www.dcfever.com Open in urlscan Pro
210.184.251.68  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1

Request Chain 46

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ8xTkpgTn1zoArtzZ9YPwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1

Request Chain 47

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEHwIaRwt1z6Yx7joGaBYXYI&google_cver=1

Request Chain 48

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjUzNTMxMzY0MzIzNjgwMw%3D%3D

Request Chain 84

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

• https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 99

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

• https://googleads.g.doubleclick.net/pagead/adview?ai=CvqwzTTGfZZKLOMGotOUPqqaMsAOYxdzQb6207suIEbOx9P0IEAEg9L6jBGCVgqCCsAegAZbRyI4ByAEBqQLj4HDcdWeyPqgDAcgDywSqBI4CT9BcShr8_e8fF0vLYoEGBNrUOyxxbNxBP3O63RDrdRkZ2HkbS9UIpgcHjpx53ZrZmut6VJ44GBOLY74xZQxE8Ral1o8gQZF3zXpNDdj99-_KPwUUUU52hEJZhpJQu6gg6dydi2dXtKMAOe50sDgRjHqY8I7KZJNZUHrhKqNzxq7F8sYUSB1wVqAxYHJabYvSiewemXJ4bWj2Tghh5OnYVEcXtDS6MH7-gmTgsoMINTfJXzWyc2RTgtq0gYv_ZJcGdnNSL1LINt_wuX1m-J9n5Bb-APgupD4RfGr8KMcIdjVFDhU_3_YVaEiNo17sH7lAh4oo4eyVsUi8gDnIHJtLSGQo-eMF9yV-tqpkz-sTwATcjci0pASIBZmfh_xJkgUECAQYAZIFBAgFGASAB9Kut_ECqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQid4M0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliPuciwhdSDA5oJKGh0dHBzOi8vd3d3LmNyZWZvLWZhY3RvcmluZy5kZS8_bWtfZ2FhPTOACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzMxOTI3MzA4MTExNDA2NxgAshgEEgLVVg&sigh=3OccTUjNqh4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_gRPjwqycLFQfbMwi13IAr2lh4FqsiFOWl7D58X_P_EG_0tMvlkncnkGjH2ihl2Rt6MUeiTvq66_xigT5mCbi8ETIoeIacx1VHxgB&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229926589695420187836%22,%22debug_reporting%22:true,%22destination%22:%22https://crefo-factoring.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22298985622%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226761316667063359025%22}&andc=true

Request Chain 102

• https://googleads.g.doubleclick.net/pagead/adview?ai=COSP8TTGfZdL6NueWtOUPkNmRyAGE0aildd6Wvu2QDsSEhZ4LEAEg9L6jBGCVgqCCsAegAafH4tsDyAEJqQLj4HDcdWeyPqgDAcgDywSqBJUCT9C7s7tEhruFwWhnt2HWNGTjy4Bg372dJcSgo4XtrYxaw683253_RMGleSqLvoODvt1m2D4vqV7KNq4qFleT3iyW2WdxzWcub-9WP_lyjaGGUrkMiO1NMVzfNKxlWz0rQWhhGp8mL4H4sgSsUJ8rm8g-IqhvdCgtW982rMgXA3Cl8aQVI_QPPebuyOzuN9d7st-HDQa2Hch-uPnFicFquuv3nxVnWOAWdkAQr28JelREpiqA_iDxpMbuGRJvgQVdNhAzIAk09COcLqh3dDyXw8duVdu4Td0R4C5rZEhYl2CVC0Ro5p7IdZ0RmZNd1-xMjFf3BxN1OgoWORKgrBFJXtWvsN266c4cF7jkaozMcuf1SgADLcAElp_b4M8DiAXB37SCNZIFBAgEGAGSBQQIBRgEoAYugAfBuJ0kqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrqQG0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljCnMewhdSDA5oJQmh0dHBzOi8vbWlra2EuY29tL2RlL21vbml0b3ItbG9lc3VuZ2VuL2JyYW5jaGVubG9lc3VuZ2VuI0luZHVzdHJpZYAKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMzE5MjczMDgxMTE0MDY3GAA&sigh=caBaRETNO-A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_NeT7KScW9z6dNrbnFFS91A5I6uMYFyYHqcWD_XvMV4Pskiy_YXhk4rL1VtBcF6JxS6VY6XHKjHbHtw_E8YxoiegZR1RQkvggorcYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223631104383809605055%22,%22debug_reporting%22:true,%22destination%22:%22https://mikka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997761959%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226264889859591662577%22}&andc=true

