opynew.com Open in urlscan Pro
35.209.139.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://opynew.com/
Effective URL:
https://opynew.com/
Submission: On May 01 via api (May 1st 2023, 1:55:33 pm UTC) from US — Scanned from DE

Summary HTTP 255 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 35 domains to perform 255 HTTP transactions. The main IP is 35.209.139.20, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is opynew.com.
TLS certificate: Issued by R3 on April 13th 2023. Valid for: 3 months.

This is the only time opynew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	35.209.139.20 35.209.139.20	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
29	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:3c00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	34.249.220.178 34.249.220.178	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11 26	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5 11	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 7	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
27	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.77.10.228 3.77.10.228	16509 (AMAZON-02) (AMAZON-02)
2 2	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:211... 2600:9000:211e:cc00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2	3.68.153.114 3.68.153.114	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	34.231.23.92 34.231.23.92	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.248.22.123 34.248.22.123	16509 (AMAZON-02) (AMAZON-02)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.101.90.96 141.101.90.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
255	36

40 35.209.139.20 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 20.139.209.35.bc.googleusercontent.com

opynew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3c00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.220.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-220-178.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.162 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.22 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.77.10.228 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-10-228.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.155 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:cc00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.153.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-153-114.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.23.92 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-23-92.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.22.123 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-22-123.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	392 KB
52	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	351 KB
40	opynew.com 1 redirects opynew.com	2 MB
29	demand.supply live.demand.supply — Cisco Umbrella Rank: 32910	41 KB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	897 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	8 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	7 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5261	940 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238 Failed	146 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	493 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	865 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	487 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777	721 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 875	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11316	609 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323	12 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 34292	607 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 942	627 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 6708	612 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955	573 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1005	440 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	45 KB
255	35

	Domain	Requested by
45	pagead2.googlesyndication.com	securepubads.g.doubleclick.net faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com tpc.googlesyndication.com opynew.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
40	opynew.com	1 redirects opynew.com
29	live.demand.supply	opynew.com live.demand.supply client
27	s0.2mdn.net	opynew.com s0.2mdn.net
26	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com tpc.googlesyndication.com opynew.com s0.2mdn.net
14	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net opynew.com
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	opynew.com
6	googleads.g.doubleclick.net	faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com opynew.com pagead2.googlesyndication.com
4	faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com opynew.com
3	www.googletagservices.com	securepubads.g.doubleclick.net faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com opynew.com
2	sync.teads.tv	1 redirects faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	onetag-sys.com	1 redirects faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
2	match.sharethrough.com	faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	s.uuidksinc.net	2 redirects
2	x.bidswitch.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	portal.o2online.de
1	ads.yieldmo.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	fksnk.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	opynew.com
1	www.googletagmanager.com	opynew.com
255	45

This site contains links to these domains. Also see Links.

Domain
mekshq.com
www.wordpress.org
sulvo.com

Subject Issuer	Validity	Valid
*.opynew.com R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.portal.o2online.de R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://opynew.com/
Frame ID: 4D08E69AAE597A70B56E939CD140DE89
Requests: 110 HTTP requests in this frame

Frame: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6C045B1D586750F9F54F42ED89067C83
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv06ThlY-NsENmODKH0dyiqNTxyxkyGAJdGqQuipkZ_aEboF4t6LomEoG7yi6aOqXPVym_W-Iab4a3dG2gYhspMCr8Cqb7_DpkS8Vy298cpTRgARMLaWQq6eaWliyEJPc2IMKpLAznCcNaJ58lZvebF-3TtM3RxlnwXT781KoJKADuui9bFS83GtHzBXhbZaJ-T6f17VZ8wlTo3_v7JjY6uEHtI0Q9t9WCem3CzDXMhsxVgbYsu35ielXob3Wfx0N_MgFM5BGhv1VR8asNP8yMpkIAOr-qooSM_-3uWtr3CR8SxF0yLHvrlhwSbUcIU0KWJD-fqQOo1CBxdmgrlZ84ynlVC2JAOdv6MBoYmlr3F_XUj6_TBjsOHVz1NMyOqaM-9Nw&sai=AMfl-YTAPZR7W6FBe-3hwOXPEQZIwbsjqozWFJ93ZYCpc7QV8azkBSrpaL8yMgBIprcTrc5I7FbxZHt2Vvb7OwR569VQE-phTE66jasHeE3guGs&sig=Cg0ArKJSzNWK-ZGVUvNqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B659E3D3112D8BE408EF3421DC9C0BFC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseE3fRs2eAcriq1JC5hK5NYR16yDeShBsvJlDT0iKqwBhRzm3JNOP9RsXX9I9jORf_Aul4mV1j5VewzzlwJFqHqWmqMq03ttlgAP6LmAuBoiQTgQjWUWpuLECWTBYX_uiH-sWPTBINWDVCiJjE3oPC9PNelDswpHyUKK3uj-cWryrV5SeIlv7KVdjNitgGpDIrxMcBFDbgvfdfg4j0JtBA83XlWwyMTD-HW5l8j1L4ev0IADVh-f03gHG1GlZOmJPIbko0YLz8PFMNEN_FUGHOYJ2ARGMMM_iSwE_E6YqUabVoIa2Ls_5ipAzp2JTpYE51DdCHBsenbH0rq3YNiWj79hcB8emP8TO95SLQipPtYwx-onXsTaHtBE5ZitAJTXT9pA&sai=AMfl-YQZrgBUXyPQ_bmJDN7rVZxIiHVDFXOyoghu1F_jtlnUxQgX8H1Q5Tglw1lYcL91FlXMdzxRMJ3w_sFc_0aI0DvrVJIJb2FVMS7PiNAWoKFUdP_AeUSlMhz89BBcmQdTXUZHT3EEQB8VO6BF8BRE&sig=Cg0ArKJSzKqWHPjrb0tMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FEF3E419FCF850416E09C77BF5255E1C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFgxTIoRHclD3wUtyZG6VxaNMNKlYa63C8DraGIDUcIzvMqdw9zWjqnSLuJlHspMNzK9lI05JndXEhru-OSuZqb8PyYd6NDLCYqd3mkjvdK9GMa8LauLHK0y1Pjn1TvQRZnORylE_NMJtFuxuihEGCjhMIJR9o8YLn4HRvirJ6TVSAncK8jliRUzv_nj2n8EJqbPnTUgH0zVPH7HugEG5kwWKJFlFzJijPWa4nF0n7mITqglbPQwyKf9tC_PMxrRt7pA1tnEWPyNYzToqHDaXC4ox1_DFiPhxkv_xOBbBIvDlDvZwRWWtFXnYNFWUir8StdtG8RqsF4JfWpq0p8CLoyg6jnHAuLwm6g4K2ewFLAH4ed1Zz8evPgejUTZeN2TemSA&sai=AMfl-YTjejybV-obf1fBT_ii0QWTINrpIjdIJVIkYUBVABf-Tv4hhPCYXYVLWZboQoUh5AXFJBoXivjisq9gr-PIu8fCt8hgWI8RISc2MUZearQAA_KI27vTzmCC6gepd2M2rUV9MlVzEVu8sLCLOEA&sig=Cg0ArKJSzOwIZL25uPoFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 38F7A367C306A98D3A581C38471D7860
Requests: 2 HTTP requests in this frame

Frame: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52B67D054E3E9C8336C7BF81234AE33A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARja8_zbATAB&v=APEucNWHW4ZRsVwuiZMFlw21pNWyGjWljiLuFY37NnWJjd42E3diHhgUALSW3lPYnKwq_0enLo9kOcUuGNSC3IUFVNBuAb3_Egnp5jDaUXWsfMEAY5STt9YbCcuSw70IiQvDlNJXeiH1v4yndrF2_FcX0z7xWQlcuIFDd14pniw1b1o-j1LSRpcMp8T_8MmSQ09Gs8lzUfkyjuJXcYMY6rtT7uovKB6WZw
Frame ID: 6D5CD3898681B596F2A2EA03D93A2550
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=opynew.com
Frame ID: D634EDE3876F0FB104DE5DE267B07892
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C682BE6A621E45D7CA6D345AE2658F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1B162329A43DB4B8B580514E074F4F8
Requests: 2 HTTP requests in this frame

Frame: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC9FF93338347FFF6861FF620BA0F188
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNVqZ9Foy_Zs7WHnnvATknfys9gbIGc6GLT3xxfkzCyJNEOdUxCopHAQK9JR3v4xu6wGBPPf3ffYXzdxpiWNSrQ909oqVNmVcsea1lyFFaa6PVZBb17YlbGqv8_LMmnfJGMUfra2UHDR1WPVB7esExQDsBKoeA3u3SR-pRpZ-zblxse_-hqmATsXsGAQQU7pafEo6gyyYT_UHr_mQ3vK8kvx67dJJA
Frame ID: 0A3851EDAD100794DDECDBA7ACD5D9BE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FF90299E7FD21170DE55C8D72BAB80B4
Requests: 19 HTTP requests in this frame

Frame: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 412CC173ED0C32B04C56519F19A82987
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNXGRs6eyYmFWcPbw2nI_Ddd1aTBtWFzeqHVX5w-I5rmvpZ8u1WS0gfLVn10M4oKA5KZUK6Cu2WDezjUQkHJDGI_hGvLH8gf4n2UkvdJEr6UsiTIc1T9xLj6XeVlArWfq7Xf3nz3MFAr9cNqVsGUjAZnAyr6aqE64nIYoOwFKOqaIr_4vdr4cbnFD786-pI7dz5_9vKsa2zJnTB_uOKu92pRPYj44g
Frame ID: 16D9265B03C7485CFA8DFB24A3B8D9B7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2ED70B5FFBC5E685CCD00CF9E8058D73
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A77981E890B3583E6A933BEFE639F32
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F1E694BE9061EE27DEBCD6BF53D6598
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 362FB2E1323E47A9D3E66E442D3D4C3B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
Frame ID: B0B587C92E231AA23422D10DA8B851B4
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
Frame ID: 8CE54E1CD5C5678B1CD3374E239FC461
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD823BD2383ABA148F09F9B0BBA6775B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
Frame ID: C1773C014D48F34882A59F2C57B45BE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7C5D2375110E8EF02D7D365AEBE52B5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Frame ID: E24C0C6128FDBC4AAEC2A62E089746CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Frame ID: 98A6B308726EE40B0195573ACD36CBA4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Frame ID: E7BF20C1F69D1CBBC278C0567AF75C75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

opy new

Page URL History Show full URLs

http://opynew.com/ HTTP 301
https://opynew.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

255
Requests

88 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

36
IPs

7
Countries

3638 kB
Transfer

7307 kB
Size

31
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://mekshq.com/
Title: Meks

Search URL Search Domain Scan URL

URL: https://www.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://opynew.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://opynew.com/ HTTP 301
https://opynew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123

https://gum.criteo.com/sid/json?origin=publishertagids&domain=opynew.com&sn=ChromeSyncframe&so=0&topUrl=opynew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1_-163xYK0lVdVozaFZ3OXhlUWpURXhMOXRTajkvbURjTjUrbFZ6ak1NVTg0TkluRFhxQjllS205R0UvWGVVNTAzUEtLbkQ5TjlKcWhLRDJDQVpRVlJZbVZkalR4dVBlZW1CNmNURk5TcWFDUkxpaXhGbC91Z2NtVUJKdVlEUzJSeTVoaHB0SHZBMnhTeFVyeUd5Q2l4d0QxL1pNbTEySkRpWUZEbEpKbWxpRG1sZWFwWkdNQ1Q0bFNKQ1Bvd0NyQzhJZmxSYTVLaFFJUUQzd3RJMzhxMk5qYzdvTnVJVURxMlpOYUVGOUpFVVgraThBYXB6OWUxcEI5RjUxRFhvY0dOQitzQlNOQU5rcmNsdDZvRU1oU3o1TDNLZz09fA&cppv=2

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDv7t_RJuHODbOGiGlTQ1hI&google_cver=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELFwHtxzGk_CCD2J5BVYEYU&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

Request Chain 147

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

Request Chain 171

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

Request Chain 173

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Request Chain 183

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMTv-BUMqY3zycR5wRqeoWk&google_cver=1&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMTv-BUMqY3zycR5wRqeoWk&google_cver=1&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ&google_hm=XzCWYXjQQRKuHJAh-i_-HQ==

Request Chain 184

https://s.uuidksinc.net/match/47/?remote_uid=CAESEP0j4rlwszBGX9mS-XOxZFA&c_param1=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA

Request Chain 185

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAoEaXQs0y8uxA29QVAok28&google_cver=1&google_push=ATf1kGOWzOB0VOz0Z0_MMzX9DfcjRToaHVGe5M3giamYYmnQ-LLoj6ClOUTue5PjZXQkAl6duJWnVFxNZ4iyFEpqgww_MR8ir0A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAoEaXQs0y8uxA29QVAok28&google_cver=1&google_push=ATf1kGOWzOB0VOz0Z0_MMzX9DfcjRToaHVGe5M3giamYYmnQ-LLoj6ClOUTue5PjZXQkAl6duJWnVFxNZ4iyFEpqgww_MR8ir0A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WcglZ3yCQmyAJbRxbuBcYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOWzOB0VOz0Z0_MMzX9DfcjRToaHVGe5M3giamYYmnQ-LLoj6ClOUTue5PjZXQkAl6duJWnVFxNZ4iyFEpqgww_MR8ir0A

Request Chain 186

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKjF4qP2sM7K0sLo37aiIy4&google_cver=1&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8Hxq2QwozPmQI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8Hxq2QwozPmQI

Request Chain 187

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDhg60o3H5riNbZlyxeASes&google_cver=1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1682949327744 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4273fbd4-7ee5-4552-99ac-a2ba56f20dea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4%26google_hm%3DA0Jz-9R-5UVSmayiulbyDeo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&google_hm=A0Jz-9R-5UVSmayiulbyDeo

Request Chain 189

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO8jnkOowivW7L8qo-Q5o58&google_cver=1&google_push=ATf1kGOEYsSiV9bIGDtAIjh5pgKKHE3rIbkTxYMHTk_cRPBUKFM3CW32wYNABvNHpOekCat2dEPblGZtgq4aw0fdEMpqRco7G71V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOEYsSiV9bIGDtAIjh5pgKKHE3rIbkTxYMHTk_cRPBUKFM3CW32wYNABvNHpOekCat2dEPblGZtgq4aw0fdEMpqRco7G71V HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 216

https://fksnk.com/cs/google?google_gid=CAESEPCN4DnXaBodT8r1w08Qjwc&google_cver=1&google_push=ATf1kGPX_A_CBjoak6LcHQUheyyyVqc1JzpKG4UqM8SX9FLP9utwz5Pv_5GTmx-hB0qj8VWnS9HEKgLJbuQGY-5TWON-vU-CZnljmJvfuKz6MxAxPGLDh8upk8QWR1zvbXWurx7Q0Vw3k4c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTc0Mzc4MDhGQ0Y4NTFFNw==

Request Chain 217

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHRKh3sawmhFg9Mq8D42-4Q&c_param1=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLOZlZldMk0IvTSm-Qreu4vmzf9-HBM&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLOZlZldMk0IvTSm-Qreu4vmzf9-HBM

Request Chain 218

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_cver=1&google_push=ATf1kGNbzmlKxVjh1JnoDQsmTpm6pOMexmRcJBih86gMkM3mV8lxCrkGY48M3wj-YBL8b3llG20PnqlvU9Vlvx2OOEFOPXvT0chQTOa27JgMkDtPztzP7CSssVzR4EWBF0cujle6fFgJbQ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_hm=ZE_Ez5_kPdznrBzweHaY_gAABJUAAAIB&google_nid=index&google_push=ATf1kGNbzmlKxVjh1JnoDQsmTpm6pOMexmRcJBih86gMkM3mV8lxCrkGY48M3wj-YBL8b3llG20PnqlvU9Vlvx2OOEFOPXvT0chQTOa27JgMkDtPztzP7CSssVzR4EWBF0cujle6fFgJbQ4

Request Chain 219

https://ads.yieldmo.com/exptsync?google_gid=CAESEPnRJbMUGqE01caFCPWaBpU&google_cver=1&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEujVnmnK6sQYFzfFl8ovgviUcsJ65R7BuY2HfU4BIXNlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEujVnmnK6sQYFzfFl8ovgviUcsJ65R7BuY2HfU4BIXNlA&google_hm=Z2IzZDQxMjcyOTM3NzUwYjZiODg=

Request Chain 220

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGG6Ssor427YTW_bZ6ChwmI&google_cver=1&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFAbD7H_qx2VMkP_xik8tQDgE9KYytZ6B_0B2wciguvJI4C9IrvyZnkXX944_3s0NqE-fkLL4 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGG6Ssor427YTW_bZ6ChwmI&google_cver=1&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFAbD7H_qx2VMkP_xik8tQDgE9KYytZ6B_0B2wciguvJI4C9IrvyZnkXX944_3s0NqE-fkLL4&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yUVRZN1JsRTJ1R2M2Y2tNU2o0X2w0OVBGbGJTZldRYX5B&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFAbD7H_qx2VMkP_xik8tQDgE9KYytZ6B_0B2wciguvJI4C9IrvyZnkXX944_3s0NqE-fkLL4

Request Chain 222

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJgPNL3lFRZ7oFK7PtVNJTg&google_cver=1&google_push=ATf1kGONN8LGEHB8U344W2Xyl6QtKpDZKrcNawveip0GszITmOS2-KbTlgwZ_OP_sUyhuTozmcaHVxJvzCXQBtedaoYjFNcPBOr4D1TrMllV1Re-JUGb3MHyqLdZ_os_VxXvbbhIQ9JXdWWl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGONN8LGEHB8U344W2Xyl6QtKpDZKrcNawveip0GszITmOS2-KbTlgwZ_OP_sUyhuTozmcaHVxJvzCXQBtedaoYjFNcPBOr4D1TrMllV1Re-JUGb3MHyqLdZ_os_VxXvbbhIQ9JXdWWl HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

255 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
opynew.com/
Redirect Chain

http://opynew.com/
https://opynew.com/

134 KB
18 KB

568ms
210ms

Document
text/html

35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42e7328d12c030ef6836e6cd9e8c5365b7e894049a7c9088bc4adca343a930d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 01 May 2023 13:55:25 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://opynew.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-httpd-modphp: 1
x-litespeed-tag: 6e5_HTTP.200
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 01 May 2023 13:55:24 GMT
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Location: https://opynew.com/
Server: nginx
X-HTTPS-Enforce: 1
X-Proxy-Cache-Info: DT:1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 136ms
50ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-243307127-1

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4578821e392d8f0e1efbc01a0f2a2a448fb390d9d8d17d3b16761a91e44292c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45392
x-xss-protection: 0
last-modified: Mon, 01 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 May 2023 13:55:25 GMT

GET
H2 200 style-rtl.min.css
opynew.com/wp-includes/css/dist/block-library/ 95 KB
11 KB 128ms
123ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 61837609c4841282f94f89de7e2d082542ade38015258a246472ba4737eb3d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:43:16 GMT
server: nginx
etag: W/"64250554-17c6d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 classic-themes.min.css
opynew.com/wp-includes/css/ 291 B
402 B 134ms
129ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:43:16 GMT
server: nginx
etag: W/"64250554-123"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 styles.css
opynew.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 138ms
132ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Mon, 27 Mar 2023 01:06:03 GMT
server: nginx
etag: W/"6420ebfb-b2b"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 styles-rtl.css
opynew.com/wp-content/plugins/contact-form-7/includes/css/ 152 B
337 B 140ms
135ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.7.5.1
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Mon, 27 Mar 2023 01:06:03 GMT
server: nginx
etag: W/"6420ebfb-98"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 simple-line-icons.css
opynew.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 11 KB
2 KB 143ms
138ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.5
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Tue, 14 Mar 2023 12:26:03 GMT
server: nginx
etag: W/"641067db-2d25"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-flexible-shortcodes/css/ 15 KB
3 KB 146ms
141ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.5
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Tue, 14 Mar 2023 12:26:03 GMT
server: nginx
etag: W/"641067db-3c15"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CRoboto+Slab%3A400&subset=latin%2Clatin-ext&ver=2.9.6

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

367a96f5e00a8da1f68aa4de81646a4b6dd976977cc96af8159991cf95bdd997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 13:54:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 13:55:25 GMT

