O3wBntZxRwrX0EQEkaSZ4l-O4ujWhvtORl5jprAGymcabS9kb4YLHgzF4c1-0l1JzbfRbTbhM9sbaNtp09BM84BhL5cr8wNkm90afaivFFcbCM35UFnneILyzJV343RN9IkAO8eLH0WC-xY5zAxOkK7ar46Ge1ODTBr7QWd0fGoSW-Gl5w4Zc5QGNLIZPBdIN05dEobXjP-SQ-oCvQuslp__GghCyMzA2tDzmVk7gZvGG7B4grWF7Xx8EPbVVf7GvQipfQa1UBr1cfq_HhZ4FU_YIl1Y6FLEAanV7mh9-JOcZspNmysv40tVZeuDf9za-o8LmegDZlQRXIFwZRqfX65-bRQ0zThDJli__S9nPSDwO5LaiF8ioZT6Iw8SBVaAq8mEdoZYAfzxgg9L3W9HbfEgbHD-Mvfi3iFTy4FXcJFE0dQ5k_DfZk5W3Vg3eKhIgYeuFJNVLGxusCVqxsM_ENr-rBBrh1QfpvPnG-pvaOVuqF6ooD06YKvGOobFLqBOlBe-zKaSRRJuDeXXbhWHO8Eg6v41Fl85CgqLkmEffsPTkmYhgRQwMCp2OAVHLv8Qko_wCZqsk6EIt0jsGGBTmHbo5GwodaOnlTSEjl1iSJB7-Za-EpE1MeelvWaHxWBmdDLeZ9nUF7j7PhPIaZEz7juExYdI8PyNwhjqj5AGBpAI2Qp9rxOuHa1lvvjcBtDa9Sy8qgJTCK1p2xgGaPMYYlI2c13qGMIWj6QIQUXrgwyVic1CYVG71CeuG1EuhTqbtQKDFAoKhzaCnv3bBy2wmuHeD6i3GCBm5DfC14U77haXPWAUdDijKT4IXS_iyM4yfEaT3C8pvehLL72bHvHebo9aAfbjUopRX1f1oy9vFKfKqfaFxDd2fXPxucbo0DX3DTGzoV5J7HTlXjZm9BdwkCUp4PTdzrNnSCRRxb00cTupCJ8xfqLThLO6wMtMdiAMd3QkHSWBXaLotr0Bj8qDM866M4VdK8R1LOR8YlhnnQooZyrWxkkzPknbaOrKKaLo8y5iTFZhrAG5WtcBJbumsgKBSpTArzNbdJjal21aguUUMYonWNH-aZcPwFjzUjPdypSYoAThxkBdN3_j22nlswPgJC3YhOegyocXblQfjjHgNuAUbKiNGJyeCTBCi8IsATq9tN_UdaBNczb7NN71DlT0TkUhFMhTIlAWKbu1DYcnHpJeUwoGdWBWddoUOvJGejeh5jPoEOVaZ-qUuT2BU&cid=CAASJeRoCBoXuE-MGURM8xVCLLDgEs1HT2QTeQ3vXGbc8I6Sr_G5oko&rfl=1%2Chttps%253A%252F%252Fde.fitnesslifestylehealthclub.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame ED8F 30 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:47:30 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame 590B 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0AD5 118 KB
40 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 17:25:10 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 91 B
118 B 63ms
63ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e3d8487c0d4c22d90fe6add3df2b97a9c07915dcc23cbe404c682476bee3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:00 GMT
x-content-type-options: nosniff
age: 40910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:00 GMT

GET
H3 200 img-product-0.jpg
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 65 KB
65 KB 83ms
82ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/img-product-0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c9ecf26c2c3bba94a8ac2373220c0a64fe6900efe5aaa2634e6a6150d3c002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:00 GMT
x-content-type-options: nosniff
age: 40910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66583
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:00 GMT

GET
H3 200 tf-0-0.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 4 KB
4 KB 92ms
87ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-0-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1aa528b8de11ab7d3c4a1a201269f8465e969708e86d306a3a7a39aeba2a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:00 GMT
x-content-type-options: nosniff
age: 40910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4365
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:00 GMT

GET
H3 200 tf-1-0.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 101ms
97ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-1-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27c0ddacc4323dcae02f52a0b6fe48a9c7c1072ef72a8901492a4c97ebfd1289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:00 GMT
x-content-type-options: nosniff
age: 40910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:00 GMT

GET
H3 200 tf-1-1.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 100ms
96ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-1-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d4a33bec96153a6170c2d48b6d4e84b47ce80fd0101a05d55b47537d7e6c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:03:25 GMT
x-content-type-options: nosniff
age: 309805
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1667
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 Oct 2023 22:03:25 GMT

GET
H3 200 tf-1-2.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 100ms
96ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-1-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd433a426b39e9b8ac7acf84fba2e7e69a64679c5cfe9dc6287785b28ef6f214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1603
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-2-0.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 98ms
94ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-2-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5569ec74ecb1fbf17e57fe57b378b791f2875b23afe1ae70bf5e2acdeb8790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:03:25 GMT
x-content-type-options: nosniff
age: 309805
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 Oct 2023 22:03:25 GMT

GET
H3 200 tf-2-1.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 98ms
95ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-2-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0972516ead3726832f6d3e7ae8b32bce4bee9ae09406fcd9a839d8ce5ea8784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-2-2.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 3 KB
3 KB 100ms
96ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-2-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a05005eb6bf8faf0b97e6c2881eb6a926930bd333564721870a6e362df7dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3018
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-2-3.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 97ms
94ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-2-3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5704f8e5b0ca8532750448eba3ef9d0561665e2e71a5fbffbecbfb29011125a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-2-4.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 96ms
93ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-2-4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68f94cec0e431ff814dc747f16269617dc7435bdbdce7c030acea5e9a1e71a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2385
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 img-logo-bottom.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 3 KB
3 KB 93ms
89ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/img-logo-bottom.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c05d22d3bcc3ad199772fb322a4a25c589f0fb746c4246a6daefba3e1c49071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3120
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-disc-0.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 7 KB
7 KB 93ms
90ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-disc-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb423cad4390d71e68fef7b5681cfe0e462d53afa40292e66bfec3e6ecc6dab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6717
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tf-disc-1.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 3 KB
3 KB 100ms
97ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/tf-disc-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b3b2ca052893eab05f61f598904d64b88c10531688e39907189642db2a2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2905
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 img-cta.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 100ms
97ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/img-cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde6aa43fcb7143a519d9e4c6fd9ef70b04eafc041a0a4ecd4d4ccf0a7512220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2517
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
2 KB 101ms
98ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1bfe73d413d5d94033f9a17335003b843bdc912990ffbc1f145b1944f3eff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:01 GMT
x-content-type-options: nosniff
age: 40909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2411
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:01 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0AD5 113 KB
39 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 12:06:50 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/ Frame 0AD5 2 KB
1 KB 38ms
36ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10971642505339989098/1661341648688/index.html?e=69&leftOffset=0&topOffset=0&c=aMT3iJEvPe&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 11:48:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 27 Oct 2023 00:45:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ED8F 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Oct 2023 12:03:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4742 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ED8F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 695806633a240f960e1494fc87d9554059e3704454bffa0467215acd572536f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 durly.js Show response
c.betrad.com/ Frame ED8F 4 KB
2 KB 110ms
9ms Script
application/x-javascript 23.67.130.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.betrad.com/durly.js?;ad_wxh=300x600;coid=1783;nid=9627;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.130.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-130-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 20:22:56 GMT
server: AkamaiNetStorage
etag: "5e1b47a064619e731abffc27f0b21f4e:1665087776.418884"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1606