Request Chain 111

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153

Request Chain 113

• https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent=

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request keywordsearch.php Show response www.dcfever.com/photosharing/	24 KB 8 KB	653ms 221ms	Document text/html	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Full URL https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / PHP/5.6.30 Resource Hash aa5b6bc31db4a11638ea1b6dac59a0e486890fc0219a083b78dee3b25fa5742c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 11 Jan 2024 00:06:40 GMT Server nginx/1.11.9 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/5.6.30
GET H2	200	global_20231006.css cdn10.dcfever.com/v4/css/	40 KB 9 KB	61ms 16ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn10.dcfever.com/v4/css/global_20231006.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e266f9a563f2e1ef30f7dcc7a85ee1fb194b126e57bd9271e7ab9198035de350 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1080 cdn-cachedat 10/06/2023 04:53:19 cdn-pullzone 587890 last-modified Fri, 06 Oct 2023 12:52:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"65200304-a04f" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 569b580507d910fc72dd81de9e9bd2af cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Sat, 05 Oct 2024 04:52:43 GMT
GET H2	200	grid_20150811.css cdn10.dcfever.com/v4/css/	16 KB 3 KB	59ms 14ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn10.dcfever.com/v4/css/grid_20150811.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d1cc9ef7ac37881e60962e1354de04e5d4ed2683f16780dc62a8211125021e07 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 12/19/2023 20:48:00 cdn-pullzone 587890 last-modified Tue, 04 Jul 2017 02:23:57 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"595afc3d-41f3" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 75e24a357eb986215427c7ffdeeea3f8 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Wed, 18 Dec 2024 20:46:16 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	48ms 14ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 01:23:31 GMT content-encoding gzip x-content-type-options nosniff age 254649 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33507 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Jan 2025 01:23:31 GMT
GET H2	200	photosharing_2109a.css cdn03.dcfever.com/v4/css/	68 KB 14 KB	58ms 13ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn03.dcfever.com/v4/css/photosharing_2109a.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash f0bc4edb61d564fcb1bfa84d13b099414af3332ab9cd5c656b3468e267688e92 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1080 cdn-cachedat 07/07/2023 02:11:29 cdn-pullzone 587890 last-modified Wed, 29 Sep 2021 04:20:35 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"6153e993-11017" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid bd253cfbefaa0457747797e52332c6c8 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Sat, 06 Jul 2024 02:11:29 GMT
GET H2	200	all.css cdn01.dcfever.com/v4/css/fontawesome-5.15/css/	72 KB 14 KB	73ms 29ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e5ad31a47913cdfc2470acd4e304982fae2bccf62098855fecf3b84c1e7fea34 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1082 cdn-cachedat 07/07/2023 01:56:02 cdn-pullzone 587890 last-modified Tue, 16 Mar 2021 07:15:14 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"60505b02-11f99" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 614a397a33a334d1a6a0d6b49f17d38e cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Sat, 06 Jul 2024 01:56:02 GMT
GET H/1.1	200 OK	nav_main_2023.css www.dcfever.com/v5/css/	8 KB 2 KB	211ms 211ms	Stylesheet text/css	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Full URL https://www.dcfever.com/v5/css/nav_main_2023.css?t=1704931600 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash 0d48cfba923fbe4e375ea7deecd798a6b0d406f07a2dca02c980ea2e327dbcae Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:40 GMT Content-Encoding gzip Last-Modified Fri, 22 Dec 2023 12:13:47 GMT Server nginx/1.11.9 ETag W/"65857d7b-21c0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Expires Fri, 10 Jan 2025 00:06:40 GMT
GET H/1.1	200 OK	nav_20231005a.2023.css www.dcfever.com/v5/css/	19 KB 4 KB	423ms 211ms	Stylesheet text/css	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Full URL https://www.dcfever.com/v5/css/nav_20231005a.2023.css?t=1704931600 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash f39aace58974f3ab9a286cfbda47200d55c1f4057f55ddc42a6109252cf00f31 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:40 GMT Content-Encoding gzip Last-Modified Wed, 11 Oct 2023 16:43:08 GMT Server nginx/1.11.9 ETag W/"6526d09c-4b00" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Expires Fri, 10 Jan 2025 00:06:40 GMT
GET H2	200	product_01a.css cdn01.dcfever.com/v5/css/	20 KB 5 KB	57ms 12ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/v5/css/product_01a.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 1b522e932396d9b1cb63b82d77538ce3c23a0fa70802a9a391dda541687c4fe5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 09/25/2023 15:29:58 cdn-pullzone 587890 last-modified Mon, 25 Sep 2023 22:50:34 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"65120eba-4ee2" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 3db8be3ab0b10fbaf18e6adada6207ef cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Tue, 24 Sep 2024 15:29:32 GMT
GET H2	200	lazysizes.min.js Show response cdn03.dcfever.com/js/lazysizes/	8 KB 4 KB	13ms 12ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn03.dcfever.com/js/lazysizes/lazysizes.min.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br cdn-edgestorageid 1080 cdn-cachedat 07/07/2023 02:11:30 cdn-pullzone 587890 last-modified Tue, 13 Jul 2021 02:06:08 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"60ecf510-1ed1" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 43c941a81b5e5ec17f3c8fc2d988065f cdn-requestcountrycode DE cdn-status 200 expires Sat, 06 Jul 2024 02:11:29 GMT
GET H2	200	jquery-scrolltofixed.js Show response cdn01.dcfever.com/js/	20 KB 5 KB	60ms 16ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/js/jquery-scrolltofixed.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 122980d66002ecf6854209ad78a8a2d1439f88fc5c796ad54a84493c1f11b40c Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 07/07/2023 01:56:02 cdn-pullzone 587890 last-modified Mon, 07 Dec 2015 10:39:08 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"566561cc-51e9" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 338ed468e52a0b4343a19b61bb95c174 cdn-requestcountrycode DE cdn-status 200 expires Sat, 06 Jul 2024 01:56:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	273 KB 91 KB	67ms 30ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 488f2a2ff9e5671f297024f547ccf8cf0d2e337d512c75d9b732bfaa9443f4fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93044 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 11 Jan 2024 00:07:41 GMT
GET H2	200	dcfever_logo_png.png cdn01.dcfever.com/images/	14 KB 14 KB	70ms 26ms	Image image/png	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn01.dcfever.com/images/dcfever_logo_png.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 8d8834a947897d7bba059dd1efcad06b91f99facd557e4fb29955d6731eb09f0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT cdn-edgestorageid 1082 cdn-cachedat 07/07/2023 01:56:03 cdn-pullzone 587890 content-length 14300 last-modified Fri, 08 Feb 2013 10:49:50 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "5114d84e-37dc" content-type image/png cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 12da7a149ef0c18febd4ccc34f6acee0 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 expires Sat, 06 Jul 2024 01:56:03 GMT
GET H2	200	dcfever_logo_v2_png.png cdn01.dcfever.com/images/	13 KB 13 KB	14ms 13ms	Image image/png	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn01.dcfever.com/images/dcfever_logo_v2_png.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3c9ad3cb87f4c8c481c59c52a057ca0d2813cb9108cfd237917608c3bc9d1be9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:41 GMT cdn-edgestorageid 1082 cdn-cachedat 08/28/2023 00:23:08 cdn-pullzone 587890 content-length 13333 last-modified Tue, 13 Apr 2021 18:08:55 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "6075de37-3415" content-type image/png cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 1fe40d24d9341fb1b1492ed177fd6421 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 expires Tue, 27 Aug 2024 00:23:06 GMT