GET
H2 200 min.css
opynew.com/wp-content/themes/voice/assets/css/ 169 KB
30 KB 242ms
237ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.6
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b07871f016581e9d6d67632bc54ced898fa19754c3a1f3ebb46360f77bcb4545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:57 GMT
server: nginx
etag: W/"634b2655-2a426"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-easy-ads-widget/css/ 705 B
470 B 243ms
239ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.6
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Tue, 14 Mar 2023 12:26:02 GMT
server: nginx
etag: W/"641067da-2c1"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 widget.css
opynew.com/wp-content/plugins/meks-easy-instagram-widget/css/ 752 B
480 B 244ms
240ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-easy-instagram-widget/css/widget.css?ver=6.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: addbfa1028cf127b39a23057953a377e32fb30f1c97ba30f4626e8ec3d1fd3df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:56 GMT
server: nginx
etag: W/"634b2654-2f0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-simple-flickr-widget/css/ 353 B
405 B 244ms
240ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-simple-flickr-widget/css/style.css?ver=1.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c32f164be54b12ca8d8eb1f9aa5f2269bb6ade148ddb5314156c8470c59b2115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: W/"634b2652-161"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-smart-author-widget/css/ 545 B
456 B 245ms
241ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-smart-author-widget/css/style.css?ver=1.1.3
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-221"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-smart-social-widget/css/ 41 KB
5 KB 246ms
243ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-smart-social-widget/css/style.css?ver=1.6
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: W/"634b2652-a569"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 style.css
opynew.com/wp-content/plugins/meks-themeforest-smart-widget/css/ 351 B
388 B 250ms
246ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-themeforest-smart-widget/css/style.css?ver=1.4
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:56 GMT
server: nginx
etag: W/"634b2654-15f"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 main.css
opynew.com/wp-content/plugins/meks-easy-social-share/assets/css/ 9 KB
2 KB 253ms
250ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.9
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-2490"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 wp-review.css
opynew.com/wp-content/plugins/wp-review/public/css/ 37 KB
6 KB 257ms
254ms Stylesheet
text/css 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-92f1"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 jquery.min.js Show response
opynew.com/wp-includes/js/jquery/ 88 KB
30 KB 267ms
264ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:43:16 GMT
server: nginx
etag: W/"64250554-15ed7"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
opynew.com/wp-includes/js/jquery/ 13 KB
5 KB 268ms
265ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:43:16 GMT
server: nginx
etag: W/"64250554-3470"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:25 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 130ms
87ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7001db391f725ead6e81a96e6f41c7022c34a6931cde508bf560b5046666df99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GZ292GWSRBV4XZ014DNWQ7RB
date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 806
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0587974d325a68869c432f0483e6df63-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7c0885a60cf93621-FRA
link: <https://live.demand.supply/impl.v16.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/b3B5bmV3LmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 voice_default.jpg
opynew.com/wp-content/themes/voice/assets/img/ 113 KB
114 KB 170ms
168ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/themes/voice/assets/img/voice_default.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 271e7e6530a18de4ba1c811912681de850208d96699a3a0077bee323a113c59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:57 GMT
server: nginx
etag: "634b2655-1c55d"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 116061
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 Leicester-4-0-Nottingham-Forest-The-great-James-Maddison-leads-the-300x201.jpg
opynew.com/wp-content/uploads/2022/10/ 13 KB
13 KB 239ms
237ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/Leicester-4-0-Nottingham-Forest-The-great-James-Maddison-leads-the-300x201.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 603093968a28af69e7b9076c395c9756c142cc55a22fa90d57f691e07481a1e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-33e9"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 13289
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 wp-emoji-release.min.js Show response
opynew.com/wp-includes/js/ 18 KB
5 KB 240ms
238ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:43:16 GMT
server: nginx
etag: W/"64250554-4904"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 index.js Show response
opynew.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 121ms
121ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Mon, 27 Mar 2023 01:06:03 GMT
server: nginx
etag: W/"6420ebfb-2801"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 index.js Show response
opynew.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 123ms
120ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Mon, 27 Mar 2023 01:06:03 GMT
server: nginx
etag: W/"6420ebfb-328f"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 main.js Show response
opynew.com/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 128ms
125ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87cc3ffc7169655f3bb39c37f2d2db60f5bf92fe26c83f325b5306333398f076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Tue, 14 Mar 2023 12:26:03 GMT
server: nginx
etag: W/"641067db-1d11"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 imagesloaded.min.js Show response
opynew.com/wp-includes/js/ 5 KB
2 KB 133ms
130ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:30:00 GMT
server: nginx
etag: W/"634b2658-15fd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 min.js Show response
opynew.com/wp-content/themes/voice/assets/js/ 101 KB
28 KB 141ms
138ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/themes/voice/assets/js/min.js?ver=2.9.6
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6bd06b3efc8b2681dac307a629ee2c312c38632e5837bf8553582ff404b8e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:57 GMT
server: nginx
etag: W/"634b2655-1926d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 main.js Show response
opynew.com/wp-content/plugins/meks-easy-social-share/assets/js/ 551 B
515 B 145ms
143ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.9
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-227"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 js.cookie.min.js Show response
opynew.com/wp-content/plugins/wp-review/public/js/ 2 KB
1 KB 149ms
147ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-69f"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 underscore.min.js Show response
opynew.com/wp-includes/js/ 18 KB
7 KB 158ms
156ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 03:43:58 GMT
server: nginx
etag: W/"6361e77e-4991"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 wp-util.min.js Show response
opynew.com/wp-includes/js/ 1 KB
937 B 159ms
157ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-includes/js/wp-util.min.js?ver=6.2
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 03:43:58 GMT
server: nginx
etag: W/"6361e77e-592"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 main.js Show response
opynew.com/wp-content/plugins/wp-review/public/js/ 3 KB
1 KB 163ms
161ms Script
application/javascript 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
last-modified: Sat, 15 Oct 2022 21:29:55 GMT
server: nginx
etag: W/"634b2653-bdb"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 impl.v16.8.0.js Show response
live.demand.supply/ 73 KB
24 KB 28ms
27ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.8.0.js
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GZ226FBHFZ67A1Z109CDN6D6
date: Mon, 01 May 2023 13:55:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 326468
cf-polished: origSize=75348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"b227a5bf63e1ce682553e3ba750fec27-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c0885a69dc23621-FRA

GET
H2 200 b3B5bmV3LmNvbS8= Show response
live.demand.supply/p4/v16-2-0/ 2 KB
972 B 183ms
182ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/b3B5bmV3LmNvbS8=
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67d1cf4277de761ebec832e4ba9ba61f98818c43f9c5c232d3c37ba98a23404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7c0885a69dc03621-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-243307127-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 12:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4782
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 01 May 2023 14:35:44 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
534 B 28ms
19ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=132&cs=c&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a7aa2e3830-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 182ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d55bcc80a53740ffc3f26d47d9a448be8bce9d5648cafa8279cde7b7dd5bf1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24872
x-xss-protection: 0
server: cafe
etag: 367 / 19478 / 31074164 / config-hash: 12005314168027560727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:26 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
605 B 35ms
27ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GWKYEV7H0VETP375MKCGQ0BC
date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 511260
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c0885a7aa313830-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v24/ 12 KB
13 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CRoboto+Slab%3A400&subset=latin%2Clatin-ext&ver=2.9.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opynew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:15:05 GMT
x-content-type-options: nosniff
age: 164421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12608
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:15:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:15:05 GMT

GET
H2 200 fontawesome-webfont.woff2
opynew.com/wp-content/themes/voice/assets/css/fonts/ 75 KB
76 KB 226ms
225ms Font
font/woff2 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://opynew.com/wp-content/themes/voice/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: opynew.com
URL: https://opynew.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://opynew.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.6
Origin: https://opynew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:57 GMT
server: nginx
etag: "634b2655-12d68"
x-proxy-cache-info: DT:1
content-type: font/woff2
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 77160
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 142ms
53ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%7CRoboto+Slab%3A400&subset=latin%2Clatin-ext&ver=2.9.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opynew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:37:04 GMT
x-content-type-options: nosniff
age: 145102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 21:37:04 GMT

GET
H2 200 1664822487_Credit-Suisse-in-market-spotlight-despite-efforts-to-calm-concerns-768x402.jpg
opynew.com/wp-content/uploads/2022/10/ 72 KB
72 KB 207ms
202ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/1664822487_Credit-Suisse-in-market-spotlight-despite-efforts-to-calm-concerns-768x402.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c18e0135a17c55bc5127841afebf64d74c1919a0e18274d56f8992d29e51fc49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:53 GMT
server: nginx
etag: "634b2651-12015"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 73749
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 Married-At-First-Sight-Gemma-from-the-UK-reveals-she-241x300.jpg
opynew.com/wp-content/uploads/2022/10/ 21 KB
21 KB 207ms
203ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/Married-At-First-Sight-Gemma-from-the-UK-reveals-she-241x300.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0628be3c63ce07fbc1934d8acf201c0f561236adc92573d634ea9040c4dfe1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-542b"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 21547
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 1664826564_Betting-tips-Our-501-shoot-for-Leicester-against-Nottingham-Forest-768x484.jpg
opynew.com/wp-content/uploads/2022/10/ 62 KB
62 KB 207ms
203ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/1664826564_Betting-tips-Our-501-shoot-for-Leicester-against-Nottingham-Forest-768x484.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c9a8511f8bdcf0e36428d8e1e900367d68a8b71e523ddb80c6ea7d0d8658178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-f6c4"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 63172
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 India-loses-contact-with-Mars-orbiter-reports-768x432.png
opynew.com/wp-content/uploads/2022/10/ 309 KB
309 KB 207ms
203ms Image
image/png 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/India-loses-contact-with-Mars-orbiter-reports-768x432.png
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4e0a65db63f12acbe27e01691ceac4e3a1cf2ce1304a31e0859b157d4ed3adf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-4d2c6"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 316102
expires: Tue, 30 Apr 2024 13:55:26 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
497 B 23ms
20ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GY0MY53SS0PXEXJ238T6F6Z7
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a7ca793830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
496 B 18ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GY0MY53SS0PXEXJ238T6F6Z7
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a7da7b3830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
497 B 30ms
28ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GY0MY53SS0PXEXJ238T6F6Z7
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a7da7c3830-FRA

GET
H3 200 opynew.com_fluid_lb+sq_1 Show response
live.demand.supply/cp/ 29 B
391 B 152ms
151ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/opynew.com_fluid_lb+sq_1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 055e181cbdf898b237a1214b88dd5cb1d36c85fcb3e3e5edb05a3ae89db4e15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c0885a7da833830-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 opynew.com_fluid_lb+sq_2 Show response
live.demand.supply/cp/ 29 B
391 B 157ms
156ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/opynew.com_fluid_lb+sq_2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae865333e046cf67715bd08780dd130d49ef683857cd05872d49c0dc62906b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c0885a7da843830-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 opynew.com_fluid_lb+sq_3 Show response
live.demand.supply/cp/ 29 B
390 B 165ms
165ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/opynew.com_fluid_lb+sq_3?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01abcb9be8ac3c4ace08e90fa1ee6c277a097fd2e70eeaa74020bd4b30f8a08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c0885a7da8a3830-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 opynew.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
393 B 148ms
147ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/opynew.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c17b063d4397b4e382486ef7594cd87da2d5b0c67069adeb6ff5b2f21269eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c0885a7ea8f3830-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 48ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2064902574&t=pageview&_s=1&dl=https%3A%2F%2Fopynew.com%2F&ul=en-us&de=UTF-8&dt=opy%20new&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=224919867&gjid=120422883&cid=1196177227.1682949326&tid=UA-243307127-1&_gid=1809119666.1682949326&_r=1&gtm=457e34q0&jsscut=1&z=1941813484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://opynew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://opynew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_1&pdc=0.9297091484069825&ucv=null&e=tcp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a8dbd63830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_auto_728x90_sticky_display_bottom&pdc=0.28683035373687743&ucv=null&e=tcp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a8ebed3830-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 29ms
29ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GTP882AJGXJCM3VNH3JF57QN
date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2534805
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7c0885a8ea443684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
500 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=opynew.com_auto_728x90_sticky_display_bottom&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GY0MY53SS0PXEXJ238T6F6Z7
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a8ebf13830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_2&pdc=0.6773658752441407&ucv=null&e=tcp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a8fbf63830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 22ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_3&pdc=0.5990030765533447&ucv=null&e=tcp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a8fbfc3830-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 399 KB
124 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 11:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8816
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126484
x-xss-protection: 0
server: cafe
etag: 2690975471868618065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 30 Apr 2024 11:28:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 551 B
307 B 153ms
73ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a15fe1cf3f6246d592f991e0f151dfa77207c2073dfc68d5c51805734776f54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282
x-xss-protection: 0
expires: Mon, 01 May 2023 13:55:26 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
495 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GY0MY53SS0PXEXJ238T6F6Z7
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e1e10e585f44be01f5e8ee918ed4a22e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885a98cf03830-FRA

GET
H2 200 1664822487_Credit-Suisse-in-market-spotlight-despite-efforts-to-calm-concerns.jpg
opynew.com/wp-content/uploads/2022/10/ 150 KB
150 KB 125ms
124ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/1664822487_Credit-Suisse-in-market-spotlight-despite-efforts-to-calm-concerns.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8c6e8c66875a052ce83da8d5b03fa248f79f0c9a5f13178288d1202ced277187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-25830"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 153648
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 1664826564_Betting-tips-Our-501-shoot-for-Leicester-against-Nottingham-Forest.jpg
opynew.com/wp-content/uploads/2022/10/ 71 KB
72 KB 133ms
132ms Image
image/jpeg 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/1664826564_Betting-tips-Our-501-shoot-for-Leicester-against-Nottingham-Forest.jpg
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9444e35d1319038584ab0722317aa5776ae86bd4402838ca0f83a987ad600c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:54 GMT
server: nginx
etag: "634b2652-11d6a"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 73066
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 India-loses-contact-with-Mars-orbiter-reports.png
opynew.com/wp-content/uploads/2022/10/ 589 KB
589 KB 142ms
142ms Image
image/png 35.209.139.20
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opynew.com/wp-content/uploads/2022/10/India-loses-contact-with-Mars-orbiter-reports.png
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a74e607c0f749996339baf7096218cca4e0c6ee8548b8039eeb2fcdffff31c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
last-modified: Sat, 15 Oct 2022 21:29:53 GMT
server: nginx
etag: "634b2651-9323f"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 602687
expires: Tue, 30 Apr 2024 13:55:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 141ms
47ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 133ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
956 B 215ms
214ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=3502799261879249&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C3f2cf21b-d062-4727-8e38-c8b28e0412a1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1701587732&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D18%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682949326485&lmt=1682949326&dlt=1682949325608&idt=818&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78e97e39c373cb6cfe35a208fccb48ad48db0fd91acae6421f91225cbbf02fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
7 KB 403ms
401ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=1280030418452850&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C7b1ee86f-01db-4690-a58a-19954522fc50&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=585167501&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D65&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682949326495&lmt=1682949326&dlt=1682949325608&idt=818&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd365685b1461716e9cb994dfe6230ff54d593434ebcd67f6d963f2616b3753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7130
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 360ms
359ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=3884255316980020&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2Cefafe8bf-152a-4680-9eaa-1f76a05797d2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=4038627127&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.37%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682949326503&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=422&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11b283542b0664f7e46894548d5f62f72c4c7320e6295a2298f9845c301f3a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10269
x-xss-protection: 0
google-lineitem-id: 5563951840
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 334ms
333ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=1845960294332081&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C98f51c02-84d0-4a7a-800e-19959fcad68b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=3089611832&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.43%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682949326506&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad9103b41c568c45cd4c0b5cf087badcfda64ab664cd8f5f5e8c42d762f3a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10235
x-xss-protection: 0
google-lineitem-id: 5562803673
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 348ms
347ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=4390032265036857&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C12dd121f-c6fe-4b9d-bf12-7688cdb35848&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=2039666119&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.31%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682949326509&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3158d7a9077d2b28550e55a31ec0838ab5118efb759d05d4b3f34eda88e1f0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10292
x-xss-protection: 0
google-lineitem-id: 5564064377
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C04 6 KB
3 KB 180ms
45ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:26 GMT
expires: Tue, 30 Apr 2024 13:55:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/ 33 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl_page_level_ads.js?cb=31074164

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:37:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58650
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11984
x-xss-protection: 0
server: cafe
etag: 12136767000467347226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 29 Apr 2024 21:37:56 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 170ms
91ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7678b337af6b83f699c4f7a6bf18adf4645e997ff3a107830266a3c93ff06333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_auto_interstitial_desktop&e=nai&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:26 GMT
cf-cache-status: HIT
age: 763043
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885ac186f3830-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
733 B 311ms
310ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=711462311786757&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2Cef66918a-9964-438c-8f7f-a70a1195a79a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=1161655607&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D7%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie=ID%3Dfbd227e2be0979c4-223b6ec979dc00b4%3AT%3D1682949326%3AS%3DALNI_MbH2ncj1_cCIIEAjPax-Q5eIGXUnQ&gpic=UID%3D00000c0e1c6e9fdd%3AT%3D1682949326%3ART%3D1682949326%3AS%3DALNI_MY1G5nqZvHj0MxD-FAhHb3CZw-3fA&abxe=1&dt=1682949326737&lmt=1682949326&dlt=1682949325608&idt=818&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce16f40ccdd051e2a8a3ede16fdb751ba491dffd696cb1a8efad56eccc91745a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 702
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 69ms
7ms Script
text/javascript 2600:9000:2250:3c00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3c00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 02:50:39 GMT
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 39888
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: tsm0PpP1gQ5hqDuoVLYxYQxD8BjPdjah-eM3hej7tsVT_bhe7WDEMA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 220ms
22ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 02 May 2023 13:55:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 40ms
9ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 00:30:12 GMT
content-encoding: gzip
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 48315
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: mDhVtjOlOlwuju1wJmjvJrQjO5v6SsMiWn5wwUA803kjzbwJK2GkZg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 47ms
19ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: QMTF7Y0EQJWTVWC1
age: 1426
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7c0885ad1fec2bbe-FRA
x-amz-id-2: SeWCqnl1Kp+QuGy2EIyalJ8BkaauZ+FQHDvyvpN+WMxuOXaApqhXsz69QeQqfnfMQbX59aUJB90=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 35ms
10ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 May 2023 13:55:26 GMT
x-content-type-options: nosniff
age: 3318
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230087-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 57ms
15ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:50:25 GMT
via: 1.1 google
age: 301
x-guploader-uploadid: ADPycdtergDAbVb_lM6ZwTy3chGvsGOPYdvsBI-XRFcDIUiboDVraFvb5BdnuhohnGIzj-n-rH06ay9ZCwFVRe0lJglcXdkdLHen
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Mon, 01 May 2023 14:50:25 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame B659 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B659 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 277ms
276ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=2952792030057177&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C2a98b9dc-6f71-4d98-a459-2569e6df4b3e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=7&adks=3166157462&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie=ID%3D4db876a118fb409f%3AT%3D1682949326%3AS%3DALNI_MZPu07W6VD0lY1QFI1I0ZfA1YLJTA&gpic=UID%3D00000c0e1b368fd9%3AT%3D1682949326%3ART%3D1682949326%3AS%3DALNI_Ma9G_dZAya33K7b9HKhzIbssRxxWQ&abxe=1&dt=1682949326887&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYi5DjvP0wSABSAghkEhsKDGlkNS1zeW5jLmNvbRiLkOO8_TBIAFICCGQSGQoKcHViY2lkLm9yZxiLkOO8_TBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yi5DjvP0wSABSAghkEhcKCHJ0YmhvdXNlGIuQ47z9MEgAUgIIZBIZCgp1aWRhcGkuY29tGIuQ47z9MEgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7161c6b30f7b904d06c2071b74d4deb46611508434d595c7d4be5702bd2a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9505
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame FEF3 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FEF3 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 400ms
400ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=1498009850554749&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C29daf87b-28cf-42ec-bb1f-b6b41796ba8c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=8&adks=2816929870&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie=ID%3D9ebe71f63be3a33e%3AT%3D1682949326%3AS%3DALNI_MZOGHigx8Dzl7FtU64MBYk9bIsUhw&gpic=UID%3D00000c0e1be5e482%3AT%3D1682949326%3ART%3D1682949326%3AS%3DALNI_MZVz2qmO8NNj4tH8T-RloNYmz3_rQ&abxe=1&dt=1682949326928&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYi5DjvP0wSABSAghkEhsKDGlkNS1zeW5jLmNvbRiLkOO8_TBIAFICCGQSGQoKcHViY2lkLm9yZxiLkOO8_TBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yi5DjvP0wSABSAghkEhcKCHJ0YmhvdXNlGIuQ47z9MEgAUgIIZBIZCgp1aWRhcGkuY29tGIuQ47z9MEgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d5454ca34245a402f596c7573b6f0395c2bec16dde0adc894b84846bb0fc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9601
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 38F7 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38F7 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 275 KB
22 KB 431ms
430ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=3349361008604643&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2Cee179fd2-fa90-41d0-89fa-2cdd8d69e5d2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=9&adks=873529944&sfv=1-0-40&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie=ID%3D1e25599074d55d4b%3AT%3D1682949326%3AS%3DALNI_MbgW5WWruzjX7E15mKkA6nmb016tQ&gpic=UID%3D00000c0e1bfe0381%3AT%3D1682949326%3ART%3D1682949326%3AS%3DALNI_MbplxfxmuXtqz02pAykgUsrW2Ffvw&abxe=1&dt=1682949326973&lmt=1682949326&dlt=1682949325608&idt=818&adxs=576&adys=422&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=4&ohw=1600&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYi5DjvP0wSABSAghkEhsKDGlkNS1zeW5jLmNvbRiLkOO8_TBIAFICCGQSGQoKcHViY2lkLm9yZxiLkOO8_TBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yi5DjvP0wSABSAghkEhcKCHJ0YmhvdXNlGIuQ47z9MEgAUgIIZBIZCgp1aWRhcGkuY29tGIuQ47z9MEgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b947f3a450edac89a6d7c2893f1a52efefd70affe48c6ebec5a46eda30da9926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22261
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 166ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H2 200 container.html Show response
faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52B6 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:26 GMT
expires: Tue, 30 Apr 2024 13:55:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 26ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=opynew.com_auto_728x90_sticky_display_bottom&sy=01579ac9-7606-4cac-a209-dd4db3498426&ts=65&cd=2&pud=132&pus=c&pue=1091&pid=31&pis=c&pie=1122&ppd=184&pps=a&ppe=1276&pcl=1562&ttc=1294&tti=2236&ttif=0&lca=1276&lcak=ppe&lct=1276&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=opynew.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=3d169bef-be4e-4a04-990a-5d2e6c68d8bf&e=lm&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885adca9b3830-FRA

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 58ms
9ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://opynew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://opynew.com
date: Mon, 01 May 2023 13:55:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 30ms
29ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 08f42180d35a2ee7f3f2cc92b7c03c592c5fc4a18ac0cd483dce0c9dc5626767

Request headers

Referer: https://opynew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: c60bb739a68b14b07528235edb2319f1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 94ms
28ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://opynew.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://opynew.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 01 May 2023 13:55:27 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 1977d78c1f14345fe4ef4756ec69e0e3

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 116ms
32ms XHR
application/json 34.249.220.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.220.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-220-178.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 83f55847e698f7dc6cc3442dc82bf6fd211f579fa9fea0c3bd3060505366f414

Request headers

Referer: https://opynew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://opynew.com
cache-control: no-cache
x-server: 10.45.6.218
access-control-allow-credentials: true
content-length: 60
expires: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_auto_interstitial_desktop&e=nai&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885ae2b083830-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=opynew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
730 B 177ms
176ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2919719704227315&correlator=1969402216805037&eid=31074164%2C31074223&output=ldjh&gdfp_req=1&vrg=202304250201&ptt=17&impl=fif&iu_parts=44890869%3A22830837293%2Cca-pub-3831894559014614-tag%2C8ae91400-00c3-468d-bcf7-045ce5787dc4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&adks=802897824&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D3d169bef-be4e-4a04-990a-5d2e6c68d8bf%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D65&eri=1&sc=1&cookie=ID%3D66c7fdac24f77265%3AT%3D1682949326%3AS%3DALNI_MbGQWERd4us2LG7q_gbZJKoqZSHaA&gpic=UID%3D00000c0e1b972206%3AT%3D1682949326%3ART%3D1682949326%3AS%3DALNI_MYDs4l3sbt7HeGFCXXD-vE8rnvSzA&abxe=1&dt=1682949327075&lmt=1682949327&dlt=1682949325608&idt=818&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fopynew.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1196177227.1682949326&ga_sid=1682949326&ga_hid=2064902574&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYi5DjvP0wSABSAghkEhkKCnB1YmNpZC5vcmcYoJHjvP0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGIuQ47z9MEgAUgIIZBIXCghydGJob3VzZRiLkOO8_TBIAFICCGQSGQoKdWlkYXBpLmNvbRiLkOO8_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGIuQ47z9MEgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5776558743e4fff60d20088c449ebafd7534ca7397a791a0e412baa60b9c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 701
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://opynew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6D5C 624 B
577 B 162ms
75ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARja8_zbATAB&v=APEucNWHW4ZRsVwuiZMFlw21pNWyGjWljiLuFY37NnWJjd42E3diHhgUALSW3lPYnKwq_0enLo9kOcUuGNSC3IUFVNBuAb3_Egnp5jDaUXWsfMEAY5STt9YbCcuSw70IiQvDlNJXeiH1v4yndrF2_FcX0z7xWQlcuIFDd14pniw1b1o-j1LSRpcMp8T_8MmSQ09Gs8lzUfkyjuJXcYMY6rtT7uovKB6WZw

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 52B6 78 KB
27 KB 200ms
119ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52B6 42 B
63 B 153ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bu6rZwnDwA9B1ulPK2ICqHM195GvFlGYbGwM98rebrz7BRkuq2rF2wKMBfDRV7YR0O2X6Rw22gSKGKOZOhz8JVyd9vIwutlovNrq6i80_c9OGh_FY

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52B6 0
20 B 154ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1926428374336437216&x=1&ct=76

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 52B6 3 KB
1 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 19:52:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 52B6 19 KB
8 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:05:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52B6 158 KB
49 KB 575ms
572ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D634 15 KB
6 KB 56ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=opynew.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 342823
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C68 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 10:13:00 GMT
expires: Mon, 29 Apr 2024 10:13:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1B1 783 B
1 KB 139ms
47ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8edc0f9b8949a6b0b50a0eeab6e87e64c18741f5a13b1aa963ac144d8549f9db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-odJV5oh2lQ6PcothKyjPdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-odJV5oh2lQ6PcothKyjPdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
expires: Mon, 01 May 2023 13:55:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC9F 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:26 GMT
expires: Tue, 30 Apr 2024 13:55:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 13ms
12ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_1&pn=2&sn=3&pc=0.9297091484069825&ds=true&e=wdp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885aeec183830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=opynew.com_fluid_lb%2Bsq_1&sy=01579ac9-7606-4cac-a209-dd4db3498426&ts=65&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=opynew.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=3d169bef-be4e-4a04-990a-5d2e6c68d8bf&e=lm&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885aeec1e3830-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame D634
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=opynew.com&sn=ChromeSyncframe&so=0&topUrl=opynew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=1_-163xYK0lVdVozaFZ3OXhlUWpURXhMOXRTajkvbURjTjUrbFZ6ak1NVTg0TkluRFhxQjllS205R0UvWGVVNTAzUEtLbkQ5TjlKcWhLRDJDQVpRVlJZbVZkalR4dVBlZW1CNmNURk5TcWFDUkxpaXhGbC91Z2NtVUJKdV...