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/762848500367691081/ Frame E945 10 KB
3 KB 45ms
45ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b4adf9076d82c73df20bd690a89d26513b027ad6196a38506c009041f3a568d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2670
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:50 GMT
expires: Fri, 27 Oct 2023 12:06:50 GMT
last-modified: Wed, 28 Sep 2022 14:50:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ED8F 0
27 B 73ms
73ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst67fn7aYe_Ac-jjUIKccJy-4ldovDLmjiQVpR-7O3x4tmexMwNLYggE8uaCGIgM3TzFLxxdSkQSNEoPocatbX-WqZ6JNBc5-AoFhRLORNyhWAb96ijiqw2xDeBA1vuOYLs4SWrhPww_bf7iOq-LETTQ7orWUR2JkBgTl2B0mx1H2OVbyARlLcgWPleYWJw1NF8_HMt5av9_He26NXmx6ILWkeAinn8RmihvE7AdbOCa3gy1u4sN3DcuRNvEjv-B8wnhSKIlezbqBe9SuJVQblxsjDQT8GfwtYGS8QjZAqh2Ebqqzf0TcJXk0N54wGweQhI-IuKi_F2HSO5xcnVG4mW_WI7JbMzJdQpGEuguHH0_qT33Vef1YJobuqqrHwvX93JXDOGB-cADJtfl5bEYbSkAhmJXv4e_zccRF0luq4w1KIQIDTwfVcAhvVL-BhsfkTjTIhZngNgcO61P0UvaB5AeuDtvK0huqp9Rlgzzd09gGGlzUrE9D9ynJaK6T0EgcX57ROtgCBJbglbOYvzP0YWAEm39DfKMrE3tNl1uYH-dKZEa4ckwMxlJy5KX1QPzbF4CGIOLZ0PHk_B7nC0tKLDALqKjSzcBS4fC-AXKDkv6cPAF7VfzRylyrXHAi7Exd6-cKdVp2aEZia3XuXicIUAZUY4y3VXls72VdR2cW-5mm1CF2wRIU1Bpz06MU1eTbkSU2C4LWTnxGXndnHHPHBZm6kYVW1r5ufZ9aZQb3FhdvvkePJ-zFiQaQzukVcsbMt4z4l6nRCXBg-TNpbkU11byu0WixytLt5hmHDb6w8xv7MZq2Z0L7n4mA7pxQLPjAbutnbUM-pg0eeoLbj2y9AiksgR_c8ylyTWWAkMizNFFjNg9Md31Fi4cU-JEyKg1e7uE5MDzrtsldnVL7ALwbiAr7LiWJzQ5_Z4N357l23aE8kStDHLpGlJvl6C7RRN_23PH6T8CmAwNYSNSJfeJZlVcgiIlhDs8OX0Zhnj4uR4UoF2SlhUdP2Mbp6KH8sySnlcXBoSnpknmihI_hrCDN99hxkGKyaeVkDHC6l2X3zKMyCh3HMa233z2Amna7Mjq9Lor0m1aIBaaDZ3K45fvzk81f2UhbNUy3rvjYzDlxXFojOSrov7fPE-UMXmVoEGL4VTVhrQtNn-BHH6XI1VfjbiQI1S71RO0nW4MnT1byM9_EhClrSOpMkPhEktKOuV3EjLYix2CU3l311-JoB5d_P2nUCJAvBaUWNatzgc0kmjFw41ZE8CIBLuebJikD4X66JHmz6q-hMra21ujYF3JVkLESsJcKft1mMFCF_UuJ1yUOSnibCrdGsaWRfglI8k9kg&sai=AMfl-YR9Q_Fv8kV1_bVP8MU3aliC6YQijPwstXTZhcjb55VKybwjF4zdybIjR7wWRS7rO55hUxoWHneWCSHQx0lJkRGgFhHEYzKsSTn-unHVyDPK4a_msjOK3fAMNO_sLArSUN0sWWb1GLfVpTrLZenEufFsMjGlUiVf-uN02QPAAPKLWLsEf0qOp5yHreUL694TrfddtmEgvaITGq3ceQNHjj_VUZq0-A&sig=Cg0ArKJSzOlwMe-OHCEdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=71&cbvp=1&cstd=68&cisv=r20221025.46968&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&adurl=

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 12:06:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E6C7 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:21:39 GMT
expires: Wed, 25 Oct 2023 05:21:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4742
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5hDbpPKJXlt3l4RTPyo6Y&google_cver=1&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6Kh95aXDGkkJ9JxQI83CLV5kDKm9KQdBVmBklLP&google_hm=Bq8oCOxh4dahLnnO...

170 B
188 B

52ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6Kh95aXDGkkJ9JxQI83CLV5kDKm9KQdBVmBklLP&google_hm=Bq8oCOxh4dahLnnOc8pbjg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9pSoE-I-zKOf79SrxFnn6bQyUopDmNvEx5BfFjPtDVk1NUzcZ2a6Kh95aXDGkkJ9JxQI83CLV5kDKm9KQdBVmBklLP&google_hm=Bq8oCOxh4dahLnnOc8pbjg
pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4742 43 B
356 B 134ms
40ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAc8lBKYBg7hVoukWJmjgOM&google_push=AZmPxg_ZDNLga1eQ3x2XYFmK3wT8V_bo9Zy4pBXD25XCOy_lotWl6EQFK9SFvfT3pK8y_2dI24e4Oh8sNVR8dELXXMFrvSpPoQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 4742 43 B
64 B 76ms
42ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKP08RoG0BiCLWGpIyYFFlw&google_cver=1&google_push=AZmPxg8A7GsSXS22shQ_gyT_i7EZKNWMGZgdCbeipdWkupZjDIqUXPnBIEeJlKRJCKoiKWjOaOzXAEiHdxs2OTOyiqrPEC3aeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jnv4ef37plnqkt4kf5dnoj07ihdg4fm9

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4742
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9TrmzZ9DVewy2IOmK3DphIs8wTrb1FNA32kJHYgOJ4TvsJ43URJK1qEwQwuXmSHMNruTmXRSNXpYIJ0zKvx24hki21FA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CJrplVQUSxKXknmQ5ktnlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9TrmzZ9DVewy2IOmK3DphIs8wTrb1FNA32kJHYgOJ4TvsJ43URJK1qEwQwuXmSHMNruTmXRSNXpYIJ0zKvx24hki21FA
date: Thu, 27 Oct 2022 12:06:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4742
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuyP1eqjdXdSi1cRoxZLZg&google_cver=1&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUk4tMy1HODUx&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx5IwKYoIox-fPwoJw94lvkoA

170 B
188 B

49ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUk4tMy1HODUx&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx5IwKYoIox-fPwoJw94lvkoA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlSMFNOUk4tMy1HODUx&google_push=AZmPxg-zfu80cfiF4TZ41sSqMrmsHEDVfYG87rJN1LMHftEbxK1wwP8CeBVFQiP-JwBodh_arzx5IwKYoIox-fPwoJw94lvkoA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4742
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg88kbaoG7l7S9FI3vE0gVEy0Svz07Oev...

170 B
188 B

51ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg88kbaoG7l7S9FI3vE0gVEy0Svz07OevcPsEt9TfTFMlupZPwimSSmkePv1ESquqSq9RTQ9ceIEHPOVbqoeskqHbdbr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP_bKVOq_ECs1doHpUPKjz0&google_hm=Y1p0WR-fd0V6re63I4Sq4wAABKwAAAAB&google_nid=index&google_push=AZmPxg88kbaoG7l7S9FI3vE0gVEy0Svz07OevcPsEt9TfTFMlupZPwimSSmkePv1ESquqSq9RTQ9ceIEHPOVbqoeskqHbdbr
cache-control: no-cache
cf-ray: 760b4ed89fad91cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 4742 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4742 0
12 B 48ms
46ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_myzk2zu5mSmiIdHRC22kUOh9mPJxW-tSu7cnUsmkRJT9HVB0hfX1mzBqE_8HHjeeUMh5uA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E945 118 KB
40 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 17:25:10 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E945 60 KB
24 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 12:06:50 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/762848500367691081/ Frame E945 2 KB
1 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/762848500367691081/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df028dd3c2a44bc1fd167731604deedad1b57b92a3d4f291d16a7bc0dfd6a8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 15:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504567
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 14:50:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 15:57:23 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/762848500367691081/ Frame E945 94 KB
10 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/762848500367691081/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d292336a111a77f51d480ff376cf19bafb28111bf9cee35ec946fbe317342c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10150
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 14:50:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 19:10:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AD5 7 KB
6 KB 48ms
48ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1246d3e3e34384e2f5a0d9844bd055451df9991501c20c6b2bd97e76270443cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame E6C7 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame ED8F 41 KB
12 KB 36ms
12ms Script
application/x-javascript 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r221006
Requested by: Host: c.betrad.com
URL: https://c.betrad.com/durly.js?;ad_wxh=300x600;coid=1783;nid=9627;
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 20:22:19 GMT
server: AkamaiNetStorage
etag: "1e1cf06df2b98e267c5e511e819fb810:1665087739.27933"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12426