GET H2	200	profile_pic.png cdn01.dcfever.com/column/images/	3 KB 3 KB	72ms 28ms	Image image/png	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn01.dcfever.com/column/images/profile_pic.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 4667c94befc9784465ffebbec6a5746e1a50b479c247c832b9d23dd8e02fe65a Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT cdn-edgestorageid 1080 cdn-cachedat 07/07/2023 01:56:03 cdn-pullzone 587890 content-length 3045 last-modified Thu, 12 Nov 2015 03:22:26 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "564405f2-be5" content-type image/png cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 7766ceb2e4f9aecd9d64a9348807f5ea accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 expires Sat, 06 Jul 2024 01:56:03 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 51 KB	105ms 70ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3319273081114067 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ceacab30aeba4f70b1a62241827240bb6f60f577af84ba919383f3ad9127d113 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Origin https://www.dcfever.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51577 x-xss-protection 0 server cafe etag 14304560286329826746 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 11 Jan 2024 00:07:41 GMT
GET H2	200	jquery.cookie.js Show response cdn01.dcfever.com/js/	4 KB 2 KB	13ms 13ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/js/jquery.cookie.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 8f3f968e513eb907e7237f770802f5f28cf83518dde9f0cae5d608bb03824eeb Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:40 GMT content-encoding br cdn-edgestorageid 1082 cdn-cachedat 07/07/2023 01:56:03 cdn-pullzone 587890 last-modified Sat, 28 Dec 2013 03:52:43 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"52be4b0b-1180" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 836a54ca8f2ee5f4a886a022aa7ad7f2 cdn-requestcountrycode DE cdn-status 200 expires Sat, 06 Jul 2024 01:56:03 GMT
GET H2	200	firebase-app-compat.js Show response www.gstatic.com/firebasejs/9.6.7/	28 KB 28 KB	47ms 14ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.7/firebase-app-compat.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c5b8ea34dfe39acea247c3004e5e4521875e70b7c317e0efa3633bc047a5b4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 06:39:16 GMT x-content-type-options nosniff age 149304 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28198 x-xss-protection 0 last-modified Fri, 04 Mar 2022 17:53:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 06:39:16 GMT
GET H2	200	firebase-auth-compat.js Show response www.gstatic.com/firebasejs/9.6.7/	120 KB 120 KB	47ms 27ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.7/firebase-auth-compat.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d725491c4075f128defe9ad0e3d4f4894ed399c943997dab7432f015bbceb4ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 01:23:48 GMT x-content-type-options nosniff age 168232 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123087 x-xss-protection 0 last-modified Fri, 04 Mar 2022 17:53:12 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 01:23:48 GMT
GET H2	200	firebase-database-compat.js Show response www.gstatic.com/firebasejs/9.6.7/	161 KB 47 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.7/firebase-database-compat.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7da50473010eba615db20d7943c029cfcc0fd3a993e835698833fc3e9ad3f1d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 09:54:43 GMT content-encoding gzip x-content-type-options nosniff age 137578 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47881 x-xss-protection 0 last-modified Fri, 04 Mar 2022 17:53:24 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 09:54:43 GMT
GET H2	200	firebase-firestore-compat.js Show response www.gstatic.com/firebasejs/9.6.7/	293 KB 293 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.7/firebase-firestore-compat.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2c6130cf837755df63a979fc0e2b1dc003ba139c5614883f3079407ef9588388 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 03:19:15 GMT x-content-type-options nosniff age 161306 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 300113 x-xss-protection 0 last-modified Fri, 04 Mar 2022 17:53:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 03:19:15 GMT
GET H3	200	firebase-messaging-compat.js Show response www.gstatic.com/firebasejs/9.6.7/	37 KB 37 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.6.7/firebase-messaging-compat.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49f4fe05f9406472ab40ad7f45608ee46e03fe95442b4bfaa8fa748c050f4943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 09:34:17 GMT x-content-type-options nosniff age 225204 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37953 x-xss-protection 0 last-modified Fri, 04 Mar 2022 17:53:15 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 07 Jan 2025 09:34:17 GMT
GET H2	200	chatmodal.css cdn01.dcfever.com/v5/css/	2 KB 1 KB	12ms 12ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/v5/css/chatmodal.css Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3cd308b717f2707a77cc547267d21788fe0c20fd7e6985611a89bda032bc734c Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br cdn-edgestorageid 1080 cdn-cachedat 08/31/2023 08:12:03 cdn-pullzone 587890 last-modified Wed, 22 Jun 2022 03:21:25 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"62b28ab5-6f0" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 1aa1560a1847aaa3b74dc02f2aafe2fa cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Fri, 30 Aug 2024 08:11:58 GMT
GET H2	200	chatmodal.js Show response cdn01.dcfever.com/v5/js/	3 KB 1 KB	12ms 12ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/v5/js/chatmodal.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 299b123d8cb1a97375ab38aaa7f0a84d14466adafa16a2c909a5529b93eeff4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br cdn-edgestorageid 1082 cdn-cachedat 08/31/2023 08:12:03 cdn-pullzone 587890 last-modified Wed, 22 Jun 2022 03:36:56 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"62b28e58-a6f" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 cache-control max-age=31536000 cdn-requestid 67258b4d74c7d738c0a09030e999c903 cdn-requestcountrycode DE cdn-status 200 expires Fri, 30 Aug 2024 08:11:58 GMT
GET H/1.1	200 OK	appdownload_appstore.png www.dcfever.com/campaigns/2023/test/	8 KB 8 KB	220ms 215ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/test/appdownload_appstore.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash a0b22cc658cb2b6f18315959d2e6de9904a84063b15bc35c657f0e895d669840 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:40 GMT Last-Modified Tue, 03 Oct 2023 13:20:57 GMT Server nginx/1.11.9 ETag "651c1539-1fcf" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 8143 Expires Fri, 10 Jan 2025 00:06:40 GMT
GET H/1.1	200 OK	appdownload_googleplay.png www.dcfever.com/campaigns/2023/test/	14 KB 15 KB	628ms 424ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/test/appdownload_googleplay.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash 760e360579165d2a298a42d5d5d310b74b4a425d2fa9bd6166abf37c704dce4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:41 GMT Last-Modified Tue, 03 Oct 2023 13:12:49 GMT Server nginx/1.11.9 ETag "651c1351-38ee" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 14574 Expires Fri, 10 Jan 2025 00:06:41 GMT
GET H/1.1	200 OK	bit.ly_46BX8yZ.png www.dcfever.com/campaigns/2023/app/	27 KB 28 KB	431ms 211ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/app/bit.ly_46BX8yZ.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash b4b4b440ed808e3e3d598b5522e5de0cbebfa143014aeb7170aa9acbe2d360da Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:40 GMT Last-Modified Thu, 05 Oct 2023 15:13:54 GMT Server nginx/1.11.9 ETag "651ed2b2-6cfb" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 27899 Expires Fri, 10 Jan 2025 00:06:40 GMT
GET H/1.1	200 OK	channel_youtube.png www.dcfever.com/campaigns/2023/test/	3 KB 3 KB	1177ms 954ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/test/channel_youtube.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash 2b02484c717b73704cd3167a75568c31d847f35acb87698499ed2c15e0b5534d Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:41 GMT Last-Modified Tue, 03 Oct 2023 13:50:21 GMT Server nginx/1.11.9 ETag "651c1c1d-cac" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 3244 Expires Fri, 10 Jan 2025 00:06:41 GMT
GET H/1.1	200 OK	channel_facebook.png www.dcfever.com/campaigns/2023/test/	3 KB 3 KB	641ms 213ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/test/channel_facebook.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash 6045b0ae82394826c06aec665b8264501db01a5039aba419f0fb6e33db3a3d04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:16 GMT Last-Modified Tue, 03 Oct 2023 13:50:21 GMT Server nginx/1.11.9 ETag "651c1c1d-a57" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 2647 Expires Fri, 10 Jan 2025 00:06:16 GMT