433 B
654 B

82ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1_-163xYK0lVdVozaFZ3OXhlUWpURXhMOXRTajkvbURjTjUrbFZ6ak1NVTg0TkluRFhxQjllS205R0UvWGVVNTAzUEtLbkQ5TjlKcWhLRDJDQVpRVlJZbVZkalR4dVBlZW1CNmNURk5TcWFDUkxpaXhGbC91Z2NtVUJKdVlEUzJSeTVoaHB0SHZBMnhTeFVyeUd5Q2l4d0QxL1pNbTEySkRpWUZEbEpKbWxpRG1sZWFwWkdNQ1Q0bFNKQ1Bvd0NyQzhJZmxSYTVLaFFJUUQzd3RJMzhxMk5qYzdvTnVJVURxMlpOYUVGOUpFVVgraThBYXB6OWUxcEI5RjUxRFhvY0dOQitzQlNOQU5rcmNsdDZvRU1oU3o1TDNLZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

01aa7aae1d7de16947c580bc96bbc99036601e56848a86ba742f773a847c208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1467472
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1_-163xYK0lVdVozaFZ3OXhlUWpURXhMOXRTajkvbURjTjUrbFZ6ak1NVTg0TkluRFhxQjllS205R0UvWGVVNTAzUEtLbkQ5TjlKcWhLRDJDQVpRVlJZbVZkalR4dVBlZW1CNmNURk5TcWFDUkxpaXhGbC91Z2NtVUJKdVlEUzJSeTVoaHB0SHZBMnhTeFVyeUd5Q2l4d0QxL1pNbTEySkRpWUZEbEpKbWxpRG1sZWFwWkdNQ1Q0bFNKQ1Bvd0NyQzhJZmxSYTVLaFFJUUQzd3RJMzhxMk5qYzdvTnVJVURxMlpOYUVGOUpFVVgraThBYXB6OWUxcEI5RjUxRFhvY0dOQitzQlNOQU5rcmNsdDZvRU1oU3o1TDNLZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 365559
content-length: 0
expires: 0

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C68 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0A38 624 B
285 B 81ms
76ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNVqZ9Foy_Zs7WHnnvATknfys9gbIGc6GLT3xxfkzCyJNEOdUxCopHAQK9JR3v4xu6wGBPPf3ffYXzdxpiWNSrQ909oqVNmVcsea1lyFFaa6PVZBb17YlbGqv8_LMmnfJGMUfra2UHDR1WPVB7esExQDsBKoeA3u3SR-pRpZ-zblxse_-hqmATsXsGAQQU7pafEo6gyyYT_UHr_mQ3vK8kvx67dJJA

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FF90 78 KB
27 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF90 3 KB
1 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame FF90 19 KB
8 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:05:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FF90 0
0 49ms
45ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRcMrI-oyHC9CeJh1dlLRMXrXfCm56jV2mZ2cCE6FahbjcgsalLNJ-gwg8GBB04NGRWGWQWZzSe18hsB-INzhqobCIBQ
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF90 158 KB
48 KB 476ms
472ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 42 B
63 B 74ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A128GnR6z5oLJ3YSIe86WjfqZuwQ95VC8c2fsZ3gdJ4ta-VgjqkJ5ZgV8pVnRWq6j7JYBU6ProM0l4wyhwrQkuVL5P7jxtwSVX3dSgFjFrkt9d3Ts

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 0
20 B 74ms
71ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6409841365264189557&x=1&ct=76

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D5C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDv7t_RJuHODbOGiGlTQ1hI&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDv7t_RJuHODbOGiGlTQ1hI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARja8_zbATAB&v=APEucNWHW4ZRsVwuiZMFlw21pNWyGjWljiLuFY37NnWJjd42E3diHhgUALSW3lPYnKwq_0enLo9kOcUuGNSC3IUFVNBuAb3_Egnp5jDaUXWsfMEAY5STt9YbCcuSw70IiQvDlNJXeiH1v4yndrF2_FcX0z7xWQlcuIFDd14pniw1b1o-j1LSRpcMp8T_8MmSQ09Gs8lzUfkyjuJXcYMY6rtT7uovKB6WZw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDv7t_RJuHODbOGiGlTQ1hI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6D5C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

43 B
632 B

20ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARja8_zbATAB&v=APEucNWHW4ZRsVwuiZMFlw21pNWyGjWljiLuFY37NnWJjd42E3diHhgUALSW3lPYnKwq_0enLo9kOcUuGNSC3IUFVNBuAb3_Egnp5jDaUXWsfMEAY5STt9YbCcuSw70IiQvDlNJXeiH1v4yndrF2_FcX0z7xWQlcuIFDd14pniw1b1o-j1LSRpcMp8T_8MmSQ09Gs8lzUfkyjuJXcYMY6rtT7uovKB6WZw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6D5C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELFwHtxzGk_CCD2J5BVYEYU&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELFwHtxzGk_CCD2J5BVYEYU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARja8_zbATAB&v=APEucNWHW4ZRsVwuiZMFlw21pNWyGjWljiLuFY37NnWJjd42E3diHhgUALSW3lPYnKwq_0enLo9kOcUuGNSC3IUFVNBuAb3_Egnp5jDaUXWsfMEAY5STt9YbCcuSw70IiQvDlNJXeiH1v4yndrF2_FcX0z7xWQlcuIFDd14pniw1b1o-j1LSRpcMp8T_8MmSQ09Gs8lzUfkyjuJXcYMY6rtT7uovKB6WZw

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
AN-X-Request-Uuid: 558ebc3e-9446-4af4-a399-2ff54237f87d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELFwHtxzGk_CCD2J5BVYEYU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6D5C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 01 May 2023 13:55:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b57a4487-ef56-48bf-aafb-4651de0bedef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_auto_interstitial_desktop&e=nai&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885af7cf43830-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52B6 0
20 B 81ms
81ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9023601050466&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52B6 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9023601050466&version=m202301230201&ct=76&x=1&cor=1926428374336437200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 52B6 88 KB
36 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DREp2c4y99B4T-KsBI6tlgkiM8HgDWGSLK-6r4SF7w6UJygiulWXUhRkhdMnfqclgpOfSFh-1HTgW_-v2WvdUUZyQSdgVqWKI1QyVzpVxUDGjNrZI&cry=1&dbm_d=AKAmf-CL__gUWlNtXpArlgA03nrHOXR8DFyLU23jcoh7InVaN_EjhOCbEZuDlal5hdc3UXeemeIRzfHLbn6WubfxePumuDSD6uSjfaeeW6aqF4rkRN_poth2tHIKDth4zbBVqSLAKibvDef4HNVkDGBN96bkyNswAnOB3arvtqUBF4qZoUZ6YxWOtULgOXABRQ4ueYErx8jSM0mVZIjFFxKVZwH_LGhktTooNEG8nYZ39RHMak4U1Pm-jtFT2IJ1cyRERj7XXtnCLdKv8dTbSUC_3-bjGQ0oSawO1nTgKnDmCdscMQ8IdDhTySQ2yIgcsiz9xg1MGCGuZeCjnunF1hzqwdoDjuMR0f09QzfuXODrZSPyZe_ozKpBS5pqHzDdn4jAI0LMc-vVeLLU0CTr-oBNfTlXjORfT55435aI3pc5LdpokfPEH_wouhGtfXC5_DQswJtN40l2wtKdPSHsYv_FM7PD3o7xssAYXDH_Rc7ulhcrZc51De7GSFIydqScjI4oiMPuhx4hKTENGIgSdAEp1Qbj3n0xobfswkpYoHBa3dj_WJYmJbXa3aqfuK81LXid4HsaHJDXL_AKHn9hIvnBrMJ1N3AMf51Ovq25sdWe8SwDcfv7moDsqLuE0GFGs3cDu63UGuNAvihjJcG_9A4iga_Y0nEB-_rvxG974rIwlFtx-qvOJaUR8hnNMREfjIC3P4qHV12Uh0xdaAL49dc2J1vOATHPy6em-UgOddFDH_Q9XSLU_BIQ0-Qt9ruuus3h8MhDMppoRmH1lZS_gQlT57MZor82axl4QvV-VZqRp3boPv9pbl6yxzPOpT6fmf5np-JXUzAXou_CZO4yIadMjfV2BNypfPX-XDDEtjtnWOBkSNA42y_963b9j-JgNstAMG6wANbm_URlmI_BLWU1G68SaOiq55aAt7XFVBrDYBHAiMz5gozmPVwt1t4bT8WILk_YAItgXzG5lM8ExJNM9XAy9Dfe3wr7jvzylIjAdLM7fRQfiJ5JqTyshAF1PTYhlq7oHIXUKMC1sYeKh5tT-i8aqNHdsma_03Yjo7Dpp5hJydAka45ahThhCWkN3YP2DZgH62EV3oVSfsgvB83T5sllW1IqAoQuzItXTj0N7Dfl1-IZcxJcD3xfH6srU6bUXbL1V866_4ZkyCHVsL4NP8OUe3NjxRvQc_z7zRLroYAUypV6PNgPCzkjGWkkM9vhOj1YMfSfGiKHukTSWG1Z8I0BONBfRXO1N9U-MNPP13BW51Hjx9OHuZFOJqXXerJaytfDDJrXfjGaZEZLXhQpyHjVb2CKxU_ZuueO6AAQpqN-YwdZlFCuRFZ3xlw0PZBGS3-hdkC9bSmXK33ZiZLYX7Z2OzPeth3-Xq94WeimVqnD3zLnXeDctp1QBNBCq4mBRL1MEcZkuVbLywcYqMTbSD8ygObXJ2teCnQ3AZcx2eYcESIE5ZdzYuoWm0za0Voyc9ZWS_rIRiK8kfWSLc6O3oFk0_SBM8bojpbHIUX_s-903FQWrHmUWZ1bH2q9hJh1C9qN3CyT64aK3QWrCVk2xJk_DqeFa3b8oWLTWMUvaCkYbs7qYMjuHHLEYip3QKp_jlv4KLjG_u80NxEEv4ye5ivKllC2kPSZpRd90GOEEZ9cNLzlAuwou2f-KQeVS_jJ9ktu810cHV7oVHoCPv_OEKiX7DmG98FLY0jWpxKnnH8A_QhmvEbAd-0LO5Bf995PuF8DPI_HhdRDWXGRzkSxi8KQmxKl5V4gsKeFuVs5GZugTqLkQYrqEvv84HjRQDzuya5iqZTH4nFKICAtiJALnPCC8DDTlHFfPe-CKK4g0nmlM8lE1jhtgeRo90E8ZWUkET66DR2I9G8aKNW5wmGeTwoJHZ9Agn-ltmLTfkQYvzFA-OZ6bN4QVYmB4uyQfNKAHRsEfNmEBaJuIdbHnW35his-Jb3ViDstKfeN6dRyJ1EzIaxhojq6L8HOVJ1tc1DTZM4fNt64eq7A4VuCUMOUGdMg7ewrsjZa8WQPP0aTzk76YHQ40t4P7P_NMkhx6NUMurWeT40OcplpI7HPfwQsjEt1arQytdFAi1UmtVcjuespvOpxLK28QSouR31Z7XJE-t0H4Q0NzFBwSr73v_cv_hz2ne7IODRpAXWIDiJBDAoBPNAEu-vTBLI9xUUweJgtOHT9SmxWPYfA3RHdNsByPowTWai8BtUcStygcU2DCcJQWxzSkgKyu8SY9ZI5G8WSwT0NlHn1i1SngIQKDqrKAb-3o7RLsD6kyLKIK_eTfcbyZpP1-yFSrvc3Ebx4e2krBHtsoSb_ukZm13EU3-cv9-6G3zsThs1Atq9G98IWrqzpDMdWL-2WHq2wJIrjOTudb4aiPs8wrBb64KV9g3-R-_U9Vb8dwVvBf9zZtqG-bKzTUWGrlsJrRq3-OYqdL5S-QAnzyRztN49O4iBX0hGTCJs1L-lXf6AzuCg6UeDNTtjR5SQUxEPZlnqTve9aszA6yJX0uZv01eHF-40nhp2Hs0QFoQkYxlB4bHMvMp9mxW6BiMMEhdcY4glOGx49X12rSCCFOfYQXsK9OumN-4wdYTMpHLNScy5p19OuxPXB8FQXmJnpqUthWP5U84RRXnHt2q8_V710Y5P9WYkO2XmZAg2pQ_ZGqgfwp2pSIhkNwRjJkwbHnwkQJbSJPQddJPkcggD7gvYQnqqig6PXLhT6nk533LvI7V89Vq1NlHgmbiSc-sYA1WGqvgrDYh-c-bemdnLZQMjQyfIX-loePk3QtqIpsT06wy588VVYO5kcOyjJ3VPDZHFBUcLQz914_ZOLT2dJUkGv81AR8DuEUfM3fBLLWAKccYWhgBZDDAyy0Vu-4gVZi76CnyqIMkLV80USP7NwTrfQfnSQTm_zaQ3QGLUAu2Rb4wr8al4bWrpt1pjnUwXhhvEWGm5CGgX_Wzowcz8bYvkqZzupYhoYQFVS7KIfCfPQ7C5un3_Dry7A6QU8GPB_mTL5koCUzIzrUc88pqx4tpfX9k4oo_56zDhyePaUMiD3aBf3vdBhdojUAkW74UPG3Gm4HpFipkTNRjCisMSaS9SJeUjJRY2fE7azXLvrikCgw6Wb74PiWll8CW6luXBRK1oQx0NabqMJw6e42Nd-3EUMmbKbtDmeqgf-mHs9FdDUy7D6Jaj_Ujt7fXPvZmJSbdo6aeywcOE_ldhj5ZYeLuglH4Y7BFmSA7zRANUR_UMtwDcKnKpYyOWv3MzTQ5DBRy1V2CMhfjQbxD-h3X8HsrnUwN12gRbvp6U74NT1fR8fO-W8scGbrJpX2GPpIXq1d5uh0lc9SVny3EnOIMRjLYdZNFIu_1QR0mU83LBeUAYjU6eMWc9Y2MUfm3qEY47R_LJ1CDNVqGY_LKeyh4J0GqDyjobWY4Fx6BONQ0vEKgN2ww&cid=CAQSSwBygQiDqmIp0oXBW1O25Zz86R-mVF2LjBpsDvNI8pnWf8tuwnl7G5PbBq0xdPoUUTRQWXLBlwtbI4abJ4Bs0CS5vNmxsD0NinPudBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=1926428374336437200&adk=356101037&idt=224&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c18d494d09288e196cfa6e5018d5cc3fdeccedad9687a48ddc2b2f0d59897bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 412C 6 KB
3 KB 40ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://opynew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:26 GMT
expires: Tue, 30 Apr 2024 13:55:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_2&pn=2&sn=3&pc=0.6773658752441407&ds=true&e=wdp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885b01d923830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 16ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=opynew.com_fluid_lb%2Bsq_2&sy=01579ac9-7606-4cac-a209-dd4db3498426&ts=65&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=opynew.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=3d169bef-be4e-4a04-990a-5d2e6c68d8bf&e=lm&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885b01d953830-FRA

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0A38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

43 B
766 B

17ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNVqZ9Foy_Zs7WHnnvATknfys9gbIGc6GLT3xxfkzCyJNEOdUxCopHAQK9JR3v4xu6wGBPPf3ffYXzdxpiWNSrQ909oqVNmVcsea1lyFFaa6PVZBb17YlbGqv8_LMmnfJGMUfra2UHDR1WPVB7esExQDsBKoeA3u3SR-pRpZ-zblxse_-hqmATsXsGAQQU7pafEo6gyyYT_UHr_mQ3vK8kvx67dJJA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0A38
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

43 B
632 B

20ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNVqZ9Foy_Zs7WHnnvATknfys9gbIGc6GLT3xxfkzCyJNEOdUxCopHAQK9JR3v4xu6wGBPPf3ffYXzdxpiWNSrQ909oqVNmVcsea1lyFFaa6PVZBb17YlbGqv8_LMmnfJGMUfra2UHDR1WPVB7esExQDsBKoeA3u3SR-pRpZ-zblxse_-hqmATsXsGAQQU7pafEo6gyyYT_UHr_mQ3vK8kvx67dJJA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0A38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

43 B
1 KB

29ms
21ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNVqZ9Foy_Zs7WHnnvATknfys9gbIGc6GLT3xxfkzCyJNEOdUxCopHAQK9JR3v4xu6wGBPPf3ffYXzdxpiWNSrQ909oqVNmVcsea1lyFFaa6PVZBb17YlbGqv8_LMmnfJGMUfra2UHDR1WPVB7esExQDsBKoeA3u3SR-pRpZ-zblxse_-hqmATsXsGAQQU7pafEo6gyyYT_UHr_mQ3vK8kvx67dJJA

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
AN-X-Request-Uuid: a8d38b7c-f3e0-4426-866c-6f9682bb1155
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0A38
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