GET
H2 200 4.gif
c.evidon.com/a/ Frame ED8F 43 B
335 B 36ms
11ms Image
image/gif 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6839798841059229&output=html&h=600&adk=574413782&adf=3393014399&pi=t.aa~a.2169941962~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1666872409&rafmt=1&to=qs&pwprc=6995779410&format=300x600&url=https%3A%2F%2Fde.fitnesslifestylehealthclub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666872409601&bpp=1&bdt=1472&idt=-M&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab27bed34fb17d7f-22893853cad70082%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw&gpic=UID%3D0000089435ecced6%3AT%3D1666872408%3ART%3D1666872408%3AS%3DALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ&prev_fmts=300x250%2C0x0&nras=2&correlator=6111507865856&frm=20&pv=1&ga_vid=275475546.1666872409&ga_sid=1666872409&ga_hid=1694108486&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44775017&oid=2&pvsid=4303428926053407&tmod=2114047764&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=mfDLr3JyZK&p=https%3A//de.fitnesslifestylehealthclub.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/gif
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 590B 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPSPYWnRaY8TuC9WD7_UPzYiZ-AsAAAAAOAHgBAI&bg=!i4iliMzNAAZPh4lnb4c7ACkAdvg8Wi1UlqdOKnnMwRmJ74bfqE8OsfU71Y0iPotucu0pzQb-VDz1TAIAAAB9UgAAAAJoAQcKAJb7x0K5tc77EfVan0mLkt2cO_Kw9P6G50nUp02HWKMPdMEFUVu0XtctNJegUkhRicpzUhTK7YDB9h9CFONh5CyCf_vMjbDsJPP7os_Coq6i2_4RWpAvzVzzQBsd7EcqdvTp2doWomIYJ5y-dQoE85SPtjQlCKQ_zJA0q10NyWxBdIS8MMCtjIpWII5-FIIn9D5KvNLX_POZAs8XppiZa5MP3nsIoj52O5w2c6s58fVDV6fTqH6X3vznmsakZ_v-G2eIwsbmzAlLjkah9W_STLiUL0ynXgjqHGQacmRIDlNPRn6GF5kIx3N5rEJMlmbvjXB7J2iwiZhtoNuM_Yh2lH9PocwTHqjAf15S49KGwDsegiD-UGp-ihMWdK0tcVSsgzZ5bePRlzIlj4k5Gfjg6y8-v047gYugGQIkslhDm3K55kKDLdb3RMux40bw7x5EyJ-tIchV1cEFvjW9738NDqGADr8hvTK-bnp0MvG6ntaveklM7IdmE-9pPlJikF8BISsjS46h0AMXkze9JrH8AMU-dbVOgbgMc2SdVTmvWOtIO9vWw7yM9AjyjpaM8PqCyWjGBviiYz1oW7CgcbPZYgOI8RTvFE-L83dT1TJxVD6OJSRrUGxOK-biNJbuZUq2HKpUsuv7DSJ18qtIxuQ40XF83xm0P3rsdMtfsQ1hMMRph7Ra6b3pyQj66qY3mIOczCCwjIVORDpt9qe9eOaWRXcrsQeok-nD4C5NyrOBsD5-jizZgBkzkmYpcUv3zjQj4BXJpB-rjR8IVMaQ8_Bs4VlNPzzyjYJ7cXPjpzGd876pkXSSZRq8lJh7R3DJwbhvThRzC2HAbzPp41oFsodE2WYCOZWVsuswfWn_C7TJun7M_dbWmhINOmuG6Ult6WDHXBhMW5OAxc6uivLfQPNnNQMPjNtmLGU7eebSWnmSnVDqQWS-npRiWS1zthbs3nV4bt47pu7k1rNZnA_VLNdQewEJ6Eac4jxOxXmkEvxoWbXmzIlaFBfH0i-7NrhXkIvvk8ovUMg5dKdPzWAzXmR0FxHThmAzF94IoZ4RURbkuhIKbO4UMNQorNf_-CI_ckTd4HpybSRl2uR_F6b5AwrEN5Vv01IgAKxRxB1v37x38BnGylyx36_yCcVGqIRKvQNu9sSt-8WY53RgZg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ED8F 0
26 B 69ms
68ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst67fn7aYe_Ac-jjUIKccJy-4ldovDLmjiQVpR-7O3x4tmexMwNLYggE8uaCGIgM3TzFLxxdSkQSNEoPocatbX-WqZ6JNBc5-AoFhRLORNyhWAb96ijiqw2xDeBA1vuOYLs4SWrhPww_bf7iOq-LETTQ7orWUR2JkBgTl2B0mx1H2OVbyARlLcgWPleYWJw1NF8_HMt5av9_He26NXmx6ILWkeAinn8RmihvE7AdbOCa3gy1u4sN3DcuRNvEjv-B8wnhSKIlezbqBe9SuJVQblxsjDQT8GfwtYGS8QjZAqh2Ebqqzf0TcJXk0N54wGweQhI-IuKi_F2HSO5xcnVG4mW_WI7JbMzJdQpGEuguHH0_qT33Vef1YJobuqqrHwvX93JXDOGB-cADJtfl5bEYbSkAhmJXv4e_zccRF0luq4w1KIQIDTwfVcAhvVL-BhsfkTjTIhZngNgcO61P0UvaB5AeuDtvK0huqp9Rlgzzd09gGGlzUrE9D9ynJaK6T0EgcX57ROtgCBJbglbOYvzP0YWAEm39DfKMrE3tNl1uYH-dKZEa4ckwMxlJy5KX1QPzbF4CGIOLZ0PHk_B7nC0tKLDALqKjSzcBS4fC-AXKDkv6cPAF7VfzRylyrXHAi7Exd6-cKdVp2aEZia3XuXicIUAZUY4y3VXls72VdR2cW-5mm1CF2wRIU1Bpz06MU1eTbkSU2C4LWTnxGXndnHHPHBZm6kYVW1r5ufZ9aZQb3FhdvvkePJ-zFiQaQzukVcsbMt4z4l6nRCXBg-TNpbkU11byu0WixytLt5hmHDb6w8xv7MZq2Z0L7n4mA7pxQLPjAbutnbUM-pg0eeoLbj2y9AiksgR_c8ylyTWWAkMizNFFjNg9Md31Fi4cU-JEyKg1e7uE5MDzrtsldnVL7ALwbiAr7LiWJzQ5_Z4N357l23aE8kStDHLpGlJvl6C7RRN_23PH6T8CmAwNYSNSJfeJZlVcgiIlhDs8OX0Zhnj4uR4UoF2SlhUdP2Mbp6KH8sySnlcXBoSnpknmihI_hrCDN99hxkGKyaeVkDHC6l2X3zKMyCh3HMa233z2Amna7Mjq9Lor0m1aIBaaDZ3K45fvzk81f2UhbNUy3rvjYzDlxXFojOSrov7fPE-UMXmVoEGL4VTVhrQtNn-BHH6XI1VfjbiQI1S71RO0nW4MnT1byM9_EhClrSOpMkPhEktKOuV3EjLYix2CU3l311-JoB5d_P2nUCJAvBaUWNatzgc0kmjFw41ZE8CIBLuebJikD4X66JHmz6q-hMra21ujYF3JVkLESsJcKft1mMFCF_UuJ1yUOSnibCrdGsaWRfglI8k9kg&sai=AMfl-YR9Q_Fv8kV1_bVP8MU3aliC6YQijPwstXTZhcjb55VKybwjF4zdybIjR7wWRS7rO55hUxoWHneWCSHQx0lJkRGgFhHEYzKsSTn-unHVyDPK4a_msjOK3fAMNO_sLArSUN0sWWb1GLfVpTrLZenEufFsMjGlUiVf-uN02QPAAPKLWLsEf0qOp5yHreUL694TrfddtmEgvaITGq3ceQNHjj_VUZq0-A&sig=Cg0ArKJSzOlwMe-OHCEdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=240&vt=11&dtpt=169&dett=3&cstd=68&cisv=r20221025.46968&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&adurl=