GET H/1.1	200 OK	channel_ig.png www.dcfever.com/campaigns/2023/test/	4 KB 4 KB	643ms 214ms	Image image/png	210.184.251.68 IS-AP iAdvantage ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.dcfever.com/campaigns/2023/test/channel_ig.png Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.184.251.68 Yuen Long San Hui, Hong Kong, ASN9729 (IS-AP iAdvantage Limited, HK), Reverse DNS Software nginx/1.11.9 / Resource Hash 9d5b7a34e4e5c8c39f1454a94cdf9e52884f5cba3a8ebfe84010d097462522f6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/photosharing/keywordsearch.php? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:06:16 GMT Last-Modified Tue, 03 Oct 2023 18:13:14 GMT Server nginx/1.11.9 ETag "651c59ba-f66" Content-Type image/png Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 3942 Expires Fri, 10 Jan 2025 00:06:16 GMT
GET H2	200	fa-solid-900.woff2 cdn01.dcfever.com/v4/css/fontawesome-5.15/webfonts/	76 KB 77 KB	49ms 24ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn01.dcfever.com/v4/css/fontawesome-5.15/webfonts/fa-solid-900.woff2 Requested by Host: cdn01.dcfever.com URL: https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef Request headers Referer https://cdn01.dcfever.com/v4/css/fontawesome-5.15/css/all.css Origin https://www.dcfever.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers cdn-requestpullsuccess True date Thu, 11 Jan 2024 00:07:41 GMT cdn-edgestorageid 1080 cdn-cachedat 07/07/2023 01:56:03 cdn-pullzone 587890 content-length 78196 last-modified Tue, 16 Mar 2021 07:15:14 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.03 cdn-requestpullcode 200 etag "60505b02-13174" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid 00052f33-2042-4c65-bab1-7a7a20a60fd3 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=31536000 cdn-requestid 436670fadd466adc687fe2cbcaf983e9 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 expires Sat, 06 Jul 2024 01:56:03 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 254 B	47ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-5ND0VB1W90&gtm=45je4180v870398505&_p=1704931661293&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=666797036.1704931661&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704931661&sct=1&seg=0&dl=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php&dt=DCFever%20%E4%BD%9C%E5%93%81%E7%99%BC%E8%A1%A8%E5%8D%80%20-%20DCFever.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1204 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.dcfever.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 254 B	54ms 18ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5ND0VB1W90&cid=666797036.1704931661&gtm=45je4180v870398505&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.dcfever.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	55ms 24ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5ND0VB1W90&cid=666797036.1704931661&gtm=45je4180v870398505&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=705352437 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/	402 KB 136 KB	99ms 72ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3319273081114067 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb2f386185b50ce7e5c7b16011dd7fe35170d91f3bdf8ce700cbc14b0a16771d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 139383 x-xss-protection 0 server cafe etag 1310995913071787571 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 11 Jan 2024 00:07:41 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 0359	9 KB 4 KB	78ms 23ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3319273081114067 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1360 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4173 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 23:45:01 GMT etag 9219409622527106327 expires Wed, 24 Jan 2024 23:45:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame FDC4	358 KB 85 KB	514ms 513ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&adk=1812271804&adf=3025194257&lmt=1704931661&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661511&bpp=2&bdt=644&idt=281&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=100771068987&frm=20&pv=2&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=295 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba9b9b38639bdf99e92e947ee7cc9e401b64093a1adfe6915b90e009ea33425 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 86422 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 907D	25 KB 11 KB	585ms 585ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f28d8f2659e82b3f7f6db5e48097ad8078a7a7df4aacf5294f77da7a900dbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 11385 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4D2C	120 KB 42 KB	703ms 703ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e74ea1854bd95e0afa83588fef519a21cd1cffa6e1662cdef50f0ae0500ef31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 42547 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/	162 KB 55 KB	66ms 66ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js?bust=31080324 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 02be3ffa6ff1033481c1ebc9cbe9ca2f1d3de21e973ab2554f48db6e71c6c072 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56400 x-xss-protection 0 server cafe etag 10418281465405035471 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 907D	42 B 63 B	48ms 47ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-EOmEvx0SSboARUGKfAEsy4Hq7p5KKpx-SX-wPCa_7Hk_W4DdIukuD_rs_lKweLwUzKxYupRA2Iqcxqa22upDWsZNmWxokwZ7v1XCINyc-IsN7ZY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 907D	89 KB 31 KB	79ms 78ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 907D	3 KB 1 KB	48ms 15ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 19:16:49 GMT content-encoding br x-content-type-options nosniff age 17453 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 19:16:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 907D	20 KB 9 KB	46ms 13ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:12:53 GMT content-encoding br x-content-type-options nosniff age 21289 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 18:12:53 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 907D	205 KB 65 KB	92ms 27ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66227 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1704717871404979" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame C6B9	624 B 246 B	55ms 54ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXjkqG8OaI66SH59SaKT5XC4Keod82IeY0oCAZv5eSPivHsN-BZaNRf0C8iLCLOhyEGq88NpihNRmi_zy4y4WzSN7Bj5h1u6rjeYxDm2HvN5LWZZRjVlYw2M6C_rgT-YxA8pAEdq0sbDQ-U2YvoWv7u65DZgurHItDVstnf8QhTkJ_tROg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C6B9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1	43 B 773 B	22ms 22ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXjkqG8OaI66SH59SaKT5XC4Keod82IeY0oCAZv5eSPivHsN-BZaNRf0C8iLCLOhyEGq88NpihNRmi_zy4y4WzSN7Bj5h1u6rjeYxDm2HvN5LWZZRjVlYw2M6C_rgT-YxA8pAEdq0sbDQ-U2YvoWv7u65DZgurHItDVstnf8QhTkJ_tROg Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnESznCom64KaTrRavI71LVbLusXGGbMtfl%2BJSghqvKcdJhrt7Ak6Nc%2BRdkt%2BHx81TtATXGbU15UKrOASLzpIOXMmHOwA%2Bxu6%2F8VDjGyxG538kpShZTKroqj7TdUaIUUY4vL7kN%2FSdNuDg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8438ebcae85c5b50-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C6B9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ8xTkpgTn1zoArtzZ9YPwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1	43 B 729 B	21ms 21ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXjkqG8OaI66SH59SaKT5XC4Keod82IeY0oCAZv5eSPivHsN-BZaNRf0C8iLCLOhyEGq88NpihNRmi_zy4y4WzSN7Bj5h1u6rjeYxDm2HvN5LWZZRjVlYw2M6C_rgT-YxA8pAEdq0sbDQ-U2YvoWv7u65DZgurHItDVstnf8QhTkJ_tROg Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb4Qb%2B8aeVHh9zBIjvHeFjE8AKunxIJ57mboEf9ziBFUES1i1gtfSPQBv85smZwRpkirPqPPYHoPzXM2JqeSEGFjWhWZNJrvGc4aLqf3bjPm2DGVSOzvr5fk096D8hFusmY8dNHMMjwi5w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8438ebcb08675b50-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBT655XxcGodcIE4psl4vyI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame C6B9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEHwIaRwt1z6Yx7joGaBYXYI&google_cver=1	43 B 1006 B	13ms 13ms	Image image/gif	185.89.211.12 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEHwIaRwt1z6Yx7joGaBYXYI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXjkqG8OaI66SH59SaKT5XC4Keod82IeY0oCAZv5eSPivHsN-BZaNRf0C8iLCLOhyEGq88NpihNRmi_zy4y4WzSN7Bj5h1u6rjeYxDm2HvN5LWZZRjVlYw2M6C_rgT-YxA8pAEdq0sbDQ-U2YvoWv7u65DZgurHItDVstnf8QhTkJ_tROg Protocol H2 Server 185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT an-x-request-uuid 7e6365a9-d746-491b-8bb0-0030371014cd server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 178.162.209.140; 178.162.209.140; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEHwIaRwt1z6Yx7joGaBYXYI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C6B9 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjUzNTMxMzY0MzIzNjgwMw%3D%3D	170 B 243 B	25ms 24ms	Image image/png	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjUzNTMxMzY0MzIzNjgwMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXjkqG8OaI66SH59SaKT5XC4Keod82IeY0oCAZv5eSPivHsN-BZaNRf0C8iLCLOhyEGq88NpihNRmi_zy4y4WzSN7Bj5h1u6rjeYxDm2HvN5LWZZRjVlYw2M6C_rgT-YxA8pAEdq0sbDQ-U2YvoWv7u65DZgurHItDVstnf8QhTkJ_tROg