170 B
232 B

49ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 01 May 2023 13:55:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9e57db0b-c42d-4bc3-99c8-68d58b150dab
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1B1 0
0 71ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250201&jk=2919719704227315&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=opynew.com_fluid_lb%2Bsq_3&pn=1&sn=2&pc=0.5990030765533447&ds=true&e=wdp&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885b09e343830-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 16ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.17&b=2&r=opynew.com_fluid_lb%2Bsq_3&sy=01579ac9-7606-4cac-a209-dd4db3498426&ts=65&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=opynew.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=3d169bef-be4e-4a04-990a-5d2e6c68d8bf&e=lm&dsReferer=b3B5bmV3LmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id: 01GXCX9T0YSMTDMAMD21BNCC31
date: Mon, 01 May 2023 13:55:27 GMT
cf-cache-status: HIT
age: 763044
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ffa3c010ef2a3b92b550195bbb4f7c47-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c0885b09e453830-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6335537575034&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6335537575034&version=m202301230201&ct=76&x=1&cor=6409841365264189000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FF90 82 KB
35 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeC0KoK5DsdmC7xddNcZ0jZSfCqz8pueL-u23Crb_e1va0v4QyWTUeatHuiSkHFaWEmDjhbjHr7v3TvH_ihub58bIJrg&cry=1&dbm_d=AKAmf-Dg4zGIk2EhiCgWJAgC4Dbunqcq7vSi2dUJ6GB2GyixkatqrJaE6VgYf_yWBHbyrZYRSK5TMJwuEAxJw0bEMzLaklimZap0pWQonjQzemR-MrVAZh4DCCDezIyyhdTLpgLbk7-qtb24pvNjufqaKQIdfS-U4-a-ZRaxtl0U2cfqpSsUAx6IarYMG9yVFmnGhuoYUQGjUAmr1JUi3UauQ0TSav9C6I5iFUPYZaLzZSh2KwzEb8IYxvxnK92dtrZMEjqmxFwa14nQ_Yg3sk_YMo44F8XwEYdr2ThBY_vj4ele2JNjZCeV3nOwC9ObTjCnhWFqBoyKL2Ky230SrgVxBDofwGzz3UObGk2k8fnGtI-lgwSM_wqZ2EYfOKkPOK4jz4BNkt_e0S0Il2SloBGFJzf1kgCksFGp-GoKNugRva9kJaOEuDdeUs4akJVZyOm23PjZ5DwSSgXqjKtz1d4eNWumNj4CgQntYw7IEFEBa8SaPwpbGInp7noh2OWgo8wxJ8lJCINKQapefq5ft-gQYUIkWl03YD2wfMIQUpK_AU5ysK33hM7BAYHGyuM8WbhlKQntC65WhK6ztMpQ07yAE7PjRHGnd-0rhxuSB-wF1InZuNXrInnEZpW5B8_1nrGa3O-UDMttRA1r0sCTW3fxlXDdg11gG47G1WgT5jXb1SQARLljGw9CLZDa1T_jKS7RghSiQ2q6ykvjvTFWbNmOfxLQrtiVhY7tSLVEOHYJMm4qJjnZdzR0IghCOMlItgKmGedK5qWgH-nAsVStrM0exHibtdWN_z4xL3lQiZeRd08WeakG5SK7Z8e977XHEdkUJFRTpN2ML8m3BkO_BisRddYecNDCUGYz9r1TYCRGJLBcVxEBqyqzky7Ilxc-vUPE47J7iW9Xn_B4gD1YtHA6uPugCaH4oB3Ckj8k8kTnuyxUnuZ3IUhVFz2dqczMXfPr7TtQ1hvaI3tDbcm72qwVM15LnnB_HuQvg4g73JG47jrLSl0ZsTvTLA18IkQB8BXc6SEIsLctcOpfwr2xr7nHVwRy1IAUfmI00LVSAm8qx5yzdK2mgBJ6uv2YjkPeUAC0yqOFRS661eAVs9phBVTUWQylGZx3ucCPTbPa6q_9qTaYIWH1RUj0-JnNMDRWbHJ3Zq00Hmq5iOzDzc560GKuvQS9fIdDNaDtGko9oQ5AHfJ2R92NIUlVf5MVKHVlonMLb4qKKv1QEJVIxKYUiGrJkuD2Rxp0vyW2eh0V4VZ6t-mZmG_NQAKxUlm4gVOZ3UVVU4_lL19GiXJXadCwP72hIxNnNGNf1BSUYPgB4in1ELk64t9J6MeNyqVLe0VuUcjXeAYlx7O3aHKzmP0d3g7122FLX0EK3pIjjHqt1Y22v7_pAFxzTYpacNFQkHaJlQvsodWwm1lsd2HkWikzeY_Tuw1fzcU1knJV7RnfpyJBNv3KMwSYvWtojho3tTyo_8Cqop_VpYNH2Xg2g_ol0sodVgdEGrzEHGGx0U5UBoOevVy703G8DhKsD5cVBcv-Kc0vCc5on0bEsUhRW75ty_66rT87cXAkGt5mKit6iRgXfyssqTx7Lb8fGbQIkWEOFPyJhd6b8cOeaZm5fjJoAvRJRyZUOZxo3062ol3hoyXg0Fu4E6uGUHPOhZU6TcrV_o5F_fswF_gOv1GHcHOj4GXR6XN3agfVhCiUUNxczdEz9Xf8zT93gZHS9GoHnqm2SJBJhVOK1ewL6UYE9uHmHflwsZIM1wF4avSNzfsZsO-7-YZGcPU34uWLx-sm0LzHs4e-jdChvKJBm5zcpWaHRSQR-HNarudceAg0z-A64gOuCSdWdq5BtwTxp60GAzVErCj9MMvQOcRKf-iFdW_bjud4ZV2l3TuqObG8Pz407FmAjFfraXSyyrLEooP_uEvbmn89Lr1aAqf_zBTYJIG3maMHuebBg4jR8KDCzU0DE_9gspdXrTTZwtCiJ19o4w083TCTOS1f7WliWKXje_vjm77QCc8HDwjgaV_A-MXd4U7QgZKRH8Lwg1YH7MjlHwf4p8hbtQfCLczbjvbQChuiuHsOIdxaVaIjtE59v3i0siYgKLMIFLvgscmmUvGz4WGplau939UrjyGn6vk1uOjgLw2rhGojW3wMM9pyeu18-l2l4E3gZO9C-KKIMDcaTCY2mnxNKHhDdMYIguu2w0DcTwq-mRC3XA-Qaoi3jsCd65qpGvA_Mj1EfPL__HYQTByOg1sDf-WbkdX3LmwcUSbWvHSAcc3Bg07_vrWTnBGjbWrzNkCKuhmVjMlBFNSZSTVkUrqYeHawEEZ4nu5e_Q_nxd5mr59UdUto0ZEEsORpFJbkZPF9z9xGNQo8N74gRvHJw5yDK-n2SeLMxCiGkL9nsu17mdsWud9g4PQhQAnybgUYf8-HAfLQUEGBOTN4KwULdb0Y1K6h1ob1TdkIL-ni-jbIFLp8A0tElz5cvGC22DOYW3sAhUh8HDOkWnikyYoj2rOwTD2CTJeugY6BTCeYW567C1XOXoKNyG3zo2O2T-rGE8E6m45VrzjSDjD-2_e_7qegUke47noAxxexrysnzujJplln8dLIL1ZrWTnhjiQqIM360CZmBb0sFWpyWjJ11odVkAL5nNGNE7NgdAt8VBF890TkJMgZ3IMgJDtpu7wMmYXkQkybiWIQMkusCEMovviPSDuRSueUeHiPaU1Idy8F9a3rby-Ec1qjmL97n7DmETfb0aDYfvWBYuUxuzIbS02gI1ANXbvDJMrzZ8HSrgSGOc2ASTxEVYVyUvoVPwiiCFjx74iQ4OffhBi8pyJPc2nuWlDTEKNFgqPfc0j2Z86GLNrJyFEQ3TpJ91Z16st0BFDu6zu5ugLSKKPXOPqWdUoYtt7VhergThBByaz54WJU103UkftabMq80IZcgK_7wNPruZKETP6y8TG6PL5xXJDgW6Ul_sLekxuQN2uPMLo9e0nsT7sMaD1S-xPbJghTlbH_llYizVzrf1zPxc-PucJjNyBaF9akp3gJVK_K4Bl_JafQRaj6f2H-nDbjmIadz4yDnoHmk2xuv16_RJXgterdnnwYFX0Zy9anY5qRJG_GIGwrMLI2G3r38Luw9K9KVOfvOeMhnzENLYXy_2CbqdtcH6sZ54tYr7XTlpqpeOMBbdpAV5V_UpznFhi3ppq4d4zFXjHcza-o3INCX8r6FZRECPMvFvX9-zy52tX51k6ojsWbDrm9Lq3Htzz5qa-ZxNfjD3yZiASsTshbRJGKVBLXeVG2SdWM-Vsfy79LHT9ouZ63eAHLu3DuC0qTXVLX6kW_75oBMHxB_NPpVcV8khUEtA-oiAHbuwvHlBAQaKzLVEqezAqOI-vcXBgzvsqZA2iPGMNW8JOmDzxg_mdbK33g_RQAqJW3tRP1GrI_-WGOGDSxtb2YZBfC1d2Ul4hyJMQLq_V0p9UBvDUMVlyFa6-MjhteHF8P-E9ukBSbqwoDb-rQkqracPpAZOBhGMWPVBvc9p5YCeOcHfWLd_7zFM-gBvSIRqLntFSXgyEZFPemflndwTGGa0zToJaSYq1XuIHMDuNga0opxo2MIb5jz7BJzJMeoKGA&cid=CAQSOwBygQiDsIDB-vzk25pIbUCDnpq6cpDp-aFy2Ty7gsylNS1Dm4YMewBAfmVnclLMce0wx-cw1wTmmVsrGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=6409841365264189000&adk=1726166460&idt=152&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2eb6549a06673d4f069718a0f7e211b7ee7251cc0e8fc4f6831f01b8cc9c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 16D9 624 B
242 B 81ms
76ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNXGRs6eyYmFWcPbw2nI_Ddd1aTBtWFzeqHVX5w-I5rmvpZ8u1WS0gfLVn10M4oKA5KZUK6Cu2WDezjUQkHJDGI_hGvLH8gf4n2UkvdJEr6UsiTIc1T9xLj6XeVlArWfq7Xf3nz3MFAr9cNqVsGUjAZnAyr6aqE64nIYoOwFKOqaIr_4vdr4cbnFD786-pI7dz5_9vKsa2zJnTB_uOKu92pRPYj44g

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2ED7 78 KB
27 KB 142ms
141ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2ED7 3 KB
1 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 19:52:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2ED7 19 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:05:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2ED7 0
0 51ms
47ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDeylKRjFG5DPje0azq0rRG8pICiAqels0T5DUOG-bUIVIN_5Zt0fi9mGUhnWZldStSLWHPjOGvGjJoyqNP9Y6y70uOA
Requested by: Host: opynew.com
URL: https://opynew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2ED7 158 KB
48 KB 216ms
212ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED7 42 B
63 B 76ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEh3lOQsTy4cOPc4QuVvxY85gFVd-GKBF-H5nKdH0tHt9rj2mggcPGVpubfxuoPmaHUIA7nAFpzQk9KwFQilYhdMMzp6jSNddForqAFx3ldWdC3PU

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED7 0
20 B 76ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14733723482967675645&x=1&ct=76

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 52B6 170 KB
59 KB 147ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Origin: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 13:53:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 52B6 11 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DREp2c4y99B4T-KsBI6tlgkiM8HgDWGSLK-6r4SF7w6UJygiulWXUhRkhdMnfqclgpOfSFh-1HTgW_-v2WvdUUZyQSdgVqWKI1QyVzpVxUDGjNrZI&cry=1&dbm_d=AKAmf-CL__gUWlNtXpArlgA03nrHOXR8DFyLU23jcoh7InVaN_EjhOCbEZuDlal5hdc3UXeemeIRzfHLbn6WubfxePumuDSD6uSjfaeeW6aqF4rkRN_poth2tHIKDth4zbBVqSLAKibvDef4HNVkDGBN96bkyNswAnOB3arvtqUBF4qZoUZ6YxWOtULgOXABRQ4ueYErx8jSM0mVZIjFFxKVZwH_LGhktTooNEG8nYZ39RHMak4U1Pm-jtFT2IJ1cyRERj7XXtnCLdKv8dTbSUC_3-bjGQ0oSawO1nTgKnDmCdscMQ8IdDhTySQ2yIgcsiz9xg1MGCGuZeCjnunF1hzqwdoDjuMR0f09QzfuXODrZSPyZe_ozKpBS5pqHzDdn4jAI0LMc-vVeLLU0CTr-oBNfTlXjORfT55435aI3pc5LdpokfPEH_wouhGtfXC5_DQswJtN40l2wtKdPSHsYv_FM7PD3o7xssAYXDH_Rc7ulhcrZc51De7GSFIydqScjI4oiMPuhx4hKTENGIgSdAEp1Qbj3n0xobfswkpYoHBa3dj_WJYmJbXa3aqfuK81LXid4HsaHJDXL_AKHn9hIvnBrMJ1N3AMf51Ovq25sdWe8SwDcfv7moDsqLuE0GFGs3cDu63UGuNAvihjJcG_9A4iga_Y0nEB-_rvxG974rIwlFtx-qvOJaUR8hnNMREfjIC3P4qHV12Uh0xdaAL49dc2J1vOATHPy6em-UgOddFDH_Q9XSLU_BIQ0-Qt9ruuus3h8MhDMppoRmH1lZS_gQlT57MZor82axl4QvV-VZqRp3boPv9pbl6yxzPOpT6fmf5np-JXUzAXou_CZO4yIadMjfV2BNypfPX-XDDEtjtnWOBkSNA42y_963b9j-JgNstAMG6wANbm_URlmI_BLWU1G68SaOiq55aAt7XFVBrDYBHAiMz5gozmPVwt1t4bT8WILk_YAItgXzG5lM8ExJNM9XAy9Dfe3wr7jvzylIjAdLM7fRQfiJ5JqTyshAF1PTYhlq7oHIXUKMC1sYeKh5tT-i8aqNHdsma_03Yjo7Dpp5hJydAka45ahThhCWkN3YP2DZgH62EV3oVSfsgvB83T5sllW1IqAoQuzItXTj0N7Dfl1-IZcxJcD3xfH6srU6bUXbL1V866_4ZkyCHVsL4NP8OUe3NjxRvQc_z7zRLroYAUypV6PNgPCzkjGWkkM9vhOj1YMfSfGiKHukTSWG1Z8I0BONBfRXO1N9U-MNPP13BW51Hjx9OHuZFOJqXXerJaytfDDJrXfjGaZEZLXhQpyHjVb2CKxU_ZuueO6AAQpqN-YwdZlFCuRFZ3xlw0PZBGS3-hdkC9bSmXK33ZiZLYX7Z2OzPeth3-Xq94WeimVqnD3zLnXeDctp1QBNBCq4mBRL1MEcZkuVbLywcYqMTbSD8ygObXJ2teCnQ3AZcx2eYcESIE5ZdzYuoWm0za0Voyc9ZWS_rIRiK8kfWSLc6O3oFk0_SBM8bojpbHIUX_s-903FQWrHmUWZ1bH2q9hJh1C9qN3CyT64aK3QWrCVk2xJk_DqeFa3b8oWLTWMUvaCkYbs7qYMjuHHLEYip3QKp_jlv4KLjG_u80NxEEv4ye5ivKllC2kPSZpRd90GOEEZ9cNLzlAuwou2f-KQeVS_jJ9ktu810cHV7oVHoCPv_OEKiX7DmG98FLY0jWpxKnnH8A_QhmvEbAd-0LO5Bf995PuF8DPI_HhdRDWXGRzkSxi8KQmxKl5V4gsKeFuVs5GZugTqLkQYrqEvv84HjRQDzuya5iqZTH4nFKICAtiJALnPCC8DDTlHFfPe-CKK4g0nmlM8lE1jhtgeRo90E8ZWUkET66DR2I9G8aKNW5wmGeTwoJHZ9Agn-ltmLTfkQYvzFA-OZ6bN4QVYmB4uyQfNKAHRsEfNmEBaJuIdbHnW35his-Jb3ViDstKfeN6dRyJ1EzIaxhojq6L8HOVJ1tc1DTZM4fNt64eq7A4VuCUMOUGdMg7ewrsjZa8WQPP0aTzk76YHQ40t4P7P_NMkhx6NUMurWeT40OcplpI7HPfwQsjEt1arQytdFAi1UmtVcjuespvOpxLK28QSouR31Z7XJE-t0H4Q0NzFBwSr73v_cv_hz2ne7IODRpAXWIDiJBDAoBPNAEu-vTBLI9xUUweJgtOHT9SmxWPYfA3RHdNsByPowTWai8BtUcStygcU2DCcJQWxzSkgKyu8SY9ZI5G8WSwT0NlHn1i1SngIQKDqrKAb-3o7RLsD6kyLKIK_eTfcbyZpP1-yFSrvc3Ebx4e2krBHtsoSb_ukZm13EU3-cv9-6G3zsThs1Atq9G98IWrqzpDMdWL-2WHq2wJIrjOTudb4aiPs8wrBb64KV9g3-R-_U9Vb8dwVvBf9zZtqG-bKzTUWGrlsJrRq3-OYqdL5S-QAnzyRztN49O4iBX0hGTCJs1L-lXf6AzuCg6UeDNTtjR5SQUxEPZlnqTve9aszA6yJX0uZv01eHF-40nhp2Hs0QFoQkYxlB4bHMvMp9mxW6BiMMEhdcY4glOGx49X12rSCCFOfYQXsK9OumN-4wdYTMpHLNScy5p19OuxPXB8FQXmJnpqUthWP5U84RRXnHt2q8_V710Y5P9WYkO2XmZAg2pQ_ZGqgfwp2pSIhkNwRjJkwbHnwkQJbSJPQddJPkcggD7gvYQnqqig6PXLhT6nk533LvI7V89Vq1NlHgmbiSc-sYA1WGqvgrDYh-c-bemdnLZQMjQyfIX-loePk3QtqIpsT06wy588VVYO5kcOyjJ3VPDZHFBUcLQz914_ZOLT2dJUkGv81AR8DuEUfM3fBLLWAKccYWhgBZDDAyy0Vu-4gVZi76CnyqIMkLV80USP7NwTrfQfnSQTm_zaQ3QGLUAu2Rb4wr8al4bWrpt1pjnUwXhhvEWGm5CGgX_Wzowcz8bYvkqZzupYhoYQFVS7KIfCfPQ7C5un3_Dry7A6QU8GPB_mTL5koCUzIzrUc88pqx4tpfX9k4oo_56zDhyePaUMiD3aBf3vdBhdojUAkW74UPG3Gm4HpFipkTNRjCisMSaS9SJeUjJRY2fE7azXLvrikCgw6Wb74PiWll8CW6luXBRK1oQx0NabqMJw6e42Nd-3EUMmbKbtDmeqgf-mHs9FdDUy7D6Jaj_Ujt7fXPvZmJSbdo6aeywcOE_ldhj5ZYeLuglH4Y7BFmSA7zRANUR_UMtwDcKnKpYyOWv3MzTQ5DBRy1V2CMhfjQbxD-h3X8HsrnUwN12gRbvp6U74NT1fR8fO-W8scGbrJpX2GPpIXq1d5uh0lc9SVny3EnOIMRjLYdZNFIu_1QR0mU83LBeUAYjU6eMWc9Y2MUfm3qEY47R_LJ1CDNVqGY_LKeyh4J0GqDyjobWY4Fx6BONQ0vEKgN2ww&cid=CAQSSwBygQiDqmIp0oXBW1O25Zz86R-mVF2LjBpsDvNI8pnWf8tuwnl7G5PbBq0xdPoUUTRQWXLBlwtbI4abJ4Bs0CS5vNmxsD0NinPudBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=1926428374336437200&adk=356101037&idt=224&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 52B6 28 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:21:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C68 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9FSZvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FF90 170 KB
59 KB 127ms
82ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Origin: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 13:53:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame FF90 11 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeC0KoK5DsdmC7xddNcZ0jZSfCqz8pueL-u23Crb_e1va0v4QyWTUeatHuiSkHFaWEmDjhbjHr7v3TvH_ihub58bIJrg&cry=1&dbm_d=AKAmf-Dg4zGIk2EhiCgWJAgC4Dbunqcq7vSi2dUJ6GB2GyixkatqrJaE6VgYf_yWBHbyrZYRSK5TMJwuEAxJw0bEMzLaklimZap0pWQonjQzemR-MrVAZh4DCCDezIyyhdTLpgLbk7-qtb24pvNjufqaKQIdfS-U4-a-ZRaxtl0U2cfqpSsUAx6IarYMG9yVFmnGhuoYUQGjUAmr1JUi3UauQ0TSav9C6I5iFUPYZaLzZSh2KwzEb8IYxvxnK92dtrZMEjqmxFwa14nQ_Yg3sk_YMo44F8XwEYdr2ThBY_vj4ele2JNjZCeV3nOwC9ObTjCnhWFqBoyKL2Ky230SrgVxBDofwGzz3UObGk2k8fnGtI-lgwSM_wqZ2EYfOKkPOK4jz4BNkt_e0S0Il2SloBGFJzf1kgCksFGp-GoKNugRva9kJaOEuDdeUs4akJVZyOm23PjZ5DwSSgXqjKtz1d4eNWumNj4CgQntYw7IEFEBa8SaPwpbGInp7noh2OWgo8wxJ8lJCINKQapefq5ft-gQYUIkWl03YD2wfMIQUpK_AU5ysK33hM7BAYHGyuM8WbhlKQntC65WhK6ztMpQ07yAE7PjRHGnd-0rhxuSB-wF1InZuNXrInnEZpW5B8_1nrGa3O-UDMttRA1r0sCTW3fxlXDdg11gG47G1WgT5jXb1SQARLljGw9CLZDa1T_jKS7RghSiQ2q6ykvjvTFWbNmOfxLQrtiVhY7tSLVEOHYJMm4qJjnZdzR0IghCOMlItgKmGedK5qWgH-nAsVStrM0exHibtdWN_z4xL3lQiZeRd08WeakG5SK7Z8e977XHEdkUJFRTpN2ML8m3BkO_BisRddYecNDCUGYz9r1TYCRGJLBcVxEBqyqzky7Ilxc-vUPE47J7iW9Xn_B4gD1YtHA6uPugCaH4oB3Ckj8k8kTnuyxUnuZ3IUhVFz2dqczMXfPr7TtQ1hvaI3tDbcm72qwVM15LnnB_HuQvg4g73JG47jrLSl0ZsTvTLA18IkQB8BXc6SEIsLctcOpfwr2xr7nHVwRy1IAUfmI00LVSAm8qx5yzdK2mgBJ6uv2YjkPeUAC0yqOFRS661eAVs9phBVTUWQylGZx3ucCPTbPa6q_9qTaYIWH1RUj0-JnNMDRWbHJ3Zq00Hmq5iOzDzc560GKuvQS9fIdDNaDtGko9oQ5AHfJ2R92NIUlVf5MVKHVlonMLb4qKKv1QEJVIxKYUiGrJkuD2Rxp0vyW2eh0V4VZ6t-mZmG_NQAKxUlm4gVOZ3UVVU4_lL19GiXJXadCwP72hIxNnNGNf1BSUYPgB4in1ELk64t9J6MeNyqVLe0VuUcjXeAYlx7O3aHKzmP0d3g7122FLX0EK3pIjjHqt1Y22v7_pAFxzTYpacNFQkHaJlQvsodWwm1lsd2HkWikzeY_Tuw1fzcU1knJV7RnfpyJBNv3KMwSYvWtojho3tTyo_8Cqop_VpYNH2Xg2g_ol0sodVgdEGrzEHGGx0U5UBoOevVy703G8DhKsD5cVBcv-Kc0vCc5on0bEsUhRW75ty_66rT87cXAkGt5mKit6iRgXfyssqTx7Lb8fGbQIkWEOFPyJhd6b8cOeaZm5fjJoAvRJRyZUOZxo3062ol3hoyXg0Fu4E6uGUHPOhZU6TcrV_o5F_fswF_gOv1GHcHOj4GXR6XN3agfVhCiUUNxczdEz9Xf8zT93gZHS9GoHnqm2SJBJhVOK1ewL6UYE9uHmHflwsZIM1wF4avSNzfsZsO-7-YZGcPU34uWLx-sm0LzHs4e-jdChvKJBm5zcpWaHRSQR-HNarudceAg0z-A64gOuCSdWdq5BtwTxp60GAzVErCj9MMvQOcRKf-iFdW_bjud4ZV2l3TuqObG8Pz407FmAjFfraXSyyrLEooP_uEvbmn89Lr1aAqf_zBTYJIG3maMHuebBg4jR8KDCzU0DE_9gspdXrTTZwtCiJ19o4w083TCTOS1f7WliWKXje_vjm77QCc8HDwjgaV_A-MXd4U7QgZKRH8Lwg1YH7MjlHwf4p8hbtQfCLczbjvbQChuiuHsOIdxaVaIjtE59v3i0siYgKLMIFLvgscmmUvGz4WGplau939UrjyGn6vk1uOjgLw2rhGojW3wMM9pyeu18-l2l4E3gZO9C-KKIMDcaTCY2mnxNKHhDdMYIguu2w0DcTwq-mRC3XA-Qaoi3jsCd65qpGvA_Mj1EfPL__HYQTByOg1sDf-WbkdX3LmwcUSbWvHSAcc3Bg07_vrWTnBGjbWrzNkCKuhmVjMlBFNSZSTVkUrqYeHawEEZ4nu5e_Q_nxd5mr59UdUto0ZEEsORpFJbkZPF9z9xGNQo8N74gRvHJw5yDK-n2SeLMxCiGkL9nsu17mdsWud9g4PQhQAnybgUYf8-HAfLQUEGBOTN4KwULdb0Y1K6h1ob1TdkIL-ni-jbIFLp8A0tElz5cvGC22DOYW3sAhUh8HDOkWnikyYoj2rOwTD2CTJeugY6BTCeYW567C1XOXoKNyG3zo2O2T-rGE8E6m45VrzjSDjD-2_e_7qegUke47noAxxexrysnzujJplln8dLIL1ZrWTnhjiQqIM360CZmBb0sFWpyWjJ11odVkAL5nNGNE7NgdAt8VBF890TkJMgZ3IMgJDtpu7wMmYXkQkybiWIQMkusCEMovviPSDuRSueUeHiPaU1Idy8F9a3rby-Ec1qjmL97n7DmETfb0aDYfvWBYuUxuzIbS02gI1ANXbvDJMrzZ8HSrgSGOc2ASTxEVYVyUvoVPwiiCFjx74iQ4OffhBi8pyJPc2nuWlDTEKNFgqPfc0j2Z86GLNrJyFEQ3TpJ91Z16st0BFDu6zu5ugLSKKPXOPqWdUoYtt7VhergThBByaz54WJU103UkftabMq80IZcgK_7wNPruZKETP6y8TG6PL5xXJDgW6Ul_sLekxuQN2uPMLo9e0nsT7sMaD1S-xPbJghTlbH_llYizVzrf1zPxc-PucJjNyBaF9akp3gJVK_K4Bl_JafQRaj6f2H-nDbjmIadz4yDnoHmk2xuv16_RJXgterdnnwYFX0Zy9anY5qRJG_GIGwrMLI2G3r38Luw9K9KVOfvOeMhnzENLYXy_2CbqdtcH6sZ54tYr7XTlpqpeOMBbdpAV5V_UpznFhi3ppq4d4zFXjHcza-o3INCX8r6FZRECPMvFvX9-zy52tX51k6ojsWbDrm9Lq3Htzz5qa-ZxNfjD3yZiASsTshbRJGKVBLXeVG2SdWM-Vsfy79LHT9ouZ63eAHLu3DuC0qTXVLX6kW_75oBMHxB_NPpVcV8khUEtA-oiAHbuwvHlBAQaKzLVEqezAqOI-vcXBgzvsqZA2iPGMNW8JOmDzxg_mdbK33g_RQAqJW3tRP1GrI_-WGOGDSxtb2YZBfC1d2Ul4hyJMQLq_V0p9UBvDUMVlyFa6-MjhteHF8P-E9ukBSbqwoDb-rQkqracPpAZOBhGMWPVBvc9p5YCeOcHfWLd_7zFM-gBvSIRqLntFSXgyEZFPemflndwTGGa0zToJaSYq1XuIHMDuNga0opxo2MIb5jz7BJzJMeoKGA&cid=CAQSOwBygQiDsIDB-vzk25pIbUCDnpq6cpDp-aFy2Ty7gsylNS1Dm4YMewBAfmVnclLMce0wx-cw1wTmmVsrGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=6409841365264189000&adk=1726166460&idt=152&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame FF90 28 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:21:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 52B6 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 16D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNXGRs6eyYmFWcPbw2nI_Ddd1aTBtWFzeqHVX5w-I5rmvpZ8u1WS0gfLVn10M4oKA5KZUK6Cu2WDezjUQkHJDGI_hGvLH8gf4n2UkvdJEr6UsiTIc1T9xLj6XeVlArWfq7Xf3nz3MFAr9cNqVsGUjAZnAyr6aqE64nIYoOwFKOqaIr_4vdr4cbnFD786-pI7dz5_9vKsa2zJnTB_uOKu92pRPYj44g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 16D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE-Ez5-kPdznrBzweHaY-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNXGRs6eyYmFWcPbw2nI_Ddd1aTBtWFzeqHVX5w-I5rmvpZ8u1WS0gfLVn10M4oKA5KZUK6Cu2WDezjUQkHJDGI_hGvLH8gf4n2UkvdJEr6UsiTIc1T9xLj6XeVlArWfq7Xf3nz3MFAr9cNqVsGUjAZnAyr6aqE64nIYoOwFKOqaIr_4vdr4cbnFD786-pI7dz5_9vKsa2zJnTB_uOKu92pRPYj44g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyh8YIWExWvkk6jV1awIyE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 16D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