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 9627.js Show response
c.evidon.com/a/n/1783/ Frame ED8F 2 KB
1 KB 17ms
17ms Script
application/x-javascript 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/1783/9627.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r221006
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ff59a8b88f7c7ffd2c7ee83c2009e7e5236cc9e7b32e680ba4679bc3552acf11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2015 15:31:36 GMT
server: AkamaiNetStorage
etag: "6814a5d9947e96c31a3d5c380d8a4194:1441380696"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 744

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AD5 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:51 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34F5 0
26 B 67ms
67ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkcvkelHzNuxnyP9CYlc1AYpbOvD41Y8iY-7d_qEoFnsNQmEDzWkMLdPXonGMiZF9eT9w_WO01oT6j-67okpPX4Tm4XcVSRZaIS_gBC4O3thgSzplYH1obWqJjITsbso5BO14XmXcz1hxINCEoT3n2NRdxGtrn7VJsUMTN_PSyZeHLaGLfiGvj-22SBty_Sh4AAJ-dPk-S-4NH5olAeJ2fEB1SQazpN572qKsC4lNdrBsq4kP5iokNtswA8tgRHVDgQlcR2oplhm2GnY6YZX2SDrYEsAS1tPx-Hf_l4LP7B-Ttx5w_ei2nmzfeQusjLlDAU_DXPyevBjarSyrpZ4G-06kM5r4MoGkbXI4IE9ZD90aiF-nrTxTCxSS41aprJ8P4iGWW5SFAYEXn_PdK3SwOLp8ADOLf4TXpx7t5vuoV-lVfxptTK1VBA-TwPBpDuOhJNAWTizeezc0S_7RNxdkwafOjOrdRrvIqmtP264N1aAyPoPJMZrL5_Miju3H7uvcCCqWFygefyqOgJk4fidWPlg2Iqj6DVdPre13asUz2cOEu2aQzQN_AWSAVzwn9OA7L2JervHWJH8tAGCp15MDtIbMjxL_CKSRgWHvsNb00l4dM3Fh1xNtzNsQ4sY3OaJQWESoKol-4BCLhOzTjR7BfqwlLRyyCE_93sBCmFn3lhsaFTs6WqNIUfXRBQ9-mYIK1NBrddMJY2NoDZA3xePQidSdQWXDwnmWcsQHh1i1KdGq5cFfruzJg3nvjuxXlC46Ltsi3__IosroBbp-qw1R8XaCzCKhWM5GZpKQRUzuY2aaB3Po_Z3-dbynL6pfZwgr2gYRz4dbztV73rSlgSFUHjQkg8x83dZlPO69aenT7d2cuTCnkKV8RcloeCNKp1SLtCXpV6GffSXEHpgjJGEafmmJNF461fJGK_Wo5qOJtqshPBMqylBhYOqqBgE_w6hh3kgWebRrFughQo83FGWV2UfpsVKTziu_jRBXRz7-ILiMSeq5D7GCArDxnZGSCku0Poi4at7mccTj6mMpzTBWnUgefbZxzU2sebPFkq8xBto_h4CpKocGlz2T4EwQ9OnzKOgi5iV6lcIbpI9-0-LVBiFjQn4FsKRVU2d0LN3EuySVSaVBuGCPG6o0lmhemJuKAwEOxZVPehTjdUZf_LT-IYj3DV9Y-k6WAKX3Wkz8CfRJxMBTOry1Yt51LLNwyzd16drL1pxTqB4EykOb2tns8R4jOclcOQ8XPRuROPSNq0WcfjzQXHW6dJtikxd8Hfg1ph1u4R5QIOgDXltK5Fgt0HwYnlK5LB_XsbKejK6zz0xZKAWfyvL4lZarLHmusltmBJYsrlDen_Bi06k-5iW8IV-BJwOOeUTWg308&sai=AMfl-YRWyo2W9I4g_OLJga6KR1HSBhYWaljDxls_MaxrHf7R-Xm8nqMw8LbdDrxGBBGCCDsqDg8FZrPsiuvSaJOSYo_yOa6PQgTbW1ySNLc608c5CZNCVPvfp_ZElqIOExpyq0nqVz1tVSp_h5xl5wbD4C2Mya7TDAGwOCjjDPCM7pTwGTLSNyO0LxHb1zm9B2HOiYS31_FVEjWKlvREYHJKVprrK2gGbA&sig=Cg0ArKJSzMp-43ob8PTIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=816&vt=11&dtpt=365&dett=3&cstd=446&cisv=r20221025.78367&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&adurl=

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-5hnekn7k.c.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0AD5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-5hnekn7k.c.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/acao,ctier,expire,id,ip,ipbits,itag...

216 KB
217 KB

112ms
16ms

Media
video/mp4

2a00:1450:400e:2::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hnekn7k.c.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A0269DEA2F60FDF58164727C89DC1A01C3F848E.25FB28829ACC0658D8BB913DA487EAC2499DA9E6/key/cms1/cms_redirect/yes/mh/AK/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1666871545/mv/u/mvi/3/pl/48/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e:2::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9aeaf69a8ff2dd54e912721061bda548c5d2785cb4c3891caf6ee4596ce7b1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 12:06:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Jul 2022 08:57:12 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-221568/221569
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 221569
Expires: Thu, 27 Oct 2022 12:06:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-5hnekn7k.c.2mdn.net/videoplayback/id/850fcee0481d5edc/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1698408410/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A0269DEA2F60FDF58164727C89DC1A01C3F848E.25FB28829ACC0658D8BB913DA487EAC2499DA9E6/key/cms1/cms_redirect/yes/mh/AK/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1666871545/mv/u/mvi/3/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame ED8F 2 KB
984 B 41ms
41ms Stylesheet
text/css 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.31257926023236515
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r221006
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 box_19_top-right.png
c.evidon.com/icon/ Frame ED8F 109 B
400 B 39ms
38ms Image
image/png 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_19_top-right.png
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:18 GMT
server: AkamaiNetStorage
etag: "8c7c476ac28727b21040351fa3006c59:1360189518"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 118

GET
H2 200 ci.png
c.evidon.com/icon/ Frame ED8F 581 B
888 B 38ms
37ms Image
image/png 184.24.12.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/ci.png
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.24.12.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-12-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:44 GMT
server: AkamaiNetStorage
etag: "2697f4b848d2400cd051312585a6bf42:1360189544"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 604

GET
H2 204 pixel.gif
l.betrad.com/ct/0_0_0_9627/de/0/1/0/0/0/0/300/600/242/1783/0/ Frame ED8F 0
121 B 342ms
99ms Image
text/plain 3.232.202.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/ct/0_0_0_9627/de/0/1/0/0/0/0/300/600/242/1783/0/pixel.gif?v=2_1&ttid=2&d=googleads.g.doubleclick.net&r=0.853682693288031
Requested by: Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.202.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-202-161.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E945 7 KB
6 KB 48ms
48ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d535d4e755c77d8273d498736719b714c0836ad8429e76a4aae8c40247ae858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0

GET
H3 200 300x600_bf_logo.png_1636556581165_300x600_bf_logo.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 4 KB
4 KB 43ms
39ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_bf_logo.png_1636556581165_300x600_bf_logo.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b86dcb9fbb506571164408ca97c5a71bae355734418ddc674da2a59324001b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 10:11:30 GMT
x-content-type-options: nosniff
age: 179721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3757
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 15:03:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 10:11:30 GMT

GET
H3 200 300x600_rhea_lifestyle.jpg_1659711113566_300x600_rhea_lifestyle.jpg
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 88 KB
88 KB 44ms
41ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_lifestyle.jpg_1659711113566_300x600_rhea_lifestyle.jpg