Protocol H2 Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT an-x-request-uuid 93294dfe-650d-4bda-91eb-e2a73e2b775c server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0MjUzNTMxMzY0MzIzNjgwMw%3D%3D x-proxy-origin 178.162.209.140; 178.162.209.140; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame AFB3	9 KB 4 KB	13ms 12ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 84103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4173 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 00:45:59 GMT etag 9219409622527106327 expires Wed, 24 Jan 2024 00:45:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 3A2B	9 KB 4 KB	12ms 12ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 84103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4173 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 00:45:59 GMT etag 9219409622527106327 expires Wed, 24 Jan 2024 00:45:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 907D	0 20 B	48ms 48ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2478257368322&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 907D	0 20 B	47ms 47ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2478257368322&version=m202309260101&ct=77&x=1&cor=14352624536422963000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 907D	20 KB 14 KB	45ms 45ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJBp6D3UAdU12jBSGjWaxej4nemZugJVb7Lg6pYj4MpBn9js2LS3TUZsTub55LdQ4J0AwPz_GYN9Y7itGTQ0jpjC4p02u7DkzOKzmVGIXGDiVMPGpvAEYTu24iFttKpn3bKzp9FdK7K4izdupQyFf4qpfFF6KPrMhY1_Sm2ETcpUTpcDU&cry=1&dbm_d=AKAmf-CGxDNsf_Gf82uDacva6PTFPimFprnglwcSPMs2scIbgyQlviIvDFCan814ZAz82eeee7WxP-0WbZDFIsDzUMx6ZqTBnxuXM5Rv2sX9MQjnpExY5zcOEpLDnL3Ys15uvRgyuKsZ7YzPkQ9T4Mn_kt0GwX6kvaqk-gOpjbasUxlHSGZqP8idoiwHK5R82VJBd46F_bn-ZyZ0-qH9L5QPINZ2rdmEYp0cHIr9yQg52eahA15f8hT2ovvJ-ltctwZu4T1GLUpB9_-BrysdppRL2GH94LW0Alc2Xg0NoHcGHYNwnDRxUBOD-qDSNs3YZrsKyyer5YL2FA8V1kPfni4Pifl8_txGqzYI6S2ankGSpiuiu_Tnxz4KuT5ilqoaJPfAovjudxa8IRh_OBd5ZW3f9F2kZKZDls4iu_pOQymddJDBGAfNRR4LHyAipZP1d72COKq75202BwbCd3jkSvjvhgp-jnWQZP4KUeBy3qRuqGUAxHrSI2rdv1-yzoKflSA5F_FwWEsGK7JRmSyWEXqMnfydlsqAuDCScHgd5g8prrPCrvlNLEhL0n8f-U2z-G9hOEa1fY5oHxjYK7ei60O2-0CpjXkXL2LTcLwJTMw7MjFpB75YrzmEDF1-fic4TQqBUXBjM2lJnlfXl9rEc276U2IS7C_9zNQxESlCNhcPAWh2rXbHEQfai7FEkEmykUttVWRkPzeFTOlXxoC9EcV1tBRKlhHYz56gPoEVqYnlxpc1Tr3FJCry-A68F26mmMAzD9_8oJHeEGjo2qMmCb0BC_rDEsr7OLWzFFFsVCXTo3vB-SBPuB3AEFAoMoZbkkRd6Q7QcMBIRC1YxBuK18Sfdy7oWNckesLiFTpQMlduGyzq3jM-qFNUU0vgXkrqFfLln77q7CJr-BQCnGh3uhYnuCPmsuOqXvourZscxHCCuO-js3TgNYpnZyMhBN_ONLd2aUhZPR1n5cxLN-ita2ACBbZDwhMXMg08XQQfSLd-l_FxTcfVJY8j49YphFjXnuF2AtJbRiz3WeAAU7ngzr-zwFcV_GIFutZBPhaVNCvv6efdoM6NQwHaQMOY7SdfHLr1XVb2sMA23EySznhauLqwODpSjqXetXSAOdG-K9l7PWCeNPT9x6cYdx3-eOcmhUVlOzjg_Po0SjaGnpo9zUnAdStFpJRNhaV9uYmRLlz8nTopU9i3gmfKHRefVsSazmwyKgIth8DGLSQ6gCvpZp-kh0qUyKG4VzlpJfh0TEhCQwA3ZkWq2DiVqrz_BxzltRpSe08T4yst1GWk5xG0TvD_jRy5He24b7CExGUICnVfrMqKmymsATsH6XBvElv1-xtB2kdqsdMWjoWQEC7SzaN3l-uv6JlF2qctZUsc-zZ2uQBZAim6KLA7fJzgT_siyqD7GYUxLhBSVroHVf9-fQ6imKLzPwG_aFfMAeKgCYmLnAvBRiQs8r_W3l9w0gB-mGAASSInFKRjpsArJzsFuj_i00kfkQH8HykXQvw28zg3NBm5UcAdDZbLZYDPMjUKcq6x3H2r1wPmnyijJ0DxzPRGCVDnyiPAx9m6HTnv49y4CJDrXBCcomn-Lm5fOqY-GDI7gO1vNvdC4M4s3dB20Lpm3kfiKulO4gWwRl6UsKSpXk9t5KcTD31zxnN2STxN1v-pakncxEu3nRKtssE6DvyJ-b5CUv3-_6kAurn4AHxJZYHu8arc4FYHnqEsPd89M9Dmozj9CvEGYbt7Xcr6PjvEmDrtB9lEyfA0JLRwwgOE1I6jWxr2N2H6WT-PKRs-BOoVt8PGtpuqpfNIjSw2o3Zm7aoKEbge7lviUSJ_fmpaM5jLiXpFswpxeqwLQ_zIEb7aMHKtnwe6PczSRXC2WOwqG4gCZuTd5tyBne0sm0Y-4k4P_C0aGF2-B91HWNH9a7alooQvC83fGEfdipxPh_f8hVZT0QYvZR-5pyUYbbVBliNjn9esJY4TSLcFr8EsgwHZISvG_1pnORSu-u43DsHRy9bYm_9EtXAlo0LFjffs6E9Pz8QidecNcCcfWBau3NqBO5IMivOiiSQCZfrQt7iJ1JIMKOOUDEh8tTMecitS4ciY0I5C8FyMTpIu-zdH9m_tItrvjORtGmaaY90GSDKD9FvViQHqWPtYdHpUMXKsaDX5-CUInSxN78clJulFZ0H-5pg0kQYVbdE7y5Q5Le7ynGBY1zPGDW1gbu0-3qdw-lYuUDLo5zpxUFU9tLup9GEGV8ZHgxbmuk1YcMK9zXVin3kR0qdQdyOYP0tHmRYlP-qe1sW75zUTwMi9ac6KXjxsHl6WkqNeCTJsGEI3maGzJQKjpDAVPhgqfeG1DNdbyPxFKoXzuFjGQvjQUtghCXuo5J74yQhcjvPO9Q3Vq5qjBxu7FHKBs47gTvDg29kozsqRnwm4swbksW9DSZnhuzPBKqZy3NHw3vtA5u0gpx2-ZAKFeFMQ-Ah3ZX9QUQxyX-1vY5tplkmjl2lSE4OFo5TUH8uGaVl0-2cGPFRO4bN5rpM1gSlVu3wuAQlyOVvDfPy6hfLdWB4jV9EoXFW1WvN6e8v5k77RfssItYH_4lPhwrLhFNBNKRZgDfPdYmAfyxOdKLKXY2QkYYAe63Fz8jfjC6j_fMyN2SlgLKdm9tXEkSt7oHDL9j8L6sPWCdeLpD6YGNYJqnqgZa0NEZ7ruzzwuCd_lyBJ_ZeoDJen87Xs-HqK4gII_phXrPRzCe1hPHWRRnWqaKhXhOXgGIGmoDwDu8BwK8iNbK9jxYnQbzFxpmVp1VNQiAIE8jCy9tBRO8FDxROkmza8HArGjDQOmu78dsHqSmIxSvvm1Q44NtTErxsIew5VMzP7IX2v50rMJqnRif1v1nx79BX_vtFyfk7kWpiJ0HrGUvaouS2BobAjGpkaUKD-7dHlq1zTsG36Cn5atWyB_atSnwsPQQ5Cku_SNg8PmvFXQHlmG4gyy6pYzvJfmzPeVnnTr6sIHJEkS8INQk5wx8Tr8CEHCNqYfPQihyHCA1xz-QL3V0ucG-IxZSynvnVgVC-iP4fcfiMTnxBkwht3jbTU7EPP0p96qJMDY4CxaERfFpTHj4YvgyBCv9ZMd3rTYS-ON2VbM4rNZmmiRSTD-m__HFRYc4WO3haNjS1f9z4iox8OmZBDDJb1nH6B5tZOEBF0Ix6uBxGsQwv7r3Wvat_tWGvP-COYej3t7k5VFQJevmQBJo0l5Qp0qK5DbrC8tO5hrBzcCa5UXCQnDKJ0DpAkojBObD1yArSuEeBUsMdLxTk6ZBaIG0SoRz4ZvVdN6FXEy6zbliem1dHmsgeOx8TYeV4hoLWW7XzbO24emVGqRKWhw5J-bJdUZ9Z80luTzjWio8JSt0vkq0Y14HieUeeWOBrTUjjmcBJGozLVfqvP4b3qmrBJQ_Ugw8KlEB8l2jcOJnCb7lrtq-dhAVKyardDbwSbJ88aYsXFODDEGBcl56FLkiYRjfvWFgpyvJTFM6uAVTVRXiJiVMDekakrugEWWlp32mvVguVr7NjpZS5c5FwVLK45zM8VnTUFdEYGjA2UL6bPzvKKqUL43Wcja50V11h8g9tcW34nUQgPE08G89vhqCC5ZJEULolZK8bUkQj1MbniLI-qlvOYdOilEopslm7togtmKPLFLKKlvLUR2zHrWQsUh8-Yr6fGKygTWTJlyUL0-DxfqC6ldzbc8l1VoRZtPrOPPEOhYzepJjRJNqqz1Pg_kuSM0nUAIQ56ZI7J91mGyPNOFLIgcE0OkbPtP_pGwOoUqqxOI0c8ZrwBPocDu1XNQ-QqJTyC7jl3c4BBH-HpaNBxDGe-bX68PvWktyYtsEE8olSZ8sDaOydKBVHC_tjIJuqG_GlAlDKsM8LHYc688h3Me-VRJF0GE74_VLAPRdgfufc6Bxut4vo_Ff1JvCS9HNZcgYYW7Ur8gw&cid=CAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dcfever.com%2F&ds=l&xdt=1&iif=1&cor=14352624536422963000&adk=2923430906&idt=85&cac=0&dtd=6 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00b2454e8fc797eeffe8aabe877cbaef96b420711dfb48028fd49238cece7575 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14120 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame AFB3	4 KB 744 B	79ms 24ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 22:49:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame AFB3	205 B 229 B	13ms 13ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 19:51:36 GMT x-content-type-options nosniff age 188166 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 07 Jan 2025 19:51:36 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame AFB3	604 B 628 B	16ms 16ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 09:13:03 GMT x-content-type-options nosniff age 140079 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 08 Jan 2025 09:13:03 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame AFB3	16 KB 7 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 20:22:58 GMT content-encoding br x-content-type-options nosniff age 13484 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6823 x-xss-protection 0 server cafe etag 11129212757755515379 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 20:22:58 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame AFB3	22 KB 9 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 20:22:58 GMT content-encoding br x-content-type-options nosniff age 13484 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9422 x-xss-protection 0 server cafe etag 10624764489894593518 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 20:22:58 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3A2B	14 KB 2 KB	67ms 23ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 22:52:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 00:07:42 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 3A2B	2 KB 903 B	18ms 14ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:02:25 GMT content-encoding br x-content-type-options nosniff age 54317 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:02:25 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 3A2B	23 KB 9 KB	18ms 15ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:31:19 GMT content-encoding br x-content-type-options nosniff age 52583 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:31:19 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 3A2B	3 KB 1 KB	19ms 16ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 19:16:49 GMT content-encoding br x-content-type-options nosniff age 17453 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 19:16:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 3A2B	20 KB 8 KB	14ms 11ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:12:53 GMT content-encoding br x-content-type-options nosniff age 21289 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 18:12:53 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 3A2B	205 KB 65 KB	55ms 52ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66227 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1704717871404979" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 3A2B	37 KB 15 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 