43 B
1 KB

7ms
6ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ28u5ARihkPLlATAB&v=APEucNXGRs6eyYmFWcPbw2nI_Ddd1aTBtWFzeqHVX5w-I5rmvpZ8u1WS0gfLVn10M4oKA5KZUK6Cu2WDezjUQkHJDGI_hGvLH8gf4n2UkvdJEr6UsiTIc1T9xLj6XeVlArWfq7Xf3nz3MFAr9cNqVsGUjAZnAyr6aqE64nIYoOwFKOqaIr_4vdr4cbnFD786-pI7dz5_9vKsa2zJnTB_uOKu92pRPYj44g

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:27 GMT
AN-X-Request-Uuid: 23915b03-52c3-4a3c-bc8f-4f5170cb781e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELPjBfaaZxpqldgxE8bfaoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 16D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

170 B
232 B

45ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 01 May 2023 13:55:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 885d3edc-6ba4-4448-9243-ab0e751c5d1c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODE1NTcyODA1Njg5MzU2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 52B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e05e21093180c05e532efb72a39502be59d6626e72ae47573de76f0a733fcfe4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FF90 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A77 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:50 GMT
etag: 48472445140208031
expires: Tue, 02 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF90 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45d803d9b4695a0ef7b97c9a729f197e4fd08f2d396e61be71896ddad7a58efc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F1E 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED7 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8894381718449&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED7 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8894381718449&version=m202301230201&ct=76&x=1&cor=14733723482967675000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2ED7 83 KB
35 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFEeKsN4BeYUGZ3hNNcNUWPnm-C0qYa-XOK6u_UqecqLB2tB6vfvnvTNm2xbXMIyBCxgQRf6TkaExPaa6qnso7k4uoMg&cry=1&dbm_d=AKAmf-DT8uHltldCeT0XgVBSjGfqiOyKIKq_Gtmnx1AOduT1ZIzutOwPueK5wU4hYAjL0X4bI3wbPSMUzi8rOr3mw5kU4tOtEiwKZKnvPZQkLa7a5PS7DPVMVWLg3R4BfHyz3YPvixEMFdi4BKABWsPxmDawot4V_-bZ8eHrq-NDB9gWERXeOq2V1pcYHwkjewGFDFRBd65Me1RUenB_FE-16-6Y_MahOoNyqNCRSrnSbnl7nfYJrhek8JaD25U2WB2aL3DM-mz3w8wVAO9soZvVxis2acZVlKBLCeCM49BrJTdWS9kmV2itqYZTvS2bYEpANA-li8cVibaN7HP3C4GGKW5UjaeANwRNNA130oBN9SVhaY4LVJCaA7N_lKaf0sDqPlhRViPZGIlwFA1Cjf7cYGqFF8pvKkjp9KU4KMZoExOcA_SwH2WVs_Xr1isB2hAeQHRp8orBZU2dCfBAMxLMH2uKdP1dj1_DbwjRCIYyq6qByN_EE36CeDsI3bNx5PtXSJ03bG3EK8VuW_ifitUT-i6K3RfhikE8W52ZSagw_CyswFkm6j1fO8ySniPn0R-EeOB5gcKLuE_zRuAN1vJPDmYbF0RiUnQAWceQkrBudecauQx3bTQJWXoIqohMOMx4RBMtnhJP3-6nw_BhKjF0sO6DV3T5TJui2F4a8c5YzsL-NEzvbt6V9dTYFocHEG5-h-4fenS75wnMeqrh6XM1OBR7Teu37u81JpFghj7Xh_TCOqQKExu-0jFpXyw5amQzBs3s_IjaUyTJqlqqhnkoEnzQCwkmrLwEUBZHxujdihVyZzGNjqnFjayPHrXmHI4Dm08wRIwHZW_Un1mX7N0UjrDt22wDWd9XGgEThubTUZtDNdjk8jC6Vt_gzmC9K5GEokM_KxVpioUKensckM9O4yeAq9BIA15FDJEzW3ex5aCQGQaUN25WuUHJn9YspZDZ_VUO52fd5bPjZa157i5fFux47fro4K_wGFtukVndFXmNNB0zy3VwAA8Ecl9URx-4M0Zs_HWQ_D_d3WGbsOLMNhrcK8_lh-SdVew9l-cTOhmwGbTJfsF56gxktAGySOyDjATseOdmd-SDUQLltk3rIWiRRN2LeZjp_AKTPciWwITdqkw8dsANOPJQMExFkvEyuWh_KCEcEY51vSz82WqpgTFOFJFFekbxeOaVvxFgSqLg54w1IXNaOQ8VGCGWX2XJCV2yGexwU9UeVV44nNRXxTWUBLAKC-z7cbKKpDn0VQn9pBs93gYSgwnwwIst8RZ_HjNghDULNL6HZziXgMfDglxCldyfzGFz25EH3xFsSfu3Njvd9eIGsDZUfG6vmTf0s2BuvCaY-8kLEqUhl1m3L2TADxWRxoLaCrlRSYKG4_pZrVcBsfmZdtWryS41T5u-IzyJw6p7KaJzFCJwZU-Z9rlsBXxRUZhDZ_n-8H0HLZ7xvaz6ve_YyK2NShc3gSMRXcsr7dkjHOIBigWS2FUwUGgtfZg2DzzV8S-euYVToVukBH0bqDwYq4m21qgv6LLzK_no1Owv4QuseZ_tdsYAfMooqJ9Loxcs5blFOOm9v5VZcGXq6rBEzoaOEf9yZ3DEqUhZ-9OyjmVFdj-npLMx02ckhP-kUespS0cqlVkbVPxZUedokO-u-ZcEKKggmjyIi4CVxMv-Qj0BGxdYVcr3dQ8cmrUev_mpcFotKOK6Xs6GHkE5zAET8iLsZaJyJDzn6mfOzrkuiAZmRjC5Oi4nz1U-anD0P8Yq1uAS4ZpY8aTNDEEFvyo3M8rFyxgMaC2UPb2RQP_MchLEbILHMr7uCFrgkACsS11ayxuggRZ9FTtzVcF9lRYUvr3Gk7pRIJ0ELlS0RYWMg8NweETkcDp7dq8RBJXez_UE2r6oizjm9fDZH9xVww5IkvF15gvTRaMZ-RWzKoCfurBQ4M3mPOPuAlP6QiO8DcZnDGvAQ46cuDAsIoOuAksqQMyeHVDkl_VFncWPChg-KdiIid_BTAffp7voikeEcKckrYNFwb0zHQ94gbgb0QNb7j1t675fbFNbgjzre0enxRNh3DfqHn3RlXIjAvjx8Ibno1vfSJFK3xEE5-9PE5RAqz-YGgHq_0TRL6rFhzsGwn8wmsZWZcbt1p0X7IoyRF9JiI4jV0Yp3ERtpj2QhYY-3vFcDIoOqbETktk5syw8t8zdbXu1tI7m5lxtUEL5WePABoTeGEz0fFXOa5aI6FNppaU1LZCDQmgUrxkhc8MNwwv1Zs_vAioH7zCBSv_Ss6xjrIpWg9qON0DnDKP1xDOAcDj4iEnzrowdIuo6K-eUjTaTOIMsuypISHOgVgxp9he4JAXwB5pTDL-0qhIoA232yLnX1k5IkurhkDifkgrI6Z1TeMP5TfEU6vauyZJL9gALaquRGyG2oqr6YzE9ZDlRkl2v_Gu14ZkIOvsGjg6DjBPSzAe7thXWGdydmUwf0kpLSeHZKXvi5nd80MTnJ4XF7Up6Fy3ksq-3xEutK4a_-pdesLZO19dvQ7BV-lINrm1aIpDDf2sqZ8kgvQhM2Q0tsn10uHt92nvVcrDDgxij71pkDW7q5ZHlJi_t6UZMUBcdkUVWruCL3nRZWjVc6wi8uhi9sNt3pEHSHCriYXhDbkNHWfqVRVFG9Mt5GTFnKEItB1ZKIlYo5IIvwGJ0-xIEW320AEcZyV3yRDy91TdBEu4Wl_q6FPEOGdaNWWXAHO7pT-lABV2muDe-OQsQS-b5F0MIKjL-mEXHkN9fsHYLG8vX_Mt5wfmWRMfY0TSGVZwAqPynCh3FROY5Pri343_ZEQrrDeMXoXv_jW994F2Hgcw82cbWEEbf7Ya98aUssAbUvQazxuubI5Ajd2m8W_qMbLUtgNiqWt1rxquk9Pku8C1JbJl0ruAb3lvtkE7fZs_5r6KDAX6Vw5X0p8AkY37EazLUBAzCnI1X49ZnigE8rMMIl65fPm0nISQMpEml3ovG19gnE0hW1OH5SEVUxAu4zMVRMnsCKuYCF6GmmfGeK0zxxAh5J_xSNlO_KllqRx2_Mvp2JcvGlIyeMeNlxOm5afL0PeOWz3valboiiU_R7tSMIa1NiRpjNT5FYmoLfj9EX4aQZE39rHZeOc92jB6R8v9fqFRoZfq6W63rAg0mKJZceLhlEGj8nhSe1xJCV4jpdRt4Glj92_zWwKDjFyEqSgdDjMeZLg_Zjne3Xc8arn2Xf6Hsk3aqFRxJOqfcyWutHwDI0NNaS5ySu87v62awIccqYqA5xPrJMObtbJwzb4ZSy6jLiRtjJgvKU4m-u6qvnWXFRcfcTBDnugM18ExL9jd3Pb-h5hu15jxkk-iUbpmjqNNQsM2iuq0sZrxNRfar6PEPBjEUeAcATuLCYCTjAFj7X_eeYSaYt_u6TbSpIFcjhzj1m_5jfEo3by6siAFDF5y_e0pS3SSpq_FmOLtUvBgvIAuxAdJRp7FHFLVmxCefYg2SPDbPCEJlGI6v_uM1ri-Fej3aVM7HXNTfT7X8xV4RPFcoxbbuYUQpvpEAiquKHCxlD-aMIchoev7Mx_G-B837Ar_h6KTuTEzwC_Mm3nhv2KgxjTnPZK0-iOc-X9Ic_HUpnapzHPfRA2ehSQ&cid=CAQSPABygQiDpL27DtuWuNlH02QORDQZ9pKQAluQvIQO06HFKQksQTKs4uCwasM68b1Yz2ZLyCvpHXszXuAr6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=14733723482967675000&adk=521587874&idt=153&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9082e62c9c98974f8a457d78c097646c92ca586fb312743330a3199fe88fa41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35867
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 362F 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A77
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMTv-BUMqY3zycR5wRqeoWk&google_cver=1&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOca...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMTv-BUMqY3zycR5wRqeoWk&google_cver=1&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ&google_hm=XzCWYXjQQRKuHJAh-i_-HQ==

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ&google_hm=XzCWYXjQQRKuHJAh-i_-HQ==

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ&google_hm=XzCWYXjQQRKuHJAh-i_-HQ==
date: Mon, 01 May 2023 13:55:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A77
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEP0j4rlwszBGX9mS-XOxZFA&c_param1=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA&gdpr=%%GDPR%%&a...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGNWgm5765binfr9ZOqMvsdC98SL0Z7MdLeOB9zBnAifHbJGwgOtIE5jMJ-graIiirinmgGdS41zTWb03Xw7UrjMHlWuJdA
date: Mon, 01 May 2023 13:55:27 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A77
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WcglZ3yCQmyAJbRxbuBcYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WcglZ3yCQmyAJbRxbuBcYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOWzOB0VOz0Z0_MMzX9DfcjRToaHVGe5M3giamYYmnQ-LLoj6ClOUTue5PjZXQkAl6duJWnVFxNZ4iyFEpqgww_MR8ir0A

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WcglZ3yCQmyAJbRxbuBcYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOWzOB0VOz0Z0_MMzX9DfcjRToaHVGe5M3giamYYmnQ-LLoj6ClOUTue5PjZXQkAl6duJWnVFxNZ4iyFEpqgww_MR8ir0A
date: Mon, 01 May 2023 13:55:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A77
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKjF4qP2sM7K0sLo37aiIy4&google_cver=1&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8H...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8Hxq2QwozPmQI

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8Hxq2QwozPmQI

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 May 2023 13:55:27 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNRvW4T1a3io3b2-xL3QGtpD8gJ_ZNbTou4Wn09Gk1-UxCq8_MF7ZwlEMwRbkCUB2lj1uaw8Y5nNyUiHB8Hxq2QwozPmQI
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: aCuN3q1oFM13FdnGW-j3_lr8BCuQqH4wIMlsS039O5Tnn1qxYBzwOw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A77
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-4273fbd4-7ee5-4552-99ac-a2ba56f20dea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMOGmHzMp1fBbSnxS6Av...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&google_hm=A0Jz-9R-5UVSmayiulbyDeo

170 B
188 B

72ms
69ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&google_hm=A0Jz-9R-5UVSmayiulbyDeo

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMOGmHzMp1fBbSnxS6AvB-MsDYaE_w8vgODJXh-T7FH4ashKYJIhLw7yCgfy7nry1Y6sRLYT_JiZqM4pO3TgtKWrcfP_V4&google_hm=A0Jz-9R-5UVSmayiulbyDeo
date: Mon, 01 May 2023 13:55:27 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4273fbd47ee5455299aca2ba56f20dea003
content-type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 3A77 0
359 B 52ms
7ms Image
text/plain 3.68.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPTZDtz4Dj3zmjTZl4HTDBQ&google_cver=1&google_push=ATf1kGOV6PTr7OkhhwTQiisGbXSwSmKVI-29WHNgG9Yo1hP4u5ySfai0SYXeaCj242nEjgOcv_YWaCCGQ3rSnWiDl4ZXfN6J7yiA
Requested by: Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.153.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-153-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 3A77
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO8jnkOowivW7L8qo-Q5o58&google_cver=1&google_push=ATf1kGOEYsSiV9bIGDtAIjh5pgKKHE3rIbkTxYMHTk_cRPBUKFM3CW32wYNABvNHpOekCat2dEPblGZtgq4...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOEYsSiV9bIGDtAIjh5pgKKHE3rIbkTxYMHTk_cRPBUKFM3CW32wYNABvNHpOekCat2dEPblGZtgq4aw0fdEMpqRco7G71V
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
7ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A77 0
12 B 45ms
44ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFB_1ANhI1ArQ3EGcl7JWQTxz09TegGMbBuZiRhNSqTnK-0E3lsrS8jOKz2v57aecmw3WVVhs

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F1E 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2ED7 170 KB
59 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Origin: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 13:53:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 2ED7 11 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFEeKsN4BeYUGZ3hNNcNUWPnm-C0qYa-XOK6u_UqecqLB2tB6vfvnvTNm2xbXMIyBCxgQRf6TkaExPaa6qnso7k4uoMg&cry=1&dbm_d=AKAmf-DT8uHltldCeT0XgVBSjGfqiOyKIKq_Gtmnx1AOduT1ZIzutOwPueK5wU4hYAjL0X4bI3wbPSMUzi8rOr3mw5kU4tOtEiwKZKnvPZQkLa7a5PS7DPVMVWLg3R4BfHyz3YPvixEMFdi4BKABWsPxmDawot4V_-bZ8eHrq-NDB9gWERXeOq2V1pcYHwkjewGFDFRBd65Me1RUenB_FE-16-6Y_MahOoNyqNCRSrnSbnl7nfYJrhek8JaD25U2WB2aL3DM-mz3w8wVAO9soZvVxis2acZVlKBLCeCM49BrJTdWS9kmV2itqYZTvS2bYEpANA-li8cVibaN7HP3C4GGKW5UjaeANwRNNA130oBN9SVhaY4LVJCaA7N_lKaf0sDqPlhRViPZGIlwFA1Cjf7cYGqFF8pvKkjp9KU4KMZoExOcA_SwH2WVs_Xr1isB2hAeQHRp8orBZU2dCfBAMxLMH2uKdP1dj1_DbwjRCIYyq6qByN_EE36CeDsI3bNx5PtXSJ03bG3EK8VuW_ifitUT-i6K3RfhikE8W52ZSagw_CyswFkm6j1fO8ySniPn0R-EeOB5gcKLuE_zRuAN1vJPDmYbF0RiUnQAWceQkrBudecauQx3bTQJWXoIqohMOMx4RBMtnhJP3-6nw_BhKjF0sO6DV3T5TJui2F4a8c5YzsL-NEzvbt6V9dTYFocHEG5-h-4fenS75wnMeqrh6XM1OBR7Teu37u81JpFghj7Xh_TCOqQKExu-0jFpXyw5amQzBs3s_IjaUyTJqlqqhnkoEnzQCwkmrLwEUBZHxujdihVyZzGNjqnFjayPHrXmHI4Dm08wRIwHZW_Un1mX7N0UjrDt22wDWd9XGgEThubTUZtDNdjk8jC6Vt_gzmC9K5GEokM_KxVpioUKensckM9O4yeAq9BIA15FDJEzW3ex5aCQGQaUN25WuUHJn9YspZDZ_VUO52fd5bPjZa157i5fFux47fro4K_wGFtukVndFXmNNB0zy3VwAA8Ecl9URx-4M0Zs_HWQ_D_d3WGbsOLMNhrcK8_lh-SdVew9l-cTOhmwGbTJfsF56gxktAGySOyDjATseOdmd-SDUQLltk3rIWiRRN2LeZjp_AKTPciWwITdqkw8dsANOPJQMExFkvEyuWh_KCEcEY51vSz82WqpgTFOFJFFekbxeOaVvxFgSqLg54w1IXNaOQ8VGCGWX2XJCV2yGexwU9UeVV44nNRXxTWUBLAKC-z7cbKKpDn0VQn9pBs93gYSgwnwwIst8RZ_HjNghDULNL6HZziXgMfDglxCldyfzGFz25EH3xFsSfu3Njvd9eIGsDZUfG6vmTf0s2BuvCaY-8kLEqUhl1m3L2TADxWRxoLaCrlRSYKG4_pZrVcBsfmZdtWryS41T5u-IzyJw6p7KaJzFCJwZU-Z9rlsBXxRUZhDZ_n-8H0HLZ7xvaz6ve_YyK2NShc3gSMRXcsr7dkjHOIBigWS2FUwUGgtfZg2DzzV8S-euYVToVukBH0bqDwYq4m21qgv6LLzK_no1Owv4QuseZ_tdsYAfMooqJ9Loxcs5blFOOm9v5VZcGXq6rBEzoaOEf9yZ3DEqUhZ-9OyjmVFdj-npLMx02ckhP-kUespS0cqlVkbVPxZUedokO-u-ZcEKKggmjyIi4CVxMv-Qj0BGxdYVcr3dQ8cmrUev_mpcFotKOK6Xs6GHkE5zAET8iLsZaJyJDzn6mfOzrkuiAZmRjC5Oi4nz1U-anD0P8Yq1uAS4ZpY8aTNDEEFvyo3M8rFyxgMaC2UPb2RQP_MchLEbILHMr7uCFrgkACsS11ayxuggRZ9FTtzVcF9lRYUvr3Gk7pRIJ0ELlS0RYWMg8NweETkcDp7dq8RBJXez_UE2r6oizjm9fDZH9xVww5IkvF15gvTRaMZ-RWzKoCfurBQ4M3mPOPuAlP6QiO8DcZnDGvAQ46cuDAsIoOuAksqQMyeHVDkl_VFncWPChg-KdiIid_BTAffp7voikeEcKckrYNFwb0zHQ94gbgb0QNb7j1t675fbFNbgjzre0enxRNh3DfqHn3RlXIjAvjx8Ibno1vfSJFK3xEE5-9PE5RAqz-YGgHq_0TRL6rFhzsGwn8wmsZWZcbt1p0X7IoyRF9JiI4jV0Yp3ERtpj2QhYY-3vFcDIoOqbETktk5syw8t8zdbXu1tI7m5lxtUEL5WePABoTeGEz0fFXOa5aI6FNppaU1LZCDQmgUrxkhc8MNwwv1Zs_vAioH7zCBSv_Ss6xjrIpWg9qON0DnDKP1xDOAcDj4iEnzrowdIuo6K-eUjTaTOIMsuypISHOgVgxp9he4JAXwB5pTDL-0qhIoA232yLnX1k5IkurhkDifkgrI6Z1TeMP5TfEU6vauyZJL9gALaquRGyG2oqr6YzE9ZDlRkl2v_Gu14ZkIOvsGjg6DjBPSzAe7thXWGdydmUwf0kpLSeHZKXvi5nd80MTnJ4XF7Up6Fy3ksq-3xEutK4a_-pdesLZO19dvQ7BV-lINrm1aIpDDf2sqZ8kgvQhM2Q0tsn10uHt92nvVcrDDgxij71pkDW7q5ZHlJi_t6UZMUBcdkUVWruCL3nRZWjVc6wi8uhi9sNt3pEHSHCriYXhDbkNHWfqVRVFG9Mt5GTFnKEItB1ZKIlYo5IIvwGJ0-xIEW320AEcZyV3yRDy91TdBEu4Wl_q6FPEOGdaNWWXAHO7pT-lABV2muDe-OQsQS-b5F0MIKjL-mEXHkN9fsHYLG8vX_Mt5wfmWRMfY0TSGVZwAqPynCh3FROY5Pri343_ZEQrrDeMXoXv_jW994F2Hgcw82cbWEEbf7Ya98aUssAbUvQazxuubI5Ajd2m8W_qMbLUtgNiqWt1rxquk9Pku8C1JbJl0ruAb3lvtkE7fZs_5r6KDAX6Vw5X0p8AkY37EazLUBAzCnI1X49ZnigE8rMMIl65fPm0nISQMpEml3ovG19gnE0hW1OH5SEVUxAu4zMVRMnsCKuYCF6GmmfGeK0zxxAh5J_xSNlO_KllqRx2_Mvp2JcvGlIyeMeNlxOm5afL0PeOWz3valboiiU_R7tSMIa1NiRpjNT5FYmoLfj9EX4aQZE39rHZeOc92jB6R8v9fqFRoZfq6W63rAg0mKJZceLhlEGj8nhSe1xJCV4jpdRt4Glj92_zWwKDjFyEqSgdDjMeZLg_Zjne3Xc8arn2Xf6Hsk3aqFRxJOqfcyWutHwDI0NNaS5ySu87v62awIccqYqA5xPrJMObtbJwzb4ZSy6jLiRtjJgvKU4m-u6qvnWXFRcfcTBDnugM18ExL9jd3Pb-h5hu15jxkk-iUbpmjqNNQsM2iuq0sZrxNRfar6PEPBjEUeAcATuLCYCTjAFj7X_eeYSaYt_u6TbSpIFcjhzj1m_5jfEo3by6siAFDF5y_e0pS3SSpq_FmOLtUvBgvIAuxAdJRp7FHFLVmxCefYg2SPDbPCEJlGI6v_uM1ri-Fej3aVM7HXNTfT7X8xV4RPFcoxbbuYUQpvpEAiquKHCxlD-aMIchoev7Mx_G-B837Ar_h6KTuTEzwC_Mm3nhv2KgxjTnPZK0-iOc-X9Ic_HUpnapzHPfRA2ehSQ&cid=CAQSPABygQiDpL27DtuWuNlH02QORDQZ9pKQAluQvIQO06HFKQksQTKs4uCwasM68b1Yz2ZLyCvpHXszXuAr6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fopynew.com%2F&ds=l&xdt=1&iif=1&cor=14733723482967675000&adk=521587874&idt=153&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:08:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 2ED7 28 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:21:58 GMT