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597b51052901fcb6abb832922db95bc095e1e6fb37afa62522f2b70d7992f4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 13:39:21 GMT
x-content-type-options: nosniff
age: 80850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89813
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 14:53:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 13:39:21 GMT

GET
H3 200 300x600_rhea_de_copy1.png_1660234277516_300x600_rhea_de_copy1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 4 KB
4 KB 53ms
50ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy1.png_1660234277516_300x600_rhea_de_copy1.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7d289bfa1816139b2d834ec8e85d4aa863a73accf470b8e76d2ae1308e1f491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:02 GMT
x-content-type-options: nosniff
age: 69589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4383
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:02 GMT

GET
H3 200 300x600_rhea_de_copy2_bau.png_1664380178626_300x600_rhea_de_copy2_bau.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 3 KB
3 KB 50ms
47ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy2_bau.png_1664380178626_300x600_rhea_de_copy2_bau.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae30efd352106233740f6855b8d791c4660ea7e131f37aff632d8c3a831557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 23:08:41 GMT
x-content-type-options: nosniff
age: 478690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3410
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:49:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 23:08:41 GMT

GET
H3 200 300x600_rhea_de_copy3.png_1660234277516_300x600_rhea_de_copy3.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 4 KB
4 KB 52ms
49ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy3.png_1660234277516_300x600_rhea_de_copy3.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a877f24c03fef14ea00ac27e67354f68a64fa182f0a6bda314e6d30761906b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:03 GMT
x-content-type-options: nosniff
age: 69588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4518
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:11:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:03 GMT

GET
H3 200 300x600_rhea_de_copy4_1.png_1660305648750_300x600_rhea_de_copy4_1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 9 KB
9 KB 51ms
48ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy4_1.png_1660305648750_300x600_rhea_de_copy4_1.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f6e94ef5519f759091057b48ad793af6d41098c8a85722f523dd847a3cc7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:03 GMT
x-content-type-options: nosniff
age: 69588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8935
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 12:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:03 GMT

GET
H3 200 blank.png_1646397175183_blank.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 3 KB
4 KB 61ms
58ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/blank.png_1646397175183_blank.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2af1846e77fc4caa3ace965bb082263f77a2090358dfa427245adf469b00408b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:07:05 GMT
x-content-type-options: nosniff
age: 262786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3569
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 12:33:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 11:07:05 GMT

GET
H3 200 rhea_black_clocks_de.png_1660206440906_rhea_black_clocks_de.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 41 KB
41 KB 53ms
50ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/rhea_black_clocks_de.png_1660206440906_rhea_black_clocks_de.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aec68c84c583adcff2d6a82d5204309e96f746d4720bc5b04de0116c79ee2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:15:05 GMT
x-content-type-options: nosniff
age: 514306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41670
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:27:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 13:15:05 GMT

GET
H3 200 rhea_blue_body_response_de.png_1660206440906_rhea_blue_body_response_de.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 35 KB
35 KB 57ms
55ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/rhea_blue_body_response_de.png_1660206440906_rhea_blue_body_response_de.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0a3e0faef34fe165988c89fe9be95bb52bda2f65e4f645ac9450aca9c88e5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:08:20 GMT
x-content-type-options: nosniff
age: 536311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35693
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:27:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 07:08:20 GMT

GET
H3 200 rhea_white_activities_de.png_1660206440906_rhea_white_activities_de.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 38 KB
38 KB 61ms
58ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/rhea_white_activities_de.png_1660206440906_rhea_white_activities_de.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c114b60d996e606b05a7b28f472a5c6729d53844f2709306b2bf9c53b36c859d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 13:42:17 GMT
x-content-type-options: nosniff
age: 599074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38679
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:27:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 13:42:17 GMT

GET
H3 200 rhea_sport_white_sleep_de.png_1660206440906_rhea_sport_white_sleep_de.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 46 KB
46 KB 55ms
52ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/rhea_sport_white_sleep_de.png_1660206440906_rhea_sport_white_sleep_de.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ab559eb1903ea131f586436b017b65e0063eef4d92b19e3cb695cba4568a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 13:42:17 GMT
x-content-type-options: nosniff
age: 599074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46674
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:27:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 13:42:17 GMT

GET
H3 200 300x600_hera_shadow.png_1659690696679_300x600_hera_shadow.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 7 KB
7 KB 56ms
54ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_hera_shadow.png_1659690696679_300x600_hera_shadow.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09cd158000cd024286a7ab79bee10315606d7dbee7654e9d1f3501e2886a0041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:52:44 GMT
x-content-type-options: nosniff
age: 76447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 09:12:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 14:52:44 GMT

GET
H3 200 300x600_hera_buynow_de_cta_off.png_1663769837983_300x600_hera_buynow_de_cta_off.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 2 KB
2 KB 59ms
57ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_hera_buynow_de_cta_off.png_1663769837983_300x600_hera_buynow_de_cta_off.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338914e59fe23ec8899b9b686b131f536886cfb3a177fe109a886066753f7929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:15:59 GMT
x-content-type-options: nosniff
age: 543052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1685
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 14:17:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 05:15:59 GMT

GET
H3 200 300x600_hera_buynow_de_cta_on.png_1663769837983_300x600_hera_buynow_de_cta_on.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 2 KB
2 KB 58ms
56ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_hera_buynow_de_cta_on.png_1663769837983_300x600_hera_buynow_de_cta_on.png

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b8ff3bc5282c26d37c705997c61665546f0947979047eb180d81fd933ace46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 15:53:01 GMT
x-content-type-options: nosniff
age: 504830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1685
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 14:17:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 15:53:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1E92 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMf60tTUwhk_6hY7jiTxJipuj_H2O-fGIWtDyWeYUwB2dINS51Sw6wc3RZ_M5l1Ary_m_GF_W5JOKwZIzqsqoY75bQX36Zu60oqsCXgQUzoJSUEJSdfUnnEqtBSD6QFTU7ox7wjw&sai=AMfl-YQrgJuAz7LnrNd9zy-6-LU7wJKlHX87cuunFmPGxqJtz4PDCOaXxXMaBjVaalKBsU2TL6I43C9Nxf9EO58&sig=Cg0ArKJSzOpHHcBXitgAEAE&id=lidar2&mcvt=1005&p=0,1,124.09375,642&mtos=0,819,1005,1182,1182&tos=0,819,186,177,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666872409746&rpt=221&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F37D 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E945 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6C7 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbdpAWnRaY_39LcmS7_UP8KSZ-AQAAAAAOAHgBAI&bg=!vr2lvfnNAAZPh4lnb4c7ACkAdvg8WqV8s-Qr_bSRS-GE8uLWLrN4pWy7jeyIQ9IxXVlvQEBvE0MDtgIAAAB7UgAAAAJoAQeZAuErvxmPYeerx_XSL5CUiL9LQYkdX6Qm6xxVZg2cKpDL_paUUcjLkbtZMGIUnV9SuNHuWT2iXiamamVlIv01SqLjUoDQVJ6LQV2bOoigJMfVi5-7384puLuijCBZL9nCL71V6xmYDnXkiTL-aYz1vgEkfHpjfj2Bo_J5pY1XBd3WkqEPlcM3VDKfnCKVA8YcE7Zb5s5ZqN6wCbD_3lomLqOJCkqCwcM7aSCkIBKAPo-dy5cORvVq_VOgkVtLvyBjg_biW8AZLHnA9Z1R-btUQQL3FwqIOgtOSBWxo6xfJv2FXN9CGcPsy-Kh9572f7sDkm0eTzwyS9z-niLQ9p3ZJTKjwdaJWnjVX3IuA0ud4DykZaCfNwdqp_bQjzyYHLMPra8gS5T9EO4KV6RLXH7pGi9lYv3sW5qHUOdUhhvw9y9NGrQggPHjyd6mVlv9iB6AAjIBIzbCrPs-76Bz-IADtYLizBhoBTFnFp8AIrfuYiJuXvx_dOCpz-vULTi6FbrSbCbMWp14WbQSoK1b8B9zdjGayIpBLuS0htS1b9VhhTobwSybEasm4j7N7GuUd0_EZxLEiQfCQDtMXCRTs0VGTQsdXENKkch50k2oVb7tS_I0ZknPRQiVWhSbLgmhqtN9xMYM4zIWT_tr3DM_jIa7TYyjH8uWEBKkyQpIYmDFglUKX7RwWXKWTIVG4jxRTphxsObYaYIaQ7UgppiiPBDMzfUdQ7fxjQyOu3SOfuRLw93khT1op4PJgM2UUgiJ4wiEhBGBQXkqgEg12rsmT_cTKy3178788V1tl6M58mhXtD1chycl-5YbUyKRat9eZr8X84RzfCzDsASaoH9_LIPFLps9l8w-w_tUADkwN4XcxRe1spFzFGwdemNihFWqML4Lgc5vadj9v8YWeBmXJPKLzNIZwAME7k6IATr4HKzDBGlgfuX0qszC16lxoVKwaGAda6Tc6X7gjzbV6wVzddE65A6SWA