13:56:43 GMT content-encoding gzip x-content-type-options nosniff age 209459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 07 Apr 2024 13:56:43 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/15641872579767975046/ Frame 3A2B	22 KB 22 KB	18ms 16ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15641872579767975046/14763004658117789537?w=400&h=209&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0c7f8fc33607cd7ed36c4f220712bfb6914c49dc0ed7d5e5b0058ba518b37d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers expires Thu, 09 Jan 2025 20:37:39 GMT date Wed, 10 Jan 2024 20:37:39 GMT x-content-type-options nosniff age 12603 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22216 x-xss-protection 0 last-modified Mon, 27 Jun 2022 21:06:27 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame 3A2B	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9827ac418252cf2bce3d4c2cee25ec175b53deb2de8614e235e0c0aa082f976a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3A2B	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	css fonts.googleapis.com/ Frame 4D2C	18 KB 1 KB	55ms 25ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 23:56:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 00:07:42 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4D2C	2 KB 856 B	20ms 20ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:02:25 GMT content-encoding br x-content-type-options nosniff age 54317 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:02:25 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 4D2C	23 KB 9 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:31:19 GMT content-encoding br x-content-type-options nosniff age 52583 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:31:19 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4D2C	3 KB 1 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 19:16:49 GMT content-encoding br x-content-type-options nosniff age 17453 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 19:16:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4D2C	20 KB 8 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:12:53 GMT content-encoding br x-content-type-options nosniff age 21289 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 18:12:53 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 4D2C	205 KB 65 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66227 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1704717871404979" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 4D2C	37 KB 15 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 13:56:43 GMT content-encoding gzip x-content-type-options nosniff age 209459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 07 Apr 2024 13:56:43 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 61DE	143 B 166 B	16ms 15ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1758 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 23:38:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	17ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-5ND0VB1W90&gtm=45je4180v870398505&_p=1704931661293&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=666797036.1704931661&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704931661&sct=1&seg=0&dl=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php&dt=DCFever%20%E4%BD%9C%E5%93%81%E7%99%BC%E8%A1%A8%E5%8D%80%20-%20DCFever.com&en=scroll&epn.percent_scrolled=90&_et=2&tfd=2338 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ND0VB1W90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.dcfever.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 4D2C	161 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3A2B	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a876b7ba29f3fed43615b771ad83399a34dfaf138a68ab5781aabbf7ad67a79 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 907D	41 KB 14 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJBp6D3UAdU12jBSGjWaxej4nemZugJVb7Lg6pYj4MpBn9js2LS3TUZsTub55LdQ4J0AwPz_GYN9Y7itGTQ0jpjC4p02u7DkzOKzmVGIXGDiVMPGpvAEYTu24iFttKpn3bKzp9FdK7K4izdupQyFf4qpfFF6KPrMhY1_Sm2ETcpUTpcDU&cry=1&dbm_d=AKAmf-CGxDNsf_Gf82uDacva6PTFPimFprnglwcSPMs2scIbgyQlviIvDFCan814ZAz82eeee7WxP-0WbZDFIsDzUMx6ZqTBnxuXM5Rv2sX9MQjnpExY5zcOEpLDnL3Ys15uvRgyuKsZ7YzPkQ9T4Mn_kt0GwX6kvaqk-gOpjbasUxlHSGZqP8idoiwHK5R82VJBd46F_bn-ZyZ0-qH9L5QPINZ2rdmEYp0cHIr9yQg52eahA15f8hT2ovvJ-ltctwZu4T1GLUpB9_-BrysdppRL2GH94LW0Alc2Xg0NoHcGHYNwnDRxUBOD-qDSNs3YZrsKyyer5YL2FA8V1kPfni4Pifl8_txGqzYI6S2ankGSpiuiu_Tnxz4KuT5ilqoaJPfAovjudxa8IRh_OBd5ZW3f9F2kZKZDls4iu_pOQymddJDBGAfNRR4LHyAipZP1d72COKq75202BwbCd3jkSvjvhgp-jnWQZP4KUeBy3qRuqGUAxHrSI2rdv1-yzoKflSA5F_FwWEsGK7JRmSyWEXqMnfydlsqAuDCScHgd5g8prrPCrvlNLEhL0n8f-U2z-G9hOEa1fY5oHxjYK7ei60O2-0CpjXkXL2LTcLwJTMw7MjFpB75YrzmEDF1-fic4TQqBUXBjM2lJnlfXl9rEc276U2IS7C_9zNQxESlCNhcPAWh2rXbHEQfai7FEkEmykUttVWRkPzeFTOlXxoC9EcV1tBRKlhHYz56gPoEVqYnlxpc1Tr3FJCry-A68F26mmMAzD9_8oJHeEGjo2qMmCb0BC_rDEsr7OLWzFFFsVCXTo3vB-SBPuB3AEFAoMoZbkkRd6Q7QcMBIRC1YxBuK18Sfdy7oWNckesLiFTpQMlduGyzq3jM-qFNUU0vgXkrqFfLln77q7CJr-BQCnGh3uhYnuCPmsuOqXvourZscxHCCuO-js3TgNYpnZyMhBN_ONLd2aUhZPR1n5cxLN-ita2ACBbZDwhMXMg08XQQfSLd-l_FxTcfVJY8j49YphFjXnuF2AtJbRiz3WeAAU7ngzr-zwFcV_GIFutZBPhaVNCvv6efdoM6NQwHaQMOY7SdfHLr1XVb2sMA23EySznhauLqwODpSjqXetXSAOdG-K9l7PWCeNPT9x6cYdx3-eOcmhUVlOzjg_Po0SjaGnpo9zUnAdStFpJRNhaV9uYmRLlz8nTopU9i3gmfKHRefVsSazmwyKgIth8DGLSQ6gCvpZp-kh0qUyKG4VzlpJfh0TEhCQwA3ZkWq2DiVqrz_BxzltRpSe08T4yst1GWk5xG0TvD_jRy5He24b7CExGUICnVfrMqKmymsATsH6XBvElv1-xtB2kdqsdMWjoWQEC7SzaN3l-uv6JlF2qctZUsc-zZ2uQBZAim6KLA7fJzgT_siyqD7GYUxLhBSVroHVf9-fQ6imKLzPwG_aFfMAeKgCYmLnAvBRiQs8r_W3l9w0gB-mGAASSInFKRjpsArJzsFuj_i00kfkQH8HykXQvw28zg3NBm5UcAdDZbLZYDPMjUKcq6x3H2r1wPmnyijJ0DxzPRGCVDnyiPAx9m6HTnv49y4CJDrXBCcomn-Lm5fOqY-GDI7gO1vNvdC4M4s3dB20Lpm3kfiKulO4gWwRl6UsKSpXk9t5KcTD31zxnN2STxN1v-pakncxEu3nRKtssE6DvyJ-b5CUv3-_6kAurn4AHxJZYHu8arc4FYHnqEsPd89M9Dmozj9CvEGYbt7Xcr6PjvEmDrtB9lEyfA0JLRwwgOE1I6jWxr2N2H6WT-PKRs-BOoVt8PGtpuqpfNIjSw2o3Zm7aoKEbge7lviUSJ_fmpaM5jLiXpFswpxeqwLQ_zIEb7aMHKtnwe6PczSRXC2WOwqG4gCZuTd5tyBne0sm0Y-4k4P_C0aGF2-B91HWNH9a7alooQvC83fGEfdipxPh_f8hVZT0QYvZR-5pyUYbbVBliNjn9esJY4TSLcFr8EsgwHZISvG_1pnORSu-u43DsHRy9bYm_9EtXAlo0LFjffs6E9Pz8QidecNcCcfWBau3NqBO5IMivOiiSQCZfrQt7iJ1JIMKOOUDEh8tTMecitS4ciY0I5C8FyMTpIu-zdH9m_tItrvjORtGmaaY90GSDKD9FvViQHqWPtYdHpUMXKsaDX5-CUInSxN78clJulFZ0H-5pg0kQYVbdE7y5Q5Le7ynGBY1zPGDW1gbu0-3qdw-lYuUDLo5zpxUFU9tLup9GEGV8ZHgxbmuk1YcMK9zXVin3kR0qdQdyOYP0tHmRYlP-qe1sW75zUTwMi9ac6KXjxsHl6WkqNeCTJsGEI3maGzJQKjpDAVPhgqfeG1DNdbyPxFKoXzuFjGQvjQUtghCXuo5J74yQhcjvPO9Q3Vq5qjBxu7FHKBs47gTvDg29kozsqRnwm4swbksW9DSZnhuzPBKqZy3NHw3vtA5u0gpx2-ZAKFeFMQ-Ah3ZX9QUQxyX-1vY5tplkmjl2lSE4OFo5TUH8uGaVl0-2cGPFRO4bN5rpM1gSlVu3wuAQlyOVvDfPy6hfLdWB4jV9EoXFW1WvN6e8v5k77RfssItYH_4lPhwrLhFNBNKRZgDfPdYmAfyxOdKLKXY2QkYYAe63Fz8jfjC6j_fMyN2SlgLKdm9tXEkSt7oHDL9j8L6sPWCdeLpD6YGNYJqnqgZa0NEZ7ruzzwuCd_lyBJ_ZeoDJen87Xs-HqK4gII_phXrPRzCe1hPHWRRnWqaKhXhOXgGIGmoDwDu8BwK8iNbK9jxYnQbzFxpmVp1VNQiAIE8jCy9tBRO8FDxROkmza8HArGjDQOmu78dsHqSmIxSvvm1Q44NtTErxsIew5VMzP7IX2v50rMJqnRif1v1nx79BX_vtFyfk7kWpiJ0HrGUvaouS2BobAjGpkaUKD-7dHlq1zTsG36Cn5atWyB_atSnwsPQQ5Cku_SNg8PmvFXQHlmG4gyy6pYzvJfmzPeVnnTr6sIHJEkS8INQk5wx8Tr8CEHCNqYfPQihyHCA1xz-QL3V0ucG-IxZSynvnVgVC-iP4fcfiMTnxBkwht3jbTU7EPP0p96qJMDY4CxaERfFpTHj4YvgyBCv9ZMd3rTYS-ON2VbM4rNZmmiRSTD-m__HFRYc4WO3haNjS1f9z4iox8OmZBDDJb1nH6B5tZOEBF0Ix6uBxGsQwv7r3Wvat_tWGvP-COYej3t7k5VFQJevmQBJo0l5Qp0qK5DbrC8tO5hrBzcCa5UXCQnDKJ0DpAkojBObD1yArSuEeBUsMdLxTk6ZBaIG0SoRz4ZvVdN6FXEy6zbliem1dHmsgeOx8TYeV4hoLWW7XzbO24emVGqRKWhw5J-bJdUZ9Z80luTzjWio8JSt0vkq0Y14HieUeeWOBrTUjjmcBJGozLVfqvP4b3qmrBJQ_Ugw8KlEB8l2jcOJnCb7lrtq-dhAVKyardDbwSbJ88aYsXFODDEGBcl56FLkiYRjfvWFgpyvJTFM6uAVTVRXiJiVMDekakrugEWWlp32mvVguVr7NjpZS5c5FwVLK45zM8VnTUFdEYGjA2UL6bPzvKKqUL43Wcja50V11h8g9tcW34nUQgPE08G89vhqCC5ZJEULolZK8bUkQj1MbniLI-qlvOYdOilEopslm7togtmKPLFLKKlvLUR2zHrWQsUh8-Yr6fGKygTWTJlyUL0-DxfqC6ldzbc8l1VoRZtPrOPPEOhYzepJjRJNqqz1Pg_kuSM0nUAIQ56ZI7J91mGyPNOFLIgcE0OkbPtP_pGwOoUqqxOI0c8ZrwBPocDu1XNQ-QqJTyC7jl3c4BBH-HpaNBxDGe-bX68PvWktyYtsEE8olSZ8sDaOydKBVHC_tjIJuqG_GlAlDKsM8LHYc688h3Me-VRJF0GE74_VLAPRdgfufc6Bxut4vo_Ff1JvCS9HNZcgYYW7Ur8gw&cid=CAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.dcfever.com%2F&ds=l&xdt=1&iif=1&cor=14352624536422963000&adk=2923430906&idt=85&cac=0&dtd=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 22:05:36 GMT content-encoding br x-content-type-options nosniff age 180126 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Jan 2025 22:05:36 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDkzMTY2MjUyODM5MgogIHNlcnZlcl9pcDogMTI2MDY1MjM1CiAgcHJvY2Vzc19pZDogMzM4OTk1OTA5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame 907D	0 946 B	99ms 51ms	Image image/png	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDkzMTY2MjUyODM5MgogIHNlcnZlcl9pcDogMTI2MDY1MjM1CiAgcHJvY2Vzc19pZDogMzM4OTk1OTA5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyMTQxNTI5MzcwNjA5MjU4MjU5CmRlYnVnX2tleTogNjM3NjQ4NTQzMTA5NzE4NjE0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0xd1eaef87e2e7134d0000000000000000","13":"0xbed173ef1d46c9d60000000000000000","14":"0xb69c7e7a4f11fa1e0000000000000000","15":"0x991ab7512e4afc2e0000000000000000"},"debug_key":"637648543109718614","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2141529370609258259"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	