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/10596822557170597888/ Frame B0B5 47 KB
12 KB 119ms
47ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
expires: Tue, 30 Apr 2024 13:55:27 GMT
last-modified: Wed, 15 Feb 2023 15:46:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52B6 0
0 182ms
89ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRFPCaooqtZgCYTYRO-QC9PeRIMjkGgZ8JPqXep_XxOwPsQabUnppJrc5-Puw5M5nX_Yp4xIxaPuhjBuHnvmxmT7wueFETGjBkAkadO11NB6s_zPxp21Ki3ymxhECbMvw4ZdXZkAItJkxHzgYzWLzPf7Gj7kti9g_eBex1LR2OPQSTdcEJ1BEbConv3fgmf-P6EGmVFMM89ZBBXRP1MQ7W8qOxIhvf4sYDFuXn14tklxsF7o0QT20CzdasRSO0F9JEaZrcDWqIHCX7mYChJ_bxzcR1MlAEOjETlVUApI3VjcUhmSVrjkuVv60dhW-qzXop7V59vawDWAqmy0OBXnqXnjNVyZ-S_TskizpyIXjQbKi58pJqueleP7KvLDrr6gT81ixWEiobZgrDYaZRXQEHIfLk877l23VHq0CWY_N3S8gVI_taichVtk5XehxeWUr8l9CT2vUApviuxnDmMgfG_NB0Y6gFveOZjzqDHrr2h6gz-T03B1a3MqUXVLgbWS__8KNkLzXT8yIgzhYkqZLcV2LpVditWQNS_ARBTa86E2hU-q9DSnuHXUToYhbtCThUEHup8LFxEIajsKKV3XUn9ur8-PT2vSXNLwYsRwkHmgKksbOQr8OqV7rUil9PowvofPLR250hDtpJiWwjVahJrAQib8cWCd51qaZtVXcticAKxCse41FSsUF_NiER9NBM9MMcRO1CudUujQeuMGIZ7EJJRBnDrzCABorphl7RYe1ZxqszCmS_BAI5Z0QeM1p9-F0bWPW63U5uaRQqWF_kfgj5eLREzmV_bdRg2kubLKM-reja2ui4xjCoPP830fdjrDcbn2VrUpb1QMLemitqJVmJTJH408qz1ZhR-0LPxF4SncihAtP048gbKUNrYHVl8U_XjDDg4LlhB7ZRooHLfMRvL2vBy1iBElQHGyd44wvLOKAU6fRDLqvC4kNZtMtOGD_12RDzJCtpojVrcsdUgQsnH3OywXj5KINrqJY6nuiBL8neMWs7PBcnjF-_pgrnfdo8hynwm2uK67jsH-skuWdefkZctRaeRpYRxhTYC1gaas8LT7ssM7HVNimKKeZrLydSQztS6rxvAuE6Pau2HVS31P5uNprBRYY0sjwEv0Qe2kU4UYr9ds-eut5UWceqZtgKFzbZWheKE6iZQ416yXrQWS8_U-hor-f_vhKNQUe8TIoBDRshzxnbizz2Yfy9nEL7qzfa0NKjj7quQ-YYsj5JSwDLO8wjVVPMW7BHZ5i7JuB08ZpdKtGVmbPdDf0tNcteqkdUl1irIFnMGNYF_PaOMEmD&sai=AMfl-YSub4BUz9-r-Fmpd5ucVK93lG4NG-Y82o3fg2G_0XTq84_7MnWiRlX7-h8cp7R7ctXJcCvFKcxm3DQmDrqo4TMw7HJRphj5qmqSWWDH20pFNqdoCIE7CB0R8dCKLbftFgxPu0Tfd8mE7nyU7r9ixty66ju_E_BFf2qgIrLLDxKbpEv21SdNkOZ401Y4rXl79yoSXxl6sEJoBZfvzTEwm1fVT-lHtFSf1JRxCUhYgJ0vw5HROWsJ2cstCUcZHalEoJ4mSD3l-JtW4upEHDEw9Vr1tc9YIbZhX3PYMPpJFl9b-QNvGPGxJbm8&sig=Cg0ArKJSzHCActKbHd_1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&cbvp=1&cstd=296&cisv=r20230426.82882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame 8CE5 4 KB
2 KB 107ms
45ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0259dc62719d129ad3d7252d0fa9632d43e81285da4c54e982f7953ae30ac4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1658
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:27 GMT
expires: Tue, 30 Apr 2024 13:55:27 GMT
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF90 0
0 171ms
86ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmfK2aQ3jFy4sEimVsdjOQtjd6VdS3ZUDHDghJlTE7w-19OAWataXZhK3RcqD4U8fm5xG6kjtwzsXd-gR6Y0KO53tIDC6J5ql0-QWpnMH0PMSIV9jq-HQAh4oPq0kmsR92aP01IkHPz0nwbj_SsKpHryNF7gJPtAA9qS_VAd3bDpvhVfSq3egGPjkUgDZG8HmreR-_wVlWYW03bD2dfDysL0Nno4AYw_n3TZ0CTKHUFCEx7qnE8DZgoDOW-t3oL3RGNQRLxJIc2Jl0JF_Iw-N2Cv2GxWh8B5fumIbuLkQlLZhSHvQbLvx50siZvNHGD-FzS8k6ykx2RbVd7xcfYwj0BmVhBkQojMV05QHmgBMJTOCgUvVJ42TphHPAeL5xom9aOagze7tvP8nOP-XWBlpRO5wdhbtQjpJuT7wWpMckMzMFrgGJ-cH78RV1Cr3Y0C08LwiyGlyx312gBGmNx6Ks9ijqfWqxhiHi_Rm739ataJVVRbp3Lwo6F3lasn0Nfbp1SvFArtFpDe8IjHE8vzvakl1H5FHg4SMFt4oueO1I0hORdP9p_aGbOOaQ-o_qWwkQdxYf9KCv8Pa-pYH8Mn_9XsXVjMsqTvBE-P43Ogv8hjuhq2JlBTSJSIweWCDMyuwg4mIwqrGv8Heau6DueKIUDd27Hy0-RKeYmJAuWJQR_qB2e4xKAU3suyv606hG4XtDWu8Y-pHdFDsC58cre1WxL5HRPIcagGDyIc67whlN6tlx1DcUNH-Pwk8O0VqXha9AlsA2TLWR5lqBgjdauUwvsfQy3rUaDckt9Z4gBTTUukdQ8XFCGkTR9Nlgu7mEfhdiAx4xilOiKyf-mym5mPqZWTLCHEWWiWDN_t0wfYJJvB2fuFmZxotJ0l2tKJ_1zHi8rWRIM6Nex2tf31tQeXt1-FgPZGmS-hbja0sS8JB54CyZ7gyiEqtk5oUPWK8nVmfYgM8emsZr65MGnwV_tEKGh-pTaneEJcZp5r_0rvHPRLfeUbcqPMxdYqZIZgoWolfyIdY9pM092rFY1048wpL-sLgtjIqtgJV9s4OEAGrEi_9gcQhsPjInRWwTGRV8Mf-IYeBKn1PetffnnzUB3MeQoBILfVyh5V1hDZ8wvulrH3_hon6B7yRUZFnAYThVQbY8jANvUFYImDHheH2jfvJsK0h9Uffz8YLT_mTn9uWEgqaRTH9-S9oxDMexAcvH3RnA2LShqoBnk9r1RAHA9gN2taY2w5nRpS0ING-bI1TWsxJ6hy1mn6CiRNItKseynBMjV9RKkIdajU1nadUw1e-8&sai=AMfl-YQobvmAi6BsN03lmyLVruxOwaa6NL8O2pLjE9d_QPth2LNFHAzcZRnqb7pTKgtPmhXIfDmlDfUhcZtnnBkhDeewKMjXo6CkxqvrCLnX70RJ8UVuXDt2Thnf9Ea8tDeKOv9TumNtM0saC81egfROXONZukNa3I2XItoxXjg0syzgvjgfETkC8fcX7DCWSI6bZYnDp0uvH9cXLzeeTusoPBzy6qIvjlk508ojW-UeMfXL2h4ipsWM-UtVtsjgio9hmHp0ZxfkeMgS8uwvXEYuvmqoY1uPtA&sig=Cg0ArKJSzANygcpd2J0QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=246&cbvp=1&cstd=242&cisv=r20230426.58323&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 13:55:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 362F 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2ED7 41 KB
15 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:45:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD82 1 KB
643 B 44ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:50 GMT
etag: 48472445140208031
expires: Tue, 02 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2ED7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b51100f5100d0ff8a219da86f22e1307cf1aab3e9dd55461042a0ab67e10e7d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8CE5 236 KB
63 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 13:55:27 GMT

GET
H3 200 970x250.js Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame 8CE5 39 KB
8 KB 57ms
56ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d586e3c962060d74f7f85382769557b26ac32df43c0e4083cb36ca8fb5c941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162112
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8474
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 16:53:35 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8CE5 118 KB
40 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 23:21:16 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame 8CE5 3 KB
1 KB 64ms
63ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 995
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 16:51:53 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B0B5 118 KB
40 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 23:21:16 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B0B5 63 KB
25 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame C177 4 KB
2 KB 49ms
47ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0259dc62719d129ad3d7252d0fa9632d43e81285da4c54e982f7953ae30ac4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1658
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 13:55:28 GMT
expires: Tue, 30 Apr 2024 13:55:28 GMT
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2ED7 0
0 109ms
79ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaug9p3TNdxX37SJUSS-ckhgL2K7DtZXmyP6umj8Ezw_RsVlWep_sE5KsYAKrCNmUqR6kUcf6ynIis9uFth4Pxi8LfluGSDXRDj7spGqrkPoBNifygx_VclPcO5pL7AH45K6VcX4mgre5yEW1pfefcMi3MB6xGQg7rpE5NXSxE669zmN8iiRMqP7LbijbWI262XrFxkC8Y79M6l5WbVhXeVVp5OHcPgCPwDrBd95olqP9CZofLFYfcG8gpeYuNyW5Rv5eSZK2jaTfQnVkRtH3UZZnLlhWk2ajGM3UfPuytkvejzlWeNKvPnm9FBNV3CBjfiAIJ5VzJdcGDl7hg2j3_82w0HNAcml_j61uMxFVMqMr2aqsD_ys-ETZspqXQjykywGnL_DkNC1MuWVCPyfrJleQGASdtpNawwAxqKmLBz9hklpnMknDAr1uw8kLaeag1P52WunytgRxtAsKNaXaFtgOGJghd-L6gB6L1qaefvWlr4ZczUXgLYHubf6IdKRkQaHP8R8BsnFhxEpIynJNKbQ6_Uzar9W3WeXUU5qgIsLrb_M2CFTRHmVjtCzq3zOlNQuTsuOt6XeSTa0dMQ6SxOhYMu8daHkicwJD1mwaZarQlbBYFKGV9TB--TzHY-uwLSIP_Y-zazQ3NWJRYQ8PoylPznrn0rMv2imNGvRKasxfJ0nK6QSKgzp3HalJ9BMk2sJSqySYM51G_cm_cjGuKfj8FM6o8dyZUXnGMctwXnIAvup91qLCQkDB_soAIdOT8jXugXWfIZLAG0nfCzZwlRrp0xhpoycx0nb97uOdLQs721I3y9-TmZfaFYps_miBaPR7P4sH9nrGSLlvxVtJb8HCtajizcTznyRjkf6TT0yj3Jcy4sEMca8ES03FWbvCuMClhoY3VzUpoBmwKF0fe3I7rOv7ZRSMhth9RXnJoTZiSJhaZWgAZDyS9Ai3MJZZ1mhoR252gZvvfj7VVYnIWo1JkTJhEp1MUd5GgvR8QyI1b5cHU8JfG0zOu3TAnMYrd_HoZ_0bUtlzlr6kaxHA4J-seJYTex8GWiwiDS5M_5hkr9XVuxCfSV5xD8afVKHV9wylhB6tYJuXt97tbDkkEoyDeMC9JkRdDG71gtN6iKjlDaVgQRtPFaLwMfJuqmmfULIktxndnlBYz7U-HmxwKbKTGA8E6DBw_-niFFxqV6ZD5llVQX6RIx24hwKYCI49DRPCG5QXp83rzGl-Ks76YforI4bO_aistDdS0W1UeKGdpeTF1Dydd8oBeeYrmHTDCEODFL0RmlwSJj385ZSgAXoo&sai=AMfl-YSFnXXAX5s2NvmPMalGHJOqyhqTjReVOhsQc1pV_kOxC8gWDTYnULqMGnHDiG4uu7HJPU-ulsnK1msTKTeYCdq8pXnSHK-4CdkAGUpuKhyjxYnpmJaUYe39ja6PuIbJ1xybu-qHpGIvs-9ProJ-byconvtf7ZgsRL490XigDpaJraw2vl3hw8Qp60J4nKXcqbXierwnlj0W-yQmzKLbezyYm2tJmoLQcZvpSud5a4W2mjyiR4usqHqBfzBCCfChQNvM83bulbBLZaPJ_AZhqBCwZeYYOoTN&sig=Cg0ArKJSzFd9VU9ER_YAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=183&cisv=r20230426.86914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C177 236 KB
63 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H3 200 970x250.js Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame C177 39 KB
8 KB 40ms
36ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d586e3c962060d74f7f85382769557b26ac32df43c0e4083cb36ca8fb5c941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8474
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 16:53:35 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C177 118 KB
40 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 23:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 23:21:16 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/sadbundle/6529407057911781381/ Frame C177 3 KB
1 KB 50ms
49ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 995
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 16:51:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A7C5 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Apr 2023 17:27:00 GMT
expires: Sun, 28 Apr 2024 17:27:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD82
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEPCN4DnXaBodT8r1w08Qjwc&google_cver=1&google_push=ATf1kGPX_A_CBjoak6LcHQUheyyyVqc1JzpKG4UqM8SX9FLP9utwz5Pv_5GTmx-hB0qj8VWnS9HEKgLJbuQGY-5TWON-vU-CZnljmJvf...
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTc0Mzc4MDhGQ0Y4NTFFNw==

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTc0Mzc4MDhGQ0Y4NTFFNw==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTc0Mzc4MDhGQ0Y4NTFFNw==
date: Mon, 01 May 2023 13:55:28 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD82
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHRKh3sawmhFg9Mq8D42-4Q&c_param1=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLO...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLOZlZldMk0IvTSm-Qreu...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLOZlZldMk0IvTSm-Qreu4vmzf9-HBM

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPbF_lPC94UZexaxzCiCW-LF1YIhFlltnDI8L0fDMngIRoHqSLfBOnzcL73dUpRFALbNW10HYR70WxML_oGEO_-1T-T6JCbhsicDNeSBtMRNLOZlZldMk0IvTSm-Qreu4vmzf9-HBM
date: Mon, 01 May 2023 13:55:28 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD82
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_hm=ZE_Ez5_kPdznrBzweHaY_gAABJUAAAIB&google_nid=index&google_push=ATf1kGNbzmlKxVjh1JnoDQsmTpm6pOMexmRcJ...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_hm=ZE_Ez5_kPdznrBzweHaY_gAABJUAAAIB&google_nid=index&google_push=ATf1kGNbzmlKxVjh1JnoDQsmTpm6pOMexmRcJBih86gMkM3mV8lxCrkGY48M3wj-YBL8b3llG20PnqlvU9Vlvx2OOEFOPXvT0chQTOa27JgMkDtPztzP7CSssVzR4EWBF0cujle6fFgJbQ4

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 May 2023 13:55:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0s8aAZXuPwU4IwcWsUnlo&google_hm=ZE_Ez5_kPdznrBzweHaY_gAABJUAAAIB&google_nid=index&google_push=ATf1kGNbzmlKxVjh1JnoDQsmTpm6pOMexmRcJBih86gMkM3mV8lxCrkGY48M3wj-YBL8b3llG20PnqlvU9Vlvx2OOEFOPXvT0chQTOa27JgMkDtPztzP7CSssVzR4EWBF0cujle6fFgJbQ4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD82
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPnRJbMUGqE01caFCPWaBpU&google_cver=1&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEu...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEujVnmnK6sQYFzfFl8ovgviUcsJ65R7BuY...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEujVnmnK6sQYFzfFl8ovgviUcsJ65R7BuY2HfU4BIXNlA&google_hm=Z2IzZDQxMjcyOTM3NzUwYjZiODg=

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOmgrCOrV5TRzj0kFLq5eiWy5dsIMyxRjuaTbgVJSJhSzbjiH7t9EFbYBA76CcIPlN12V7_kkes9Y7W-E9Tl45JbDjHxEujVnmnK6sQYFzfFl8ovgviUcsJ65R7BuY2HfU4BIXNlA&google_hm=Z2IzZDQxMjcyOTM3NzUwYjZiODg=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD82
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGG6Ssor427YTW_bZ6ChwmI&google_cver=1&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFA...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGG6Ssor427YTW_bZ6ChwmI&google_cver=1&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFA...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yUVRZN1JsRTJ1R2M2Y2tNU2o0X2w0OVBGbGJTZldRYX5B&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJU...

170 B
188 B

47ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yUVRZN1JsRTJ1R2M2Y2tNU2o0X2w0OVBGbGJTZldRYX5B&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFAbD7H_qx2VMkP_xik8tQDgE9KYytZ6B_0B2wciguvJI4C9IrvyZnkXX944_3s0NqE-fkLL4

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1yUVRZN1JsRTJ1R2M2Y2tNU2o0X2w0OVBGbGJTZldRYX5B&google_push=ATf1kGOt8b5mtUZt_GpvSOmQly-rx7au1gj86IoB8tyZIVBbMCBHRVwJUEGKowjGEZ1vyibgFAbD7H_qx2VMkP_xik8tQDgE9KYytZ6B_0B2wciguvJI4C9IrvyZnkXX944_3s0NqE-fkLL4
date: Mon, 01 May 2023 13:55:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame BD82 0
362 B 16ms
14ms Image
text/plain 3.68.153.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEGHHE0TW9YAH83CZSkILq0Y&google_cver=1&google_push=ATf1kGOqpCBxEnfKdEtbC9b4JbAsbsb0luQeS529beacmedeDZidGBdtb1lFrDIK9EmwgEnuN_tvP3KEPbFbDXn_porTy5kFXj1d6pczerxqry05RuWPKe6iWuz8CKJJnyvMz1dd8bKBAMs
Requested by: Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.153.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-153-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame BD82
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEJgPNL3lFRZ7oFK7PtVNJTg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGONN8LGEHB8U344W2Xyl6QtKpDZKrcNawveip0GszITmOS2-KbTlgwZ_OP_sUyhuTozmcaHVxJvzCXQBtedaoYjFNcPBOr4D1TrMllV1Re-JUGb3...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

66ms
65ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Mon, 01 May 2023 13:55:28 GMT
pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD82 0
12 B 44ms
43ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxD1v_viNw4DU5wnUiG1Jmid-B_dnwWtDDmVtgiCmQwXMc5-D43Thr8vw5zErbG91WNrrhOpY_