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 12:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 custom
dibsemey.com/ Frame 0
0 12ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dibsemey.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de.fitnesslifestylehealthclub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 27 Oct 2022 12:06:51 GMT
server: nginx

POST
H2 200 custom Show response
dibsemey.com/ 39 B
337 B 21ms
21ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dibsemey.com/custom

Requested by

Host: de.fitnesslifestylehealthclub.com
URL: https://de.fitnesslifestylehealthclub.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e440729d6144061805539d7efc129c0a
date: Thu, 27 Oct 2022 12:06:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://de.fitnesslifestylehealthclub.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 52ms
51ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d95c1a64ae564afdce0f09d115307dc0cdb654955f8c2a864f50b72e39c2f4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11235
x-xss-protection: 0

GET
H3 200 300x600_rhea_de_copy1.png_1660234277516_300x600_rhea_de_copy1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 4 KB
4 KB 36ms
35ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy1.png_1660234277516_300x600_rhea_de_copy1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7d289bfa1816139b2d834ec8e85d4aa863a73accf470b8e76d2ae1308e1f491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:02 GMT
x-content-type-options: nosniff
age: 69589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4383
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:02 GMT

GET
H3 200 300x600_rhea_de_copy2_bau.png_1664380178626_300x600_rhea_de_copy2_bau.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 3 KB
3 KB 36ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy2_bau.png_1664380178626_300x600_rhea_de_copy2_bau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae30efd352106233740f6855b8d791c4660ea7e131f37aff632d8c3a831557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 23:08:41 GMT
x-content-type-options: nosniff
age: 478690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3410
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:49:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 23:08:41 GMT

GET
H3 200 300x600_rhea_de_copy3.png_1660234277516_300x600_rhea_de_copy3.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 4 KB
4 KB 37ms
36ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy3.png_1660234277516_300x600_rhea_de_copy3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a877f24c03fef14ea00ac27e67354f68a64fa182f0a6bda314e6d30761906b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:03 GMT
x-content-type-options: nosniff
age: 69588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4518
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 16:11:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:03 GMT

GET
H3 200 300x600_rhea_de_copy4_1.png_1660305648750_300x600_rhea_de_copy4_1.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 9 KB
9 KB 38ms
38ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/300x600_rhea_de_copy4_1.png_1660305648750_300x600_rhea_de_copy4_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f6e94ef5519f759091057b48ad793af6d41098c8a85722f523dd847a3cc7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:47:03 GMT
x-content-type-options: nosniff
age: 69588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8935
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 12:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 16:47:03 GMT

GET
H3 200 blank.png_1646397175183_blank.png
s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/ Frame E945 3 KB
4 KB 37ms
37ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10894896/s0.2mdn.net/creatives/assets/4326301/blank.png_1646397175183_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2af1846e77fc4caa3ace965bb082263f77a2090358dfa427245adf469b00408b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/762848500367691081/index.html?e=69&leftOffset=0&topOffset=0&c=Cmvkg2atxf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:07:05 GMT
x-content-type-options: nosniff
age: 262786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3569
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 12:33:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 11:07:05 GMT

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame FFB3 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 12:06:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0B7 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 10:37:23 GMT
expires: Fri, 27 Oct 2023 10:37:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 04D0 783 B
533 B 51ms
50ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc90adca53ef3c6a6f10ad01a573a3ecd2972258b3084f014cc6d08f90b0e1e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b2o9WMPMQd4tvrS4RO2oig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de.fitnesslifestylehealthclub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-b2o9WMPMQd4tvrS4RO2oig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:06:51 GMT
expires: Thu, 27 Oct 2022 12:06:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js Show response
pagead2.googlesyndication.com/bg/ Frame F0B7 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16118
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 17:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 04D0 0
0 72ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221025&jk=4303428926053407&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F0B7 0
12 B 38ms
38ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YkOHQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:06:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221025&jk=4303428926053407&bg=!JiWlJWHNAAZPh4lnb4c7ACkAdvg8WrmdZ7TuWZmNsXchlsaEqXDVzaq-6jY0zPLVJIqGnHVkwGnYoQIAAABEUgAAAAJoAQcKAFds2Guxkki37UqBy5q57LVsiKaKJltjwmE6Bn1wiW52WtxTFX4p9hH9ZmjbwKCKCgY9IRALiWNA3H23s3NcU8ge8S-LG2YdvRytPpT-pLizRcVGUfqBO8OZArb1oE3OUNZwiFUGV6zh2z0huAlcibBFAMO9BTZMJQFi3Fsx-Td68lGjupFKRr-7Yp8NvUM-YEFrUPgxW4HXtKlADD4ZNxy7h7mCeZjJ6ZtBx_PDLOfMccEXeDx5stktYHAtvwyZxu_L7LTf7Dpu4ufyhvNNoIGPPXzuQqVrJps0IUxZi1EdTWVfmIApqNxgB2g0_u8q4s2Wu0F3C4HIQvXRYw9kpeSGWpfzKC8dRq32KsQQTBstg8sT0j_PRr9HMInraaWmuYNVJjkont4RuDPJveoaVpDI49YyE-MRQe_B0cAu56m6wemTU61WfCsCvYi_-ZsyioxF8IKeRU32zGYNFV0BrNH79nOePPiSBWorn_rpxchGll3tAf4C6zLhDFYYa8-WFid5fqS8GzO8x__B5m5-CasAdoKMUjs6-WDs5lD-EpZ0sEC0ouUcGsFJxK8I0D6qXvh59DsZ--Ijp2tiTj9Qqu-LZjS9slAL8a8JlRV4M8qxTOJF3HqUpXTAe8CQ0UIEn_cAww4WXQ5Qb6VGPqkplehVjNKrSBlIEuihl0w4SmG39kM0Yh-TR31mGv_dLXSZgk3MqPyvP8FbDpFjjxKpW8AffIaU3vEY1RFFP_UZi29gcWv7P3N062bfrBYLXv-3ecAG95QCDY7983aMKxeaV3WviHs0PXwnCuJ4xPWX-Y1I5aiCc-ICL6G5h9aWrgjkMQ5LkSv_yHGJhSqiO2E9oAaZU9Y11y_K7rGfZpNzlXe38HfUEF2hYYSRrYlrL7e0jnwgwAYGwMLr6mUMW7_z_cvpqV3GUtgYGVsvRCfs66NIoc1clStucmobDBnsu2q3mg9jdc_Snsvt5Uz5PICfoupJYz8rRMHRLILI0o7vAiqfp9tZMF7lxC0S30jBfhjHKlTsTqDA2RwP-1FrChxnpmfW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de.fitnesslifestylehealthclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHgXHNWvbhBaB0a4xbvKVqc&google_cver=1&google_push=AZmPxg8BuYcoA23mDBDYQf9Sqc7zngAgQITHgrP91i0x7yFdG33ld1wXYfyOfoQjTJrC_QX2CWfD_hPEgceKi2oZR6cKUYi2W20