g72h7lz2c4az Show response hal9000.redintelligence.net/zone/ Frame 907D	12 KB 4 KB	46ms 17ms	Script text/html	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1704931661910920&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash 53902e3b8bfe8b91b29e95a013d2c401f7ae2ae267184a513d091f83496b2e65 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:42 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4248 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 4D2C	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29ac7be6e1c70cc00bea72c9c92dcf08025564f3990f9aa43467c9d13995abfd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 61DE Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	22ms 22ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 248E	38 KB 13 KB	13ms 13ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 180126 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 08 Jan 2024 22:05:36 GMT expires Tue, 07 Jan 2025 22:05:36 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 0908	14 KB 1 KB	22ms 22ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 23:17:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 0908	2 KB 822 B	13ms 13ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:02:25 GMT content-encoding br x-content-type-options nosniff age 54317 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:02:25 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 0908	23 KB 9 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 09:31:19 GMT content-encoding br x-content-type-options nosniff age 52583 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 09:31:19 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 17C2	143 B 166 B	14ms 14ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1758 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 23:38:24 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 0908	3 KB 1 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 19:16:49 GMT content-encoding br x-content-type-options nosniff age 17453 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 19:16:49 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 0908	20 KB 8 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 18:12:53 GMT content-encoding br x-content-type-options nosniff age 21289 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 18:12:53 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0908	205 KB 65 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66227 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1704717871404979" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 00:07:42 GMT
GET H3	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 0908	37 KB 15 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 13:56:43 GMT content-encoding gzip x-content-type-options nosniff age 209459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 07 Apr 2024 13:56:43 GMT
GET H/1.1	200 OK	request.php Show response hal900014.redintelligence.net/ Frame 907D Redirect Chain https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	99ms 78ms	Script application/x-javascript	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol HTTP/1.1 Server 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash 021e63ea12d560eb7109e5ed97292b1cb99c5a699f1f0de8511eb9559219a2be Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Jan 2024 00:07:42 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 16567400003802404444550012566014 Connection close Content-Length 1329 Expires Thu, 11 Jan 2024 00:07:42 +0100 Redirect headers Pragma no-cache Date Thu, 11 Jan 2024 00:07:42 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Thu, 11 Jan 2024 00:07:42 +0100
GET H3	200	Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response pagead2.googlesyndication.com/bg/ Frame 248E	50 KB 19 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 08:44:50 GMT content-encoding br x-content-type-options nosniff age 141772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19690 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 08:44:50 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 3A2B	33 KB 33 KB	49ms 17ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 04:01:15 GMT x-content-type-options nosniff age 158787 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 04:01:15 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 4D2C	33 KB 33 KB	46ms 31ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 04:01:15 GMT x-content-type-options nosniff age 158787 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 04:01:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4D2C	16 KB 16 KB	27ms 13ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 08 Jan 2024 17:38:05 GMT x-content-type-options nosniff age 196177 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Jan 2025 17:38:05 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 17C2 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	22ms 22ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Thu, 11 Jan 2024 00:07:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response pagead2.googlesyndication.com/bg/ Frame EA40	50 KB 19 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 08:44:50 GMT content-encoding br x-content-type-options nosniff age 141772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19690 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 08:44:50 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 4D2C Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CvqwzTTGfZZKLOMGotOUPqqaMsAOYxdzQb6207suIEbOx9P0IEAEg9L6jBGCVgqCCsAegAZbRyI4ByAEBqQLj4HDcdWeyPqgDAcgDywSqBI4CT9BcShr8_e8fF0vLYoEGBNrUOyxxbNxBP3O... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229926589695420187836%22,%22debug_reporting%22:true,%22destination%22:%22https://crefo-factoring.de%22,%22event_report_windo...	0 0	76ms 48ms	Fetch text/css	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229926589695420187836%22,%22debug_reporting%22:true,%22destination%22:%22https://crefo-factoring.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22298985622%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226761316667063359025%22}&andc=true Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9926589695420187836","debug_reporting":true,"destination":"https://crefo-factoring.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["298985622"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6761316667063359025"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 11 Jan 2024 00:07:42 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9926589695420187836","debug_reporting":true,"destination":"https://crefo-factoring.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["298985622"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6761316667063359025"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 3A2B Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=COSP8TTGfZdL6NueWtOUPkNmRyAGE0aildd6Wvu2QDsSEhZ4LEAEg9L6jBGCVgqCCsAegAafH4tsDyAEJqQLj4HDcdWeyPqgDAcgDywSqBJUCT9C7s7tEhruFwWhnt2HWNGTjy4Bg372dJcS... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223631104383809605055%22,%22debug_reporting%22:true,%22destination%22:%22https://mikka.com%22,%22event_report_window%22:%222...	0 0	75ms 48ms	Fetch text/css	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223631104383809605055%22,%22debug_reporting%22:true,%22destination%22:%22https://mikka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997761959%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226264889859591662577%22}&andc=true Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"3631104383809605055","debug_reporting":true,"destination":"https://mikka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997761959"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6264889859591662577"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 11 Jan 2024 00:07:42 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3631104383809605055","debug_reporting":true,"destination":"https://mikka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997761959"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6264889859591662577"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response pagead2.googlesyndication.com/bg/ Frame C2C7	50 KB 19 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2648484672&adf=1646058159&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661514&bpp=1&bdt=646&idt=305&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=307 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 08:44:50 GMT content-encoding br x-content-type-options nosniff age 141772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19690 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 08:44:50 GMT