Requested by

Host: faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
URL: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF90 0
0 76ms
76ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmfK2aQ3jFy4sEimVsdjOQtjd6VdS3ZUDHDghJlTE7w-19OAWataXZhK3RcqD4U8fm5xG6kjtwzsXd-gR6Y0KO53tIDC6J5ql0-QWpnMH0PMSIV9jq-HQAh4oPq0kmsR92aP01IkHPz0nwbj_SsKpHryNF7gJPtAA9qS_VAd3bDpvhVfSq3egGPjkUgDZG8HmreR-_wVlWYW03bD2dfDysL0Nno4AYw_n3TZ0CTKHUFCEx7qnE8DZgoDOW-t3oL3RGNQRLxJIc2Jl0JF_Iw-N2Cv2GxWh8B5fumIbuLkQlLZhSHvQbLvx50siZvNHGD-FzS8k6ykx2RbVd7xcfYwj0BmVhBkQojMV05QHmgBMJTOCgUvVJ42TphHPAeL5xom9aOagze7tvP8nOP-XWBlpRO5wdhbtQjpJuT7wWpMckMzMFrgGJ-cH78RV1Cr3Y0C08LwiyGlyx312gBGmNx6Ks9ijqfWqxhiHi_Rm739ataJVVRbp3Lwo6F3lasn0Nfbp1SvFArtFpDe8IjHE8vzvakl1H5FHg4SMFt4oueO1I0hORdP9p_aGbOOaQ-o_qWwkQdxYf9KCv8Pa-pYH8Mn_9XsXVjMsqTvBE-P43Ogv8hjuhq2JlBTSJSIweWCDMyuwg4mIwqrGv8Heau6DueKIUDd27Hy0-RKeYmJAuWJQR_qB2e4xKAU3suyv606hG4XtDWu8Y-pHdFDsC58cre1WxL5HRPIcagGDyIc67whlN6tlx1DcUNH-Pwk8O0VqXha9AlsA2TLWR5lqBgjdauUwvsfQy3rUaDckt9Z4gBTTUukdQ8XFCGkTR9Nlgu7mEfhdiAx4xilOiKyf-mym5mPqZWTLCHEWWiWDN_t0wfYJJvB2fuFmZxotJ0l2tKJ_1zHi8rWRIM6Nex2tf31tQeXt1-FgPZGmS-hbja0sS8JB54CyZ7gyiEqtk5oUPWK8nVmfYgM8emsZr65MGnwV_tEKGh-pTaneEJcZp5r_0rvHPRLfeUbcqPMxdYqZIZgoWolfyIdY9pM092rFY1048wpL-sLgtjIqtgJV9s4OEAGrEi_9gcQhsPjInRWwTGRV8Mf-IYeBKn1PetffnnzUB3MeQoBILfVyh5V1hDZ8wvulrH3_hon6B7yRUZFnAYThVQbY8jANvUFYImDHheH2jfvJsK0h9Uffz8YLT_mTn9uWEgqaRTH9-S9oxDMexAcvH3RnA2LShqoBnk9r1RAHA9gN2taY2w5nRpS0ING-bI1TWsxJ6hy1mn6CiRNItKseynBMjV9RKkIdajU1nadUw1e-8&sai=AMfl-YQobvmAi6BsN03lmyLVruxOwaa6NL8O2pLjE9d_QPth2LNFHAzcZRnqb7pTKgtPmhXIfDmlDfUhcZtnnBkhDeewKMjXo6CkxqvrCLnX70RJ8UVuXDt2Thnf9Ea8tDeKOv9TumNtM0saC81egfROXONZukNa3I2XItoxXjg0syzgvjgfETkC8fcX7DCWSI6bZYnDp0uvH9cXLzeeTusoPBzy6qIvjlk508ojW-UeMfXL2h4ipsWM-UtVtsjgio9hmHp0ZxfkeMgS8uwvXEYuvmqoY1uPtA&sig=Cg0ArKJSzANygcpd2J0QEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=704&vt=11&dtpt=458&dett=3&cstd=242&cisv=r20230426.58323&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 52B6 0
0 78ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRFPCaooqtZgCYTYRO-QC9PeRIMjkGgZ8JPqXep_XxOwPsQabUnppJrc5-Puw5M5nX_Yp4xIxaPuhjBuHnvmxmT7wueFETGjBkAkadO11NB6s_zPxp21Ki3ymxhECbMvw4ZdXZkAItJkxHzgYzWLzPf7Gj7kti9g_eBex1LR2OPQSTdcEJ1BEbConv3fgmf-P6EGmVFMM89ZBBXRP1MQ7W8qOxIhvf4sYDFuXn14tklxsF7o0QT20CzdasRSO0F9JEaZrcDWqIHCX7mYChJ_bxzcR1MlAEOjETlVUApI3VjcUhmSVrjkuVv60dhW-qzXop7V59vawDWAqmy0OBXnqXnjNVyZ-S_TskizpyIXjQbKi58pJqueleP7KvLDrr6gT81ixWEiobZgrDYaZRXQEHIfLk877l23VHq0CWY_N3S8gVI_taichVtk5XehxeWUr8l9CT2vUApviuxnDmMgfG_NB0Y6gFveOZjzqDHrr2h6gz-T03B1a3MqUXVLgbWS__8KNkLzXT8yIgzhYkqZLcV2LpVditWQNS_ARBTa86E2hU-q9DSnuHXUToYhbtCThUEHup8LFxEIajsKKV3XUn9ur8-PT2vSXNLwYsRwkHmgKksbOQr8OqV7rUil9PowvofPLR250hDtpJiWwjVahJrAQib8cWCd51qaZtVXcticAKxCse41FSsUF_NiER9NBM9MMcRO1CudUujQeuMGIZ7EJJRBnDrzCABorphl7RYe1ZxqszCmS_BAI5Z0QeM1p9-F0bWPW63U5uaRQqWF_kfgj5eLREzmV_bdRg2kubLKM-reja2ui4xjCoPP830fdjrDcbn2VrUpb1QMLemitqJVmJTJH408qz1ZhR-0LPxF4SncihAtP048gbKUNrYHVl8U_XjDDg4LlhB7ZRooHLfMRvL2vBy1iBElQHGyd44wvLOKAU6fRDLqvC4kNZtMtOGD_12RDzJCtpojVrcsdUgQsnH3OywXj5KINrqJY6nuiBL8neMWs7PBcnjF-_pgrnfdo8hynwm2uK67jsH-skuWdefkZctRaeRpYRxhTYC1gaas8LT7ssM7HVNimKKeZrLydSQztS6rxvAuE6Pau2HVS31P5uNprBRYY0sjwEv0Qe2kU4UYr9ds-eut5UWceqZtgKFzbZWheKE6iZQ416yXrQWS8_U-hor-f_vhKNQUe8TIoBDRshzxnbizz2Yfy9nEL7qzfa0NKjj7quQ-YYsj5JSwDLO8wjVVPMW7BHZ5i7JuB08ZpdKtGVmbPdDf0tNcteqkdUl1irIFnMGNYF_PaOMEmD&sai=AMfl-YSub4BUz9-r-Fmpd5ucVK93lG4NG-Y82o3fg2G_0XTq84_7MnWiRlX7-h8cp7R7ctXJcCvFKcxm3DQmDrqo4TMw7HJRphj5qmqSWWDH20pFNqdoCIE7CB0R8dCKLbftFgxPu0Tfd8mE7nyU7r9ixty66ju_E_BFf2qgIrLLDxKbpEv21SdNkOZ401Y4rXl79yoSXxl6sEJoBZfvzTEwm1fVT-lHtFSf1JRxCUhYgJ0vw5HROWsJ2cstCUcZHalEoJ4mSD3l-JtW4upEHDEw9Vr1tc9YIbZhX3PYMPpJFl9b-QNvGPGxJbm8&sig=Cg0ArKJSzHCActKbHd_1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=774&vt=11&dtpt=471&dett=3&cstd=296&cisv=r20230426.82882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250201&jk=2919719704227315&bg=!TE-lTxvNAAb9Sbh13Uk7ADkAdvg8Wn7ePYmx1znq17JRYN-JAyusLenmpgAW34AIsIua5ZU8xU9KOrqyXqt3jUQ_LAOC08mS3CECAAABFFIAAAADaAEHmQK9pdLJ1rlS4pqrBrF3lN1SMY6X6CwlnTcYVIPHwfiP2Hsozqf3R_HNT7jXhkRZESUSUPJ_orzWuRBNaQ7snGxlwB7Vjmc29Xfmw9BWyzgtWT3YWRI3JCZRoR6EqLwlHd8AHaMlCX-uuiAO7mkIXuJ_0RAE1H2Rj4hNH_1d7fZK-ak27SKIIMpQFyamsm0wiVrNbFv1xs8oYjfsygF_UBOj5ryw4Nm9pGDbQAyZXLPkC1grF39_0yYWFwwvEkozbc0XgRQg9b4oE6uQCbx2L5B3Rv07nmhBj7yjMgWZpHNs8WyOD_jtLb8XOE7Av8mRNMMEyvtIi6BvRe2d4b6IQonW7F7S1CO-HK_EkT4vkPrRlRpg24GEvKjwnzBlHGTuA1bkzFa6kyxgPevhw42RTT3Q7EUsgUWXh4sB3Ix35ffhRec_l4iNMHJi0wWojez32f1CNY4GWO8EUBJyY5MrtyzdxHOdwPyuOdQwsiM5f-asJm8-foANNPJdYcHuWcdg9cVKf5HlUPGPxK-rNEFqnZnn9cpyGwvEX2r8rUmg9SuEb5-h48Uf6uIKXP2D6uAauNwA_2zgEP6WnjB6cDfjPKDgAu4HSqn5KbpCxAvb7fQVAUbqLlpg20R0YfcXTtDmCzMgKaOQ_cVMqNd5vWVHVfwtnP57cEWuKWZ1Qu95AxmqFaMtitYOcAANNSEFHF_4VvI2mRU3f4OxXliLsm329ixpPzLDXEtJspk8x0iNElAJbRqPqY6MXE_DKnPbsxPmRRlwx0viiytOJguE4RMay2KQ_-GWYV-uI39IxnX4Lldw6932VKEf5kXOkoUTQGARDIIjNLveXZ-6Y1iiNyrZwXR51sGVr26wz-hD9J7IqseE7a0plfsOMgk2GxuF816yuC6R0zgP7WOIE0juRx6d6WugPIFxn_96WAZyNFaAfk4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opynew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame A7C5 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B0B5 47 KB
47 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:53:46 GMT
x-content-type-options: nosniff
age: 102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 14:08:46 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B0B5 46 KB
46 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:50:54 GMT
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 14:05:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B0B5 7 KB
6 KB 78ms
76ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a334dc591dba32ba36fa1e951280f37a0886f6aa37f8355dcfdc4248b2dbeab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5745
x-xss-protection: 0

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B0B5 2 KB
2 KB 44ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:55:32 GMT
x-content-type-options: nosniff
age: 64796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 19:55:32 GMT

GET
H3 200 60005582_20230412024536330_o2_homespot_5G_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B0B5 33 KB
33 KB 45ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230412024536330_o2_homespot_5G_ASSET.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:03:25 GMT
x-content-type-options: nosniff
age: 64323
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33586
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 09:45:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 20:03:25 GMT

GET
H3 200 60005582_20230412024456637_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B0B5 26 KB
26 KB 47ms
46ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230412024456637_728x090_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fadee50788393902cb83f6635667baf7614131ce74bb4ac34da85a61871289e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 19:21:21 GMT
x-content-type-options: nosniff
age: 66847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26936
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 09:44:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 19:21:21 GMT

GET
H3 200 60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B0B5 30 KB
30 KB 51ms
50ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:21:33 GMT
x-content-type-options: nosniff
age: 16435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30980
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 May 2023 09:21:33 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame B0B5 43 B
607 B 103ms
28ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354472207_170181287_PO2603A20230412&ref=29072291_4307561_354472207_170181287_PO2603A20230412
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 13:55:28 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 940437
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 22 Mar 2023 08:05:14 GMT
Server: cloudflare
etag: "2b-5f7789eafa280"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 40418697
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7c0885b688725c20-FRA
Expires: Tue, 30 Apr 2024 13:55:28 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame B0B5 26 KB
26 KB 49ms
49ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=OsUbBBSgGK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:54:07 GMT
x-content-type-options: nosniff
age: 81
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 May 2023 14:09:07 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2ED7 0
0 75ms
75ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaug9p3TNdxX37SJUSS-ckhgL2K7DtZXmyP6umj8Ezw_RsVlWep_sE5KsYAKrCNmUqR6kUcf6ynIis9uFth4Pxi8LfluGSDXRDj7spGqrkPoBNifygx_VclPcO5pL7AH45K6VcX4mgre5yEW1pfefcMi3MB6xGQg7rpE5NXSxE669zmN8iiRMqP7LbijbWI262XrFxkC8Y79M6l5WbVhXeVVp5OHcPgCPwDrBd95olqP9CZofLFYfcG8gpeYuNyW5Rv5eSZK2jaTfQnVkRtH3UZZnLlhWk2ajGM3UfPuytkvejzlWeNKvPnm9FBNV3CBjfiAIJ5VzJdcGDl7hg2j3_82w0HNAcml_j61uMxFVMqMr2aqsD_ys-ETZspqXQjykywGnL_DkNC1MuWVCPyfrJleQGASdtpNawwAxqKmLBz9hklpnMknDAr1uw8kLaeag1P52WunytgRxtAsKNaXaFtgOGJghd-L6gB6L1qaefvWlr4ZczUXgLYHubf6IdKRkQaHP8R8BsnFhxEpIynJNKbQ6_Uzar9W3WeXUU5qgIsLrb_M2CFTRHmVjtCzq3zOlNQuTsuOt6XeSTa0dMQ6SxOhYMu8daHkicwJD1mwaZarQlbBYFKGV9TB--TzHY-uwLSIP_Y-zazQ3NWJRYQ8PoylPznrn0rMv2imNGvRKasxfJ0nK6QSKgzp3HalJ9BMk2sJSqySYM51G_cm_cjGuKfj8FM6o8dyZUXnGMctwXnIAvup91qLCQkDB_soAIdOT8jXugXWfIZLAG0nfCzZwlRrp0xhpoycx0nb97uOdLQs721I3y9-TmZfaFYps_miBaPR7P4sH9nrGSLlvxVtJb8HCtajizcTznyRjkf6TT0yj3Jcy4sEMca8ES03FWbvCuMClhoY3VzUpoBmwKF0fe3I7rOv7ZRSMhth9RXnJoTZiSJhaZWgAZDyS9Ai3MJZZ1mhoR252gZvvfj7VVYnIWo1JkTJhEp1MUd5GgvR8QyI1b5cHU8JfG0zOu3TAnMYrd_HoZ_0bUtlzlr6kaxHA4J-seJYTex8GWiwiDS5M_5hkr9XVuxCfSV5xD8afVKHV9wylhB6tYJuXt97tbDkkEoyDeMC9JkRdDG71gtN6iKjlDaVgQRtPFaLwMfJuqmmfULIktxndnlBYz7U-HmxwKbKTGA8E6DBw_-niFFxqV6ZD5llVQX6RIx24hwKYCI49DRPCG5QXp83rzGl-Ks76YforI4bO_aistDdS0W1UeKGdpeTF1Dydd8oBeeYrmHTDCEODFL0RmlwSJj385ZSgAXoo&sai=AMfl-YSFnXXAX5s2NvmPMalGHJOqyhqTjReVOhsQc1pV_kOxC8gWDTYnULqMGnHDiG4uu7HJPU-ulsnK1msTKTeYCdq8pXnSHK-4CdkAGUpuKhyjxYnpmJaUYe39ja6PuIbJ1xybu-qHpGIvs-9ProJ-byconvtf7ZgsRL490XigDpaJraw2vl3hw8Qp60J4nKXcqbXierwnlj0W-yQmzKLbezyYm2tJmoLQcZvpSud5a4W2mjyiR4usqHqBfzBCCfChQNvM83bulbBLZaPJ_AZhqBCwZeYYOoTN&sig=Cg0ArKJSzFd9VU9ER_YAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=549&vt=11&dtpt=352&dett=3&cstd=183&cisv=r20230426.86914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: opynew.com
URL: https://opynew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 May 2023 13:55:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8CE5 7 KB
6 KB 80ms
79ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e08a8ac946bdfb063cdb7f25a4c7a7badbd268da276cfb2d512b9057bfcc2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5645
x-xss-protection: 0

GET
H3 200 bg_main.jpg
s0.2mdn.net/sadbundle/6529407057911781381/ Frame 8CE5 82 KB
82 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/bg_main.jpg?1679039542424

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b8eff7ad65a87f250087a1781abab2d1270fe4aa63ed7900d4b5299241e52c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:37:55 GMT
x-content-type-options: nosniff
age: 152253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84056
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 19:37:55 GMT

GET
H3 200 bg_main.jpg
s0.2mdn.net/sadbundle/6529407057911781381/ Frame C177 82 KB
82 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/bg_main.jpg?1679039542424

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b8eff7ad65a87f250087a1781abab2d1270fe4aa63ed7900d4b5299241e52c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:37:55 GMT
x-content-type-options: nosniff
age: 152253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84056
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 19:37:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C177 7 KB
6 KB 84ms
83ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21db4845f3daaf75d573321485b85c138b6cd3a0957e684fa134e1b3ddd4836d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5771
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B0B5 17 KB
6 KB 1129ms
1129ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 May 2023 13:55:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CE5 17 KB
6 KB 1110ms
1110ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 May 2023 13:55:29 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6529407057911781381/ Frame 8CE5 20 KB
20 KB 36ms
36ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/logo.png?1679039542424

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b05e49cf272ded37ae4bc377eb35c9665e796c4a84a0f1a4dcaec85e3abff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=d7MD6dEYBb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:03:38 GMT
x-content-type-options: nosniff
age: 147110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20374
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 21:03:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F1E 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMhIVz8RPZJySFtvKx_APjaqcmAYAAAAAOAHgBAI&bg=!tLelt-PNAAb9Sbh13Uk7ADkAdvg8WqQ__INO6KF6rzv2QLOUtAXCq1d0LKrvh6ujfsDl5W2hdSHed4dxTjswyZrvW_lhPsU5bFsCAAACEVIAAAAEaAEHmQMlpFvNYhCfPR3NxrdN2DRR5XlgvPjyl978PmmjccWyK6S1otXMFjiCJK54AyJdSpOjyzQAGiwqcEG9z0QjLFXDe9cWCsJ5Jt9USzgzdaGi0lKtAVGyWF3zgzYM7z4RUj9hs3GbmkjH0aSpJFhnFc6cFJH2_c9Jwa8boJkKq5z50UrXHvgaCCVRWx6InK98zOJfxN4wCcGf-XHBUlJAx7B5zmtf5P7XiAcq1paQ9LQsD4v7vc29RTaMRti6iLem65iqKnq235khSSKqUlDKbEgbjRvTkUOK1LC4mnHeWQsj5hpbJTg5USRFVT5_DG9nA_1rlpZEPjtgG2Nz8UIpTML8m4p2Tjaw7aZ6bT2BFEXxXyh4ljbU8xVDmOoCSkCkX2xF3FSbWTOSpG1vw0xX99P06APpjVm1tbe63scHkWD9QSVtQalDkWoTHDyj4tBWu_x6a1THjV0bQua-cjK1N04GtdIZOTY-jfKKg7D7Lxkn7myTn6ec8503zafCV5e-uo9yUAA6iESmcy7cV5s59pzCs7OnlxLwLjYOOuA457CQaLv3ZudquBOaMEhPPb2AKsoHSz2d2Qf5g6x9rpQ-ksrWRdRHAHDhY7TCKHOd2e2Cbyx7bL_blb55Pm539XCr8Uz9qLs_8Gn_4_80aoWzr1rZEnjgMYnZi98QiQbl-rQBfVYbgeHwLXIF-3fgnAfrz2NKuyLcZUL7xyXWHEzpHCVSWTRVvevVszW3uD9_-Cp_tSzcUzm9ZCSb9ioAdsgS34244l5RqJRp9sGiku5UTxOiHG1DQfkT6JTwRj98eevaYHdRtaeSL5GVoMQOgj-WfYFSsk3AzItVGnJszUTU3sH_xgJbvB7760npxGTggxfTA5uIyN38j6_L2SjaJykpcu1LSyNlBampc-voTKmeiwdRQHDP843pOmjThzBwsTC7sojjToREfbSFeC6Dploi9IaSYfp9JwUN8m3Vm9F7GF7X4T04UO1Yho434f6P0bIcNPeWmItGRRzxXwiSv2qYn-nc-4YP9VCWc3ndtI1a0q5fYY4ofWn7SKbXaEvAjJNqP8hRF1OYVA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/6529407057911781381/ Frame C177 20 KB
20 KB 36ms
35ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6529407057911781381/logo.png?1679039542424