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 15:45:54	Name: FTID Value: 1ZMdHO2k1yeQ1ZMdHO002PTf
.yadro.ru/	1970-01-20 15:45:54	Name: VID Value: 3cHiws1uUdOQ1ZMdHO002PUP
my.rtmark.net/	1970-01-20 15:46:48	Name: ID Value: 129fa6437ede438ea8f0f0b57d93c2ba
.fitnesslifestylehealthclub.com/	1970-01-20 16:22:48	Name: __gads Value: ID=ab27bed34fb17d7f-22893853cad70082:T=1666872408:RT=1666872408:S=ALNI_MZV4IWhdJNh4NVdQ1H1HzJ2fHGPIw
.fitnesslifestylehealthclub.com/	1970-01-20 16:22:48	Name: __gpi Value: UID=0000089435ecced6:T=1666872408:RT=1666872408:S=ALNI_MZ9lUIuKje1ZxbtpcLwsmm58gVbCQ
.doubleclick.net/	1970-01-20 16:22:48	Name: IDE Value: AHWqTUn_2IuJR3aKPR_-2DVrjT048HQnipcc6IXwpWBaXR7rOnXnrCfWkzTqvCwy
.casalemedia.com/	1970-01-20 15:46:48	Name: CMID Value: Y1p0WR.fd0V6re63I4Sq4wAA
.casalemedia.com/	1970-01-20 09:10:48	Name: CMPS Value: 1196
.casalemedia.com/	1970-01-20 09:10:48	Name: CMPRO Value: 1196
.adnxs.com/	1970-01-20 09:10:48	Name: uuid2 Value: 4549646640340411650
.adnxs.com/	1970-01-20 09:10:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPntV>+!]tbPl1M>e)ZlrFUfJ+tGXxo7N>!/tAad:g_.%zRQKM(wD'.[E_KAc%38'Sb3If)y3KL9D3I?+Scd^w4
.doubleclick.net/	1970-01-20 07:01:16	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 09:10:48	Name: d Value: EAgBCQG3J4EA
.quantserve.com/	1970-01-20 16:31:26	Name: mc Value: 635a745a-cfb6e-9be1b-4f683
.yahoo.com/	1970-01-20 15:47:10	Name: A3 Value: d=AQABBFp0WmMCEAKSQIdSmOGl27ZLerXJJT4FEgEBAQHFW2NkYwAAAAAA_eMAAA&S=AQAAAqB1MEtmPkjtItTYcsyHFaM
.analytics.yahoo.com/	1970-01-20 15:46:48	Name: IDSYNC Value: 18yl~27yc
.pubmatic.com/	1970-01-20 07:02:38	Name: KTPCACOOKIE Value: YES
.agkn.com/	1970-01-20 15:46:48	Name: ab Value: 0001%3A5HsusSBbwtoNU%2BtHuH5AN16HGflb9T%2B%2F
.agkn.com/	1970-01-20 15:46:48	Name: u Value: C\|0CEAq7TDaKu0w2gAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 09:10:48	Name: KADUSERCOOKIE Value: 089AE995-5414-4B12-9792-7990E64B6796
.demdex.net/	1970-01-20 11:20:24	Name: demdex Value: 21346093183856990042460704484085188238
pfa.levexis.com/	1970-01-20 16:37:12	Name: uuid Value: 11dd2e06-6f10-4375-873a-02ca02cb6a74
pfa.levexis.com/	1970-01-20 16:37:12	Name: ENS_AES Value: %7B%22lclt%22%3Anull%2C%22lcot%22%3Anull%7D
.spotxchange.com/	1970-01-20 07:41:31	Name: audience Value: d6e02faa-55ef-11ed-866b-11482f420406
.samsung-germany.demdex.net/	1970-01-20 11:20:24	Name: samsung-germany Value: 21346093183856990042460704484085188238
.casalemedia.com/	1970-01-20 09:10:48	Name: CMTS Value: 1209
.e.dlx.addthis.com/	1970-01-20 16:31:26	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:31:26	Name: na_id Value: 2022102712065100037738150144
.addthis.com/	1970-01-20 16:31:26	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:31:26	Name: uid Value: 635a745bd46c1546
.addthis.com/	1970-01-20 16:31:26	Name: ouid Value: 635a745b00018d5d8a3df78bf3543742e63b29dd75622db00c16
.dlx.addthis.com/	1970-01-20 07:44:24	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:44:24	Name: na_sr Value: 20221027
.dlx.addthis.com/	1970-01-20 07:01:12	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:44:24	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHgXHNWvbhBaB0a4xbvKVqc&google_cver=1&google_push=AZmPxg8BuYcoA23mDBDYQf9Sqc7zngAgQITHgrP91i0x7yFdG33ld1wXYfyOfoQjTJrC_QX2CWfD_hPEgceKi2oZR6cKUYi2W20 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.betrad.com
c.evidon.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
d.agkn.com
de.fitnesslifestylehealthclub.com
dibsemey.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
l.betrad.com
my.rtmark.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pfa.levexis.com
pixel.rubiconproject.com
r3---sn-5hnekn7k.c.2mdn.net
rtb.openx.net
s0.2mdn.net
samsung-germany.demdex.net
ssum-sec.casalemedia.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
whoursie.com
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.18.126
139.45.195.8
139.45.197.237
139.45.197.250
142.250.185.66
172.217.23.98
18.156.0.31
184.24.12.191
185.64.190.78
185.80.39.216
185.89.210.180
185.94.180.125
23.11.239.181
23.67.130.24
2606:4700:3035::ac43:d6a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a00:1450:400e:2::8
3.121.8.30
3.124.173.63
3.232.202.161
3.250.251.255
34.98.64.218
34.98.67.61
35.227.252.103
69.173.144.138
69.192.160.219
88.212.201.204
029d4ec775c80bcec3e0fad7c581a13fe488dc12af7801b46214365c08fee79f
04f6c2323eec926c857874a8583f30d7887f02552d2534d9000c0704408ecb86
08ab559eb1903ea131f586436b017b65e0063eef4d92b19e3cb695cba4568a8b
09cd158000cd024286a7ab79bee10315606d7dbee7654e9d1f3501e2886a0041
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c05d22d3bcc3ad199772fb322a4a25c589f0fb746c4246a6daefba3e1c49071
107b1738055a81bb97cbf3a66a63879d4464c5fa649e39fba3b93cddf1afbd58
117d7c61d9a1137845badcbcd3024dadc5969783dffb76371ae844ab6ce9c535
1246d3e3e34384e2f5a0d9844bd055451df9991501c20c6b2bd97e76270443cc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a05005eb6bf8faf0b97e6c2881eb6a926930bd333564721870a6e362df7dcb0
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1ed6302bbdf873d278ecf6bc4848824bb1f5c54759b4284ca2af36a53402c404
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
27c0ddacc4323dcae02f52a0b6fe48a9c7c1072ef72a8901492a4c97ebfd1289
27f6e94ef5519f759091057b48ad793af6d41098c8a85722f523dd847a3cc7a2
2af1846e77fc4caa3ace965bb082263f77a2090358dfa427245adf469b00408b
31ca4bcbe4f8aefb217834a99b7e9afe088cc51bb4dd4b584250c15801f75c81
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338914e59fe23ec8899b9b686b131f536886cfb3a177fe109a886066753f7929
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35ce00f413ac9aaae938071fa45d4b23ce77a872abd6ca84316bc45a0aa22a0a
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a2c515a894cff1514498e32abbb0afd9114d86eef29fd5b53885c2c75e6b376
3a85f109da50e9b2d6d9ca24fb50846b041303f6fefcddbddb1caad85343ebc1
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3dd3d4fd4bdc0f57547917c6ceeeb0a3359b93f7edad9be6b55548b8d18c2fe4
42e348ba492b80e2a08acdff616807ff725f7fd2e45ba3fa5fd90db3585043db
458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3
47e3d8487c0d4c22d90fe6add3df2b97a9c07915dcc23cbe404c682476bee3bf
4b4adf9076d82c73df20bd690a89d26513b027ad6196a38506c009041f3a568d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b86dcb9fbb506571164408ca97c5a71bae355734418ddc674da2a59324001b5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d535d4e755c77d8273d498736719b714c0836ad8429e76a4aae8c40247ae858