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b05e49cf272ded37ae4bc377eb35c9665e796c4a84a0f1a4dcaec85e3abff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6529407057911781381/970x250.html?e=69&leftOffset=0&topOffset=0&c=4d0NhXezAZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 21:03:38 GMT
x-content-type-options: nosniff
age: 147110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20374
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:11:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Apr 2024 21:03:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C177 17 KB
6 KB 1022ms
1021ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 May 2023 13:55:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 362F 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqS18z8RPZLGoHsS1-gbmgKOgBwAAAAA4AeAEAg&bg=!8_Cl8KTNAAb9Sbh13Uk7ADkAdvg8WuaEQ4kT1XVwgEbXg5aKRxLtkp2UiRLZfJf740QE8L14c9MAh02pfFwdz3Heyadd3Bbu6gMCAAAB51IAAAACaAEHmQNqk_cQsKjlnfw1ss-LlNoj6w8qvAlyQJnKndOTFc9FQIwEbN4GPeHI_-u1en3jXeyWFS1TcHx6nlw9JvCGGDwjM9cMdiWv5mHnCUxCxJIJHREVbiEUedFkkOm6hS8rYOKjZVcbVw0awZvs-W3Z-eDjs5RC3alDTT7sL4OqAwC6N1fCYR2-FBuaDympZBjosc34zRWd0VXptdtVuXF7ORVzrXqWAjOsVi2V43FN0FYaB5tkDYJjAKgdpecu5ctk_OvnUt1RMQiuDBbW4d8mDAhDFeDuRAgPR-vSa-FQCWvMoEwTtkNNCaaLB775CFfqAZixgy8wpdcPSOskRkB-wmxYEZHVqkHL4uF7dgNiLeNttWQcxrgIR_SP-ZGMOFY2GroJAK7_wLrP5XU3IrLX6wc8RkHM42Eu7o3nat6nv4ZkDo-2kCk0uiagxLT83vOQyQF8rMbPyPzG9FH7uymjvptqeJVsqxtfKa3fydpZ-z0qInRzYpXS9w-z54ikneT5DKdOyb4AfrBmhRQ_vDEo3zEOvwDIqsSVcRwqnLfLMjDqNRTmTpG5Z1Ik-Qwr1igKV9eloQuKFw1AGnrD_jwW50i7X_1YRyVuSyiJsrOjENj7Q_XTW0ZOtUS1ZfQVO9cNfwGTB6_cxt0LaBnUlReSg_xAEtiqi2RBTYiiB3DOuZ6YWZWNYuLNSrGSi_nb1WMOGsdNNF3BDygyJOdQqfRNDdzLvFP5y7DYCNiQvyN9Zy5B_7ZhZF0kYVAU43dj09uQdq3Wn5Mqj_tJEV3cpQUlFx_TCnYn-Aaayqhj-UW0AAeCDlCxEfIH6KPCmqThJOHMU-ObIsssB1BTXmcpUhIrTEcA7tjNFg-QxFMv8xGH8OSA4HMvH9g04teTOiIYmfLVGvE_6Pwa7e9g3ZQp9ARE5VNGXmUUpYfI67yvyBBndYkFv4FLJlCX8lxKRjeeaYHMc-ZUr2GarOvcO1ug8c2jMUUqlPWGvh9A2OB4Yu3JeuLmoOP8ce73rLf7akKDti5OWtPXvLYGIXW4NIyheIdGCFgFBsMgEzSFHlRs2lLY0lFRJF5QjGcOVbUGaYS6YEZf1DyWz716suo1GUHeAMK5b1SSaTnjj5Fy1Vn86rTt14tn_5bEIqXLPnkaQKlLiqmWW2qyuK5UOWTbfZnPlw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7C5 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bfqrez8RPZKziKe_Ex_APxr-X4AMAAAAAOAHgBAI&bg=!sbKlsubNAAb9Sbh13Uk7ADkAdvg8Wo0Nm-L_zvdhcrazY2RIlgh4cIbjeX0RRTBl05kaekBAiFhD-nkf2_HlzTMINeePgBPsNKYCAAAAslIAAAADaAEHmQN7hs-yv8c90wi6ooqu-4y-oMAjiuEoEEhpHE43pfeBNUmUwsm2n0ckNOe_maCKZSXyc-U47Kk3cgRBfEd7kA_1Td61WpQizDeeerz-GoRidTQND8vNaNJQrf1TT7ESTxkFxSNvFed0cjHwlPjUJt19OBbDeWz_70v4klZ3DBPmG4QzDqZEePQhq88brlNqpjvdA3MSYrL0obuGz1OutyQFbpNqa6E-lPFXCYjBfko7NHux7gqhlPfEoDSfl51kAjj7K-6pO-cxdnchEgeH70bkZpq0EObddz0vpwQmb6x5CcmGWNLYqGOxQ9g7gLxajsoimezobiXB_ZBC4MktojSV5wbWmoGIdSppBKCVqU0ZZr288Waolzw1p4jmG4TXNkXLfcfGPKbqVMHVPMvrGIc03UIVKEfzOkgqAQOgcHfe6LNgv6ELSfDfDBruqr4gld8evHjaJjhNtszVcrO-3ORGSsW0HnF17YG9WzNxjL4w3rVaa_qXekcdvRiN_zY4X9j9_tt6JNJnXYf_xoioBCTn5dih4Y3dGMVcfjh_tCw7KTSYruYU9MhaZF7VRjS9aVMDynr_-P-mVPhGUo8-uEwWYyQ1mi_PGazz1wrC08bN5IsE981Vne5G0QmsdcTjexfHdDg6ft-9hVWE5CEzgEnMyhOaa1bx0pggJ9S4kzPxoYwX4nZoEIPuK7CugX9OTm2WubnbgkDCUVeqShFllJPxrb1qb2be3Aj4tJjoTseQyvD8L98P7zc941mZmxtLvQYuZcyhY8kgs8Kt7P86lb-F0q1hbK3tan8mDYBDMk6LOCGnDSbnwdXtonYF-K_eAS-AVcRVDoF4rotWWjSd2zN9NN_fXZ1dmWdS370uqGMdz4ZfkNBkC_43YXtJ8inSXmjxPkDs9SunFQWBaDPnOmrzAECn7vivyjAHxjUFzM4-E8w8yg_Jg8XFyCnOthGtwsfACjdLl5dypPF25hbyW94Be2SvTYV_2vU2d_fUHsxU3JldiJ9cB38MOld-YAWPjyGv4vX0jRqqwpJcHEjVvbUBH7-bSynt5yQoaSwFVimduUd7kEbG9RvnyWbUfxGYzmQ3y-Ojxbz9sm6DYeLIbssAdLNeRw0ajD_cpUa7_imWyzefm_RcwPWMrFQPiforWSk3qHwEza0e7BLCysso5R_Q3a83geWxFDkXQ210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52B6 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscNDVg79jomcGBD3PwozUFu1nlyaUDLorpy1ed7I4rLpC5P0twFpDhypAeJ3BRq4iHhpaV85pcHRP7EZX4IJ0XM1avLQdP2yiagbZEp_EH5ge7Q6gchSfJNlmRlXPJ5taWIVXMJA&sai=AMfl-YQu4pU9b2M9m9Vn0tcUbxhfKEFuhsL3i7QFzHI7q3r5NxOb5vmoJmxRkTyGFFM1YVBhHsTCX-cM7UEQVjCbIsUWGjZJrBUjY9zGfQ1FAfJUxL7J4eu9O_5AImWoKB27dJbYQfnnN5LhMjeT&sig=Cg0ArKJSzKPIOeWlz5WCEAE&cid=CAQSSwBygQiDqmIp0oXBW1O25Zz86R-mVF2LjBpsDvNI8pnWf8tuwnl7G5PbBq0xdPoUUTRQWXLBlwtbI4abJ4Bs0CS5vNmxsD0NinPudBgB&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=585167501&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682949326993&rpt=764&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF90 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunFbiTIdLWSr7zENeqlqCpRQv6TNKtJcmjeo5x6yQxblO8v_vZNCdeJUZRWywnPf_ddV5_ltdA1vBASJbLx4S2cbvirzbdvatOToo1b0IqWD0b_5SAx4VX5TkbkQUYBTtvi-l6pg&sai=AMfl-YSk-Sm7sc2upFrr7KDjhx9CPCPVF3oXxCcPhY49rv1ZnvNtQzHWfCL9Sd9bmuiEsA2UT8Mt2t0AaU7cv7_gS2Gbek09njvelZUi4tkreaolqF6jzJqBr9uldLI&sig=Cg0ArKJSzOHvh0irvMrKEAE&cid=CAQSOwBygQiDsIDB-vzk25pIbUCDnpq6cpDp-aFy2Ty7gsylNS1Dm4YMewBAfmVnclLMce0wx-cw1wTmmVsrGAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3166157462&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682949327249&rpt=598&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2ED7 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzQMpWSZ2PlWpwq9ZmSjCcPNqaOlCOdOj3RDry421H1ZNO1ZElxC2jWDZcIDYseez200N_6B52PWpOplAe5LniW3r9A3b1Q55nt06lUYgosc96NDO_rSfn5uAFITLczdIS3AkwrQ&sai=AMfl-YQ134_G_9Wtl6YIHqGNCQK6BWO5T4iIDcZspz5L1g4D2W-TpJqZkfLCMrmlvkZXh4h6eFPiQcsA2_8YRg5_vAFYz9ui2NKr9rWkjkMcXqmNAL-F25Wj7Q21ue1u&sig=Cg0ArKJSzDnHJ2fyfu6AEAE&cid=CAQSPABygQiDpL27DtuWuNlH02QORDQZ9pKQAluQvIQO06HFKQksQTKs4uCwasM68b1Yz2ZLyCvpHXszXuAr6BgB&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2816929870&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682949327487&rpt=442&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF90 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6335537575034&version=m202301230201&ct=76&x=1&cor=6409841365264189000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 52B6 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9023601050466&version=m202301230201&ct=76&x=1&cor=1926428374336437200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED7 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8894381718449&version=m202301230201&ct=76&x=1&cor=14733723482967675000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 13:55:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame E24C 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame 98A6 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

GET
H3 200 wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js Show response
pagead2.googlesyndication.com/bg/ Frame E7BF 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 09:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 09:37:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv06ThlY-NsENmODKH0dyiqNTxyxkyGAJdGqQuipkZ_aEboF4t6LomEoG7yi6aOqXPVym_W-Iab4a3dG2gYhspMCr8Cqb7_DpkS8Vy298cpTRgARMLaWQq6eaWliyEJPc2IMKpLAznCcNaJ58lZvebF-3TtM3RxlnwXT781KoJKADuui9bFS83GtHzBXhbZaJ-T6f17VZ8wlTo3_v7JjY6uEHtI0Q9t9WCem3CzDXMhsxVgbYsu35ielXob3Wfx0N_MgFM5BGhv1VR8asNP8yMpkIAOr-qooSM_-3uWtr3CR8SxF0yLHvrlhwSbUcIU0KWJD-fqQOo1CBxdmgrlZ84ynlVC2JAOdv6MBoYmlr3F_XUj6_TBjsOHVz1NMyOqaM-9Nw&sai=AMfl-YTAPZR7W6FBe-3hwOXPEQZIwbsjqozWFJ93ZYCpc7QV8azkBSrpaL8yMgBIprcTrc5I7FbxZHt2Vvb7OwR569VQE-phTE66jasHeE3guGs&sig=Cg0ArKJSzNWK-ZGVUvNqEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseE3fRs2eAcriq1JC5hK5NYR16yDeShBsvJlDT0iKqwBhRzm3JNOP9RsXX9I9jORf_Aul4mV1j5VewzzlwJFqHqWmqMq03ttlgAP6LmAuBoiQTgQjWUWpuLECWTBYX_uiH-sWPTBINWDVCiJjE3oPC9PNelDswpHyUKK3uj-cWryrV5SeIlv7KVdjNitgGpDIrxMcBFDbgvfdfg4j0JtBA83XlWwyMTD-HW5l8j1L4ev0IADVh-f03gHG1GlZOmJPIbko0YLz8PFMNEN_FUGHOYJ2ARGMMM_iSwE_E6YqUabVoIa2Ls_5ipAzp2JTpYE51DdCHBsenbH0rq3YNiWj79hcB8emP8TO95SLQipPtYwx-onXsTaHtBE5ZitAJTXT9pA&sai=AMfl-YQZrgBUXyPQ_bmJDN7rVZxIiHVDFXOyoghu1F_jtlnUxQgX8H1Q5Tglw1lYcL91FlXMdzxRMJ3w_sFc_0aI0DvrVJIJb2FVMS7PiNAWoKFUdP_AeUSlMhz89BBcmQdTXUZHT3EEQB8VO6BF8BRE&sig=Cg0ArKJSzKqWHPjrb0tMEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFgxTIoRHclD3wUtyZG6VxaNMNKlYa63C8DraGIDUcIzvMqdw9zWjqnSLuJlHspMNzK9lI05JndXEhru-OSuZqb8PyYd6NDLCYqd3mkjvdK9GMa8LauLHK0y1Pjn1TvQRZnORylE_NMJtFuxuihEGCjhMIJR9o8YLn4HRvirJ6TVSAncK8jliRUzv_nj2n8EJqbPnTUgH0zVPH7HugEG5kwWKJFlFzJijPWa4nF0n7mITqglbPQwyKf9tC_PMxrRt7pA1tnEWPyNYzToqHDaXC4ox1_DFiPhxkv_xOBbBIvDlDvZwRWWtFXnYNFWUir8StdtG8RqsF4JfWpq0p8CLoyg6jnHAuLwm6g4K2ewFLAH4ed1Zz8evPgejUTZeN2TemSA&sai=AMfl-YTjejybV-obf1fBT_ii0QWTINrpIjdIJVIkYUBVABf-Tv4hhPCYXYVLWZboQoUh5AXFJBoXivjisq9gr-PIu8fCt8hgWI8RISc2MUZearQAA_KI27vTzmCC6gepd2M2rUV9MlVzEVu8sLCLOEA&sig=Cg0ArKJSzOwIZL25uPoFEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 21:05:09	Name: demandSupplyTi Value: 3d169bef-be4e-4a04-990a-5d2e6c68d8bf
.demand.supply/	1970-01-20 11:29:11	Name: __cf_bm Value: v8kGRn3CpXYUPQwfbECvdIjwxnxoCBQksqGoP6Z83kk-1682949325-0-AeYNt4pDtqdiDWOT6KEJrR8AEAhRSNfbMOXV48iGSHO7R11/HXxR6m0aRmGffiDISmOO4Wc7Xq2gw7l3gPc0aM0=
.opynew.com/	1970-01-20 21:05:09	Name: _ga Value: GA1.2.1196177227.1682949326
.opynew.com/	1970-01-20 11:30:35	Name: _gid Value: GA1.2.1809119666.1682949326
.opynew.com/	1970-01-20 11:29:09	Name: _gat_gtag_UA_243307127_1 Value: 1
.opynew.com/	1970-01-20 20:50:45	Name: __gads Value: ID=66c7fdac24f77265:T=1682949326:S=ALNI_MbGQWERd4us2LG7q_gbZJKoqZSHaA
.opynew.com/	1970-01-20 20:50:45	Name: __gpi Value: UID=00000c0e1b972206:T=1682949326:RT=1682949326:S=ALNI_MYDs4l3sbt7HeGFCXXD-vE8rnvSzA
.criteo.com/	1970-01-20 20:50:45	Name: uid Value: ce459e37-b1d3-4b75-85b1-68d50cf4dcaa
.adnxs.com/	1970-01-20 13:38:45	Name: uuid2 Value: 2928155728056893569
.casalemedia.com/	1970-01-20 20:14:45	Name: CMID Value: ZE-Ez5-kPdznrBzweHaY-gAA
.casalemedia.com/	1970-01-20 13:38:45	Name: CMPS Value: 1173
.casalemedia.com/	1970-01-20 13:38:45	Name: CMPRO Value: 1173
.doubleclick.net/	1970-01-20 20:50:45	Name: IDE Value: AHWqTUmeKl0uTHGnM5enH0X-IDfm-pVVTaput2SNS_Iwe9A5TazDCY8IJcpP_EXGR1Q
.opynew.com/	1970-01-20 20:50:45	Name: cto_bundle Value: H8WelV9kSlJFUk12NyUyRmNTQlZxeG1McCUyRnYyVGdmVEVaa0VFSXBEMVdnU2d5VyUyQnFlY25WaVZCWkNyc1FtbGgzSE02JTJCSGd2NXVZMTZBNVBKOUxEVUxQRmc3cHhOZWpKUHd3UmI2NnNOWVpWMHNYYm9GQTZWa3JIamhhbGRuVERpcFJyeFJMTEozOEwzb3hCUXhKamNqOHp2Zk5pUSUzRCUzRA
.adnxs.com/	1970-01-20 13:38:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Ut#UH6!]tbPl1M>e)ZlrFUfJ+tGXxo<8fKBTDYe?-9#-QaLE2Gl?LiS^YvqkSwNX?VbpRzqF1`b`S<F#78
.pubmatic.com/	1970-01-20 11:30:35	Name: KTPCACOOKIE Value: YES
.uuidksinc.net/	1970-01-20 20:14:45	Name: jcsuuid Value: 5dvAal6kstDs8orIArSZ
.pubmatic.com/	1970-01-20 20:14:45	Name: KADUSERCOOKIE Value: 59C82567-7C82-426C-8025-B4716EE05C63
.1rx.io/	1970-01-20 20:14:45	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4273fbd4-7ee5-4552-99ac-a2ba56f20dea-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 20:14:45	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4273fbd4-7ee5-4552-99ac-a2ba56f20dea-003%22%7D
.bidswitch.net/	1970-01-20 20:14:45	Name: tuuid Value: 5f309661-78d0-4112-ae1c-9021fa2ffe1d
.bidswitch.net/	1970-01-20 20:14:45	Name: c Value: 1682949327
.bidswitch.net/	1970-01-20 20:14:45	Name: tuuid_lu Value: 1682949328
.bidswitch.net/	1970-01-20 11:29:09	Name: google_push Value: ATf1kGOp570Y4qQiagBQ2iQdcs--1llgVvL0yXSejugO8zjYPlsWWnhsg8XU-DKD-7If28qLcU40CPe3CrZzA_ZqFOcayMYJIQ
match.sharethrough.com/	1970-01-20 11:39:14	Name: AWSALBCORS Value: P8uUvyLnhRDFlTC9CCF2u7tpSiej+JAILD24F9Kutxbw1sWB+7jYkxjyeTKTdF4cP/D0naTS5C0ORd9wm7vV1jo9P7MkY/hihwZP7wJqqxkPXerZFkWxlbjeaxa7
.yahoo.com/	1970-01-20 20:15:06	Name: A3 Value: d=AQABBNDET2QCEGkyeIfBnDB9NBa2ZLCkU-0FEgEBAQEWUWRZZAAAAAAA_eMAAA&S=AQAAAja_L-4Yfsu7l69hkjN0UZU
.analytics.yahoo.com/	1970-01-20 20:14:45	Name: IDSYNC Value: 18yx~2bed
.yieldmo.com/	1970-01-20 20:14:45	Name: yieldmo_id Value: gb3d41272937750b6b88%7C1682949328292%7C0%7C
fksnk.com/	1970-01-20 11:39:14	Name: AWSALBCORS Value: txvNu3csDrtJ5m9loeoMhL+XbLDvlQgMRROaXIOtOlaVkiOJaFSs4RUkNd5yOCZ7Bwa/OGLtR5cfXXxgig5VKS+HeRVIs73gatU9oMat7QPfeEjhx+PItiUB0CD9
.fksnk.com/	1970-01-20 13:38:45	Name: f_001 Value: A7437808FCF851E7
.fksnk.com/	1970-01-20 11:30:35	Name: g_001 Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-trjAkNCNMLpFJTECpmlPn8GgI7CBPODSX2IiTlxSMf8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250201/pubads_impl.js?cb=31074164(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-JMzQzhDVDZCc5H2F6hztjWbF9sPK+OFhBmCjjyTt6AI='), or a nonce ('nonce-...') is required to enable inline execution.
rendering	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 14) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yieldmo.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
esp.rtbhouse.com
faec5eca4564bfcb8bd27fee005c4a14.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
live.demand.supply
match.sharethrough.com
mug.criteo.com
onetag-sys.com
opynew.com
pagead2.googlesyndication.com
portal.o2online.de
s.ad.smaato.net
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.102.35.84
141.101.90.96
141.95.33.111
142.250.185.162
142.250.186.34
178.250.7.13
185.64.189.115
185.80.39.216
213.19.147.44
2600:9000:211e:cc00:1b:5138:8a40:93a1
2600:9000:2250:3c00:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700::6810:8516
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42:200::485
3.68.153.114
3.75.62.37
3.77.10.228
31.220.27.155
34.231.23.92
34.248.22.123
34.249.220.178
34.96.70.87
35.190.39.111
35.209.139.20
37.252.171.22
51.89.9.254
65.9.66.97
01aa7aae1d7de16947c580bc96bbc99036601e56848a86ba742f773a847c208d
02e62df60ec35e119448a029941cc7e87611801f8b7a6e4dd19333bcedcf45e6
055e181cbdf898b237a1214b88dd5cb1d36c85fcb3e3e5edb05a3ae89db4e15c
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9
08f42180d35a2ee7f3f2cc92b7c03c592c5fc4a18ac0cd483dce0c9dc5626767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9a8511f8bdcf0e36428d8e1e900367d68a8b71e523ddb80c6ea7d0d8658178
0d55bcc80a53740ffc3f26d47d9a448be8bce9d5648cafa8279cde7b7dd5bf1b
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fd365685b1461716e9cb994dfe6230ff54d593434ebcd67f6d963f2616b3753
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11b283542b0664f7e46894548d5f62f72c4c7320e6295a2298f9845c301f3a02
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
21db4845f3daaf75d573321485b85c138b6cd3a0957e684fa134e1b3ddd4836d
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
271e7e6530a18de4ba1c811912681de850208d96699a3a0077bee323a113c59f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c18d494d09288e196cfa6e5018d5cc3fdeccedad9687a48ddc2b2f0d59897bc
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3158d7a9077d2b28550e55a31ec0838ab5118efb759d05d4b3f34eda88e1f0e4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
367a96f5e00a8da1f68aa4de81646a4b6dd976977cc96af8159991cf95bdd997
397a064408a35de576fc209912c034ece47a49026ead975cf6a1720c51bb2433
3a334dc591dba32ba36fa1e951280f37a0886f6aa37f8355dcfdc4248b2dbeab
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3e08a8ac946bdfb063cdb7f25a4c7a7badbd268da276cfb2d512b9057bfcc2ea
42e7328d12c030ef6836e6cd9e8c5365b7e894049a7c9088bc4adca343a930d5
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
45d803d9b4695a0ef7b97c9a729f197e4fd08f2d396e61be71896ddad7a58efc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4e0a65db63f12acbe27e01691ceac4e3a1cf2ce1304a31e0859b157d4ed3adf4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c17b063d4397b4e382486ef7594cd87da2d5b0c67069adeb6ff5b2f21269eed
5e7161c6b30f7b904d06c2071b74d4deb46611508434d595c7d4be5702bd2a0a
603093968a28af69e7b9076c395c9756c142cc55a22fa90d57f691e07481a1e9
61837609c4841282f94f89de7e2d082542ade38015258a246472ba4737eb3d1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5776558743e4fff60d20088c449ebafd7534ca7397a791a0e412baa60b9c1f
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
7001db391f725ead6e81a96e6f41c7022c34a6931cde508bf560b5046666df99
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
7678b337af6b83f699c4f7a6bf18adf4645e997ff3a107830266a3c93ff06333
79eb13c2ae5d6bc42607354422496456790e4e83ee739aaeb035cbdf0073659c
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
83f55847e698f7dc6cc3442dc82bf6fd211f579fa9fea0c3bd3060505366f414
85d5454ca34245a402f596c7573b6f0395c2bec16dde0adc894b84846bb0fc9b
87cc3ffc7169655f3bb39c37f2d2db60f5bf92fe26c83f325b5306333398f076
8b8eff7ad65a87f250087a1781abab2d1270fe4aa63ed7900d4b5299241e52c9
8c6e8c66875a052ce83da8d5b03fa248f79f0c9a5f13178288d1202ced277187
8edc0f9b8949a6b0b50a0eeab6e87e64c18741f5a13b1aa963ac144d8549f9db
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9fadee50788393902cb83f6635667baf7614131ce74bb4ac34da85a61871289e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a15fe1cf3f6246d592f991e0f151dfa77207c2073dfc68d5c51805734776f54e
a3d586e3c962060d74f7f85382769557b26ac32df43c0e4083cb36ca8fb5c941
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a74e607c0f749996339baf7096218cca4e0c6ee8548b8039eeb2fcdffff31c82
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
addbfa1028cf127b39a23057953a377e32fb30f1c97ba30f4626e8ec3d1fd3df
ae865333e046cf67715bd08780dd130d49ef683857cd05872d49c0dc62906b00
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b07871f016581e9d6d67632bc54ced898fa19754c3a1f3ebb46360f77bcb4545
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b51100f5100d0ff8a219da86f22e1307cf1aab3e9dd55461042a0ab67e10e7d4
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b6bd06b3efc8b2681dac307a629ee2c312c38632e5837bf8553582ff404b8e0d
b78e97e39c373cb6cfe35a208fccb48ad48db0fd91acae6421f91225cbbf02fe
b947f3a450edac89a6d7c2893f1a52efefd70affe48c6ebec5a46eda30da9926
ba2eb6549a06673d4f069718a0f7e211b7ee7251cc0e8fc4f6831f01b8cc9c3e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c01abcb9be8ac3c4ace08e90fa1ee6c277a097fd2e70eeaa74020bd4b30f8a08
c0259dc62719d129ad3d7252d0fa9632d43e81285da4c54e982f7953ae30ac4a
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c18e0135a17c55bc5127841afebf64d74c1919a0e18274d56f8992d29e51fc49
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c32f164be54b12ca8d8eb1f9aa5f2269bb6ade148ddb5314156c8470c59b2115
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca7fc0d9dea60259cd47ac9185dea859cf93cba538b4fad5bd43c92f91789e74
ce16f40ccdd051e2a8a3ede16fdb751ba491dffd696cb1a8efad56eccc91745a
d0628be3c63ce07fbc1934d8acf201c0f561236adc92573d634ea9040c4dfe1e
d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff
d5b05e49cf272ded37ae4bc377eb35c9665e796c4a84a0f1a4dcaec85e3abff5
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d67d1cf4277de761ebec832e4ba9ba61f98818c43f9c5c232d3c37ba98a23404
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e05e21093180c05e532efb72a39502be59d6626e72ae47573de76f0a733fcfe4
e24928d7d73d973842a21a3f630f4b4ef2eb8c139130820ca0f6f7c2d7a15245
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b93a1b0941a116dcb0ed0b5c3ea062cdcad365207c405b231094eb485d95fc
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9082e62c9c98974f8a457d78c097646c92ca586fb312743330a3199fe88fa41
e9444e35d1319038584ab0722317aa5776ae86bd4402838ca0f83a987ad600c3
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f4578821e392d8f0e1efbc01a0f2a2a448fb390d9d8d17d3b16761a91e44292c
fad9103b41c568c45cd4c0b5cf087badcfda64ab664cd8f5f5e8c42d762f3a05
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

opynew.com Open in urlscan Pro 35.209.139.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

255 Requests

88 %HTTPS

49 %IPv6

35 Domains

45 Subdomains

36 IPs

7 Countries

3638 kBTransfer

7307 kBSize

31 Cookies

3 Outgoing links

Page URL History

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

opynew.com Open in urlscan Pro
35.209.139.20 Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

88 %
HTTPS

49 %
IPv6

35
Domains

45
Subdomains

36
IPs

7
Countries

3638 kB
Transfer

7307 kB
Size

31
Cookies

255 HTTP transactions
5 data transactions