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
4ef9f10e753ddb71af7a40b824fa538b58bd1d09ae3065f23730d1ee11a1a8df
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c022e8aba3e1aef37259ac56892a5bb4d5e17d208218301cfffcf7b583d6ec
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5730cdcc095178914db6abf729a04980c5e2b4137e0126e88b8aa84e6bc2f222
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59485a547fdb99238dd34f9c7ec32b6b2edfacbe978087ee2539f06f51bd8bed
597b51052901fcb6abb832922db95bc095e1e6fb37afa62522f2b70d7992f4b6
5a877f24c03fef14ea00ac27e67354f68a64fa182f0a6bda314e6d30761906b6
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
5f6c043302bccc600569e3310b4a277bc13b224d4bb16274a58cf89fb072af88
6053cb663e0ef5ba170a31eba9e6d7b04ac06639ff17b87f84bf6627358de485
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68f94cec0e431ff814dc747f16269617dc7435bdbdce7c030acea5e9a1e71a9f
695806633a240f960e1494fc87d9554059e3704454bffa0467215acd572536f4
6b1bfe73d413d5d94033f9a17335003b843bdc912990ffbc1f145b1944f3eff2
6b7f0c112a1bb4c4d60b5b3ddc5a79667bac560b1614d29d7476b5b52790a3fd
6b9a9086e35bb0de35aaffa58fdd45c917dc45166502b49202f4a76538bb7667
6d292336a111a77f51d480ff376cf19bafb28111bf9cee35ec946fbe317342c4
6d9a948bab4d2cd3de764f40d360f49fcf9e620ff971da2dd8d04d3c2b082b48
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70d4a33bec96153a6170c2d48b6d4e84b47ce80fd0101a05d55b47537d7e6c53
74e351e8d3808636b995911f48070e624d1c9bcc2cd74b71099d42fb82a7b8aa
76d3490c91f60abf82ed342b32a3633c3e42bfa8ae627e7e7f77842a01a37460
78fdfa198bd54dce8a49a03f57b6c46ccf7e823fdfcfbc633ac9d17c161a69a0
799467d8f4baf07cab1e89a0834e3724998c0ca90dc64dac9499132844ddbc49
7aac0d5ee5ba5d34098d8002e7caceb2cff53bd38d909e6d001448c35900a4c6
7ae2a89be2f6d815e0420d10c25106bc72bed6c9fc4634cab08c0039b175a49c
7cfcc1ee957408ba421f5304de3b5e2dd571576fdf895d8515f131fb4a715a03
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
811702538dbcf0a7a136ca3fe0e64babe8df2d4defdc06e1bd7b5ebc27efed8c
837f7b9864349a861da76baa10faa2fa4e4e82fdbb78384a32251e54b771e21f
8526eab15b4e6d14a890a0a7c204520c223ed39c6860adc7d10c4015343ec2ef
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
89c9ecf26c2c3bba94a8ac2373220c0a64fe6900efe5aaa2634e6a6150d3c002
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b8ff3bc5282c26d37c705997c61665546f0947979047eb180d81fd933ace46d
8d28fa4f098d3bdbcd458e1c0d2e72d3d761526b931d90158c8f7efd19694c0a
8e1b3b2ca052893eab05f61f598904d64b88c10531688e39907189642db2a2ac
9105c7c6853df61c33336d8b93160c0c3acd5e7a999641383c3cf84beb5a2cc2
945091fb860a97d027680f6fa4e655e3f230cbe1b800790fd3b01411fd2b9890
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aeaf69a8ff2dd54e912721061bda548c5d2785cb4c3891caf6ee4596ce7b1fd
9aec68c84c583adcff2d6a82d5204309e96f746d4720bc5b04de0116c79ee2a5
9d33e3e0fbf419aa5f85ffe52126f141ab9e7996bde90b1eb26b7997aaf376f4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f2fe0f9cf10e41a6b915e83b98c72a9f682079e1ef2549a04141e3900b7a9c
a1c6c2482a33b669ab424a662542c80adc1e170c28d931d730671149cb3aaed5
a28b9871dc80175bbb6cbaadf100abc925d5e106f0254c8f8a13d34141d90bfa
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e735a9a96e8258a1261a02257c1a685e0bb4693ae779634b56375cf4825743
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
ab5569ec74ecb1fbf17e57fe57b378b791f2875b23afe1ae70bf5e2acdeb8790
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
ace9c0fb72412732d2c2c2bb7958f6664e3a8b91a0447c536641759a3b0e9fc5
ae8ba06de399669317c0db54d09fb8e29e5a67652ce2b8257ce85c6d3afb82b4
b068e8d293b433791e95524241135acf002d29fdf4116a2e9f110938998b2be6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdb3dc4de7b9f9aab240cde6ea2a8b928ef909ca768f0eee59d932cafc7ee18f
bde6aa43fcb7143a519d9e4c6fd9ef70b04eafc041a0a4ecd4d4ccf0a7512220
beed1d87d7327e8dc524421f43e6f43bd87f935b571a6e208d0d4610e4459d61
c114b60d996e606b05a7b28f472a5c6729d53844f2709306b2bf9c53b36c859d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cb423cad4390d71e68fef7b5681cfe0e462d53afa40292e66bfec3e6ecc6dab7
cc90adca53ef3c6a6f10ad01a573a3ecd2972258b3084f014cc6d08f90b0e1e3
cd433a426b39e9b8ac7acf84fba2e7e69a64679c5cfe9dc6287785b28ef6f214
d0972516ead3726832f6d3e7ae8b32bce4bee9ae09406fcd9a839d8ce5ea8784
d0a3e0faef34fe165988c89fe9be95bb52bda2f65e4f645ac9450aca9c88e5d9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d40ddab99a87d72df48c8c007daee96b0411c8cb04f206efef565e0ce633d3a1
d5704f8e5b0ca8532750448eba3ef9d0561665e2e71a5fbffbecbfb29011125a
d7014296e1456623098040a792fe44beea47e4d983003b0dfb6968618b9f3403
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7d289bfa1816139b2d834ec8e85d4aa863a73accf470b8e76d2ae1308e1f491
d95c1a64ae564afdce0f09d115307dc0cdb654955f8c2a864f50b72e39c2f4a5
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
df028dd3c2a44bc1fd167731604deedad1b57b92a3d4f291d16a7bc0dfd6a8d6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5825716982aa51605a30c1032f1492b55506b52f3e69b78394dd2b60eaa68ba
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f42c75df42a21d64b1970eb94e12e297bdfbb80118f0294859f07986d7f604
ea89787496ff8dc419e0d70442e0a7868b7a7cff566b6b4902ac2b23659f3934
eb82224c6e7753cda34fc0931de204441374edcce29c2e35f581d9918302176b
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
ed1aa528b8de11ab7d3c4a1a201269f8465e969708e86d306a3a7a39aeba2a42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae30efd352106233740f6855b8d791c4660ea7e131f37aff632d8c3a831557
f12256ca3c0e58f563c2bc73e385643b31f27c97df02328b35fdc9278353a730
f54a7c11887d953b19b58ca60b5ce37da7e4a42cea7d8b2374446f6e6d12a928
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f9699b9f521b1c637bb698eab0017f2670dddbc21660ca74bb204a52b34e68b2
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff59a8b88f7c7ffd2c7ee83c2009e7e5236cc9e7b32e680ba4679bc3552acf11
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

de.fitnesslifestylehealthclub.com Open in urlscan Pro 2606:4700:3035::ac43:d6a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

234 Requests

91 %HTTPS

38 %IPv6

31 Domains

41 Subdomains

33 IPs

8 Countries

2926 kBTransfer

5942 kBSize

35 Cookies

1 Outgoing links

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de.fitnesslifestylehealthclub.com Open in urlscan Pro
2606:4700:3035::ac43:d6a1 Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

91 %
HTTPS

38 %
IPv6

31
Domains

41
Subdomains

33
IPs

8
Countries

2926 kB
Transfer

5942 kB
Size

35
Cookies

234 HTTP transactions
4 data transactions