GET H3	200	Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response pagead2.googlesyndication.com/bg/ Frame C68A	50 KB 19 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 08:44:50 GMT content-encoding br x-content-type-options nosniff age 141772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19690 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 08 Jan 2025 08:44:50 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	81ms 48ms	Preflight text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229926589695420187836%22,%22debug_reporting%22:true,%22destination%22:%22https://crefo-factoring.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22298985622%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226761316667063359025%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Thu, 11 Jan 2024 00:07:42 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	80ms 48ms	Preflight text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223631104383809605055%22,%22debug_reporting%22:true,%22destination%22:%22https://mikka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997761959%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226264889859591662577%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Thu, 11 Jan 2024 00:07:42 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 248E	0 20 B	50ms 50ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvsTeTjGfZYigINO0juwPtde60AwAAAAAOAHgBAI&bg=!6Oul66TNAAZ1R9vHVUc7ADQBe5WfOKZ_pM03du7qUprQ_c_VVx4pIjzrDkUHD0g5PLJmPjWB3BTLrwpvn7RYtVuQ0GP0AgAAAIxSAAAAAWgBBwoAilvLuSqw0zCCFwgRbztMdVIEt-SBES_bdtJzvFD-D3sJ_EDvIoIbpIKi3Zavpq-sNjeJcwFTHY3zHnY6YVnRB5uMMtInXOAxk44UEFPLdfiN1RPKVwrHCOisHD991qiHx1xrbpN-AEPPQyjQk_NO3ZIIdE2QfBYY9pee48aO0Wmr22is7adkRyWwGZkC5lCk3oOuaXBXEDAN0gQTUOYL_J0UL60mrJitosapFttQyjGQ5dwppvdDmnRQHhWQ2fsjpQvC6qGlmIxTK562ozXs9Q2e34BFoJuInh09KMwMIGZ9fsUXRLfisTyeqpnWYV6ftEGVUjYkMZ5bqMvT2zfJSy4Tw5LZ4DU6gZyZ92pH8c9MMW7jKV2cx1HfzwjVMZlS6lORnc0man47vrEFUlLCjgFokyzwm8fRKGDR-QE3y2m8lHohN9K17Z9uIHl9Fm0c96VBe-07aGp70BdjSZAmyaAFpE9gSRh2Kpya8yu29FgEtWCdfnvGqpYcsTHYHJQ2zc2NI_na_1dmAQ4AI7OoeDiMiD4m135sylPrw8WiZ4c7yP9oK5vefKTyFmv4lqyj-5UOdmNKhr8qAnCDGB3S4ZK2PNH4Skd4bDnxELv5T0iue1rTF8X3CJqwp9HgrJaKsg6myxuOyB3HQQQnUR_dODYiTinj_c6OgYMvoNz7VJPAndOFVa4Kr_iM0mXIYCSXXzZMlBp-0FOwYEzGpxXPWgQq646oU67tdeZ53FpEGkUMQ0Nf4kZWGCTGVgkHCE2SVaveUDmY51g6D0FEI9hZzHrXWwGMUXmdIbdF1KDKvWI68hYIUPp0Zf5fDCQH2LYBRZbWhpLLe2D5kWn90aS2tPiqurwjdaG0N3XU2ppII5LzKNhTYaG5YZE72LFbMtSPWBWyx3Xaw2BjrNwC6HOIkBmqK6Wpr_99gsNYVp6GjmHsPaqwnpP2Evrk8_cmfTGlOEmVyUzkIU0XWD_XBUdfpdzgnGPVMmPtlV7acmdxTAz2NGSVdiUCORg4Qz0NlhMkMyj7gWa2NqyiBXp_XLmH1i0xLzV4EF-mYXjqGA5TadXeIUgrUZBkHTBf9YRak1fwFviFGB3ItBQCKQ_8h3k7YJ43-moXsYk2K9nEUPzYBDKotZMY_l6Kna1D8wguu4b9hIBoGWEGYYtff5YqjOpncg1dbI0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	e99aace94e6e5873881d3400993e1e7e Show response pv.medialead.de/trck/epv/ Frame B058	0 327 B	50ms 15ms	Document application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * access-control-expose-headers X-Request-ID attribution-reporting-register-source {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} content-length 0 content-type application/javascript; charset=utf-8 date Thu, 11 Jan 2024 00:07:42 GMT host pv.medialead.de proxy-host pv.medialead.de server nginx vary Origin
GET H2	200	/ Show response adv.office-partner.de/ Frame DC7E	930 B 923 B	37ms 6ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Thu, 11 Jan 2024 00:07:42 GMT etag "3a2-5c1ab16b3be00-gzip" expires Thu, 18 Jan 2024 00:07:42 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	link.html Show response track.webgains.com/ Frame 907D	2 KB 2 KB	126ms 64ms	Script text/html	13.40.252.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=16567400003802404444550012566014&nw=1 Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.40.252.97 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-40-252-97.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash e7f9f5ef770c06d08d05f3b11e2b5e4a7336433ee232ea235d5f3dbf479715a3 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT last-modified Thu, 11 Jan 2024 00:07:42 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Thu, 11 Jan 2024 00:08:42 GMT
GET H2	200	activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153 Show response 5994599.fls.doubleclick.net/ Frame BF82 Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153? https://5994599.fls.doubleclick.net/activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153?	392 B 327 B	56ms 56ms	Document text/html	216.58.206.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153? Requested by Host: www.dcfever.com URL: https://www.dcfever.com/photosharing/keywordsearch.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f6.1e100.net Software cafe / Resource Hash 2ebf60e18916a2aa429c0c40bb6becbbbaa7154579e65628cf4e34e877292159 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 218 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:43 GMT expires Thu, 11 Jan 2024 00:07:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:42 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900014.redintelligence.net/ Frame 2DE6	7 KB 2 KB	34ms 12ms	Document text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=846acaa7c9&subid=&uid=2ec33ccc75f64522&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZSDGTTGfZcjMN5K1tOUPyP6CqAWm5b2gaYWVnKfJD_AuEAEg9L6jBGCVgqCCsAfIAQmpArhJv7UzZ7I-qAMByAObBKoElgJP0I2MMomC72AxrZgfCu_0qt5NSLcXBBmKNPYMmYmt_9Pbv8N-I-XQCIt_1vg4r_-UhehWXrcDY-U5fdARyDvqxZevo7mJT87Vs4lgSBbtLSpOUBXhPcon8nQcLRoiB1Iou6g_XmBeLosv3E2bRtk2tYnUyEM3dPNezzG-j1cmSgaxwLGjyDdSeENHzx2WoXxPVbvHkdpcluTO9qHxip4xANQdJAaF-Aqwlxa8OuV9uIE2LFYAyzh77wLdXEHCnaMeaIq3LbaHK342fwFP5kpj3ybm6Cilbxx2s9nuajmUlioc9tB3qA4Yc1J_WXm32kNjVxo2S2fbPXHMzQUrtdXBkLQ9uU5E-HyLsVcCT1PBfW-nOLxtd8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljK7cewhdSDA4AKAZgLAcgLAYAMAaIMDCoKCgisurECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB%26sig%3DAOD64_1B1coAdwjXRD4z3lM662QUnMNEog%26client%3Dca-pub-3319273081114067%26dbm_c%3DAKAmf-CtyOfXBJNEYr8zBYVICzxY-dJukelvGicWYTWoAe6Uk-cw2lgWruB3T21uYbnmsOvG0GfxquKB_McsBPZF6A5MWFXA1Ukm1uB-C-Uc9VzCbcoZk81Xsco79HG3XKXs-hWOkFpZL6PCIH19RnJi2qW8yvuoZ4xU3Y0LCzDGoRNAo2pDy5s%26cry%3D1%26dbm_d%3DAKAmf-BwHZ2UYxiOyujFua7CoT7bJV0rnYhwomo6tdCv9HOtF8e4kgUOEWVnOjW6g-B91L4LqMAE_fVUzoXgpFvo4g3YRQ22byr0eYmG9wtxmZJfpREcZGbvk4GPqAFPkWeYxt67y_RDsA-iV7yvPrJTfzqT-nnAkuIMb3giQJp5TvrozWdXzLRqmxFoauWy2uPHvNq_iNFI2-rJDwVbjAvsKAQjSLdwW0_WrtJ5BRgNewoQ50iKrbHGdRb1Qp_GxJ-IsH9GnkSOQUAB1gzVv9wLKr-dlGM8V-J0F9x7aLKHleiL3yXX6qpLwdh18T9F50ZnuEwndiqFIsgS0HOTp7oQQmztyENGFVcP7g4c5Z0tjDIbSPUzQGoUWN_xZgfpJ78ak1EMn-lqmHURwb0ilLNtoAAAVhltlF-nmA1hcJVS5OCQJC_2qqDKM64my7YxHQF1JFpyQd6Rz9Z4neTMoTV3JG9hYWghoSTwBLCXkOO6LALidnyr7rqlU7Adrtnt_421Uz3gowkyafas7Kv7_kgu_KKq2ZDLW_IwVkH736hq9VJYOW6icTXtYcgZSJPTMf0Nykq-WhMbtxsfaX6BtVmllJagdCVaLw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.dcfever.com%2F&ancestorOrigins=https%3A%2F%2Fwww.dcfever.com&random=9092511999342&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash 231ae35e8836379f5c8ff74c476312952857a58cf9e1188c7e5480d38064ec7b Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2082 Content-Type text/html; charset=utf-8 Date Thu, 11 Jan 2024 00:07:42 GMT Expires Thu, 11 Jan 2024 00:07:42 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	e99aace94e6e5873881d3400993e1e7e pv.medialead.de/trck/eview/ Frame 907D Redirect Chain https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent=	43 B 360 B	16ms 16ms	Image image/gif	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT attribution-reporting-register-source {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 43 proxy-host pv.medialead.de Redirect headers location https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=16567400003802404444550012566014&t=htlp&gdpr=1&consent=1&gdpr_consent= date Thu, 11 Jan 2024 00:07:42 GMT server nginx content-length 138 content-type text/html
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 907D	43 B 704 B	107ms 47ms	Image image/gif	92.123.148.9 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=16567400003802404444550012566014&pv=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-148-9.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Jan 2024 00:07:42 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET DATA	200 OK	truncated / Frame 907D	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb56ef824babed35f17d7445e9408a4f38b46d7e09cf70cbf225e452e1c6a3f9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame 2DE6	2 KB 434 B	24ms 24ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 11 Jan 2024 00:07:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jan 2024 23:47:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 11 Jan 2024 00:07:42 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 2DE6	17 KB 17 KB	41ms 19ms	Image image/png	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash 86f46c8ee2d9a037621d3f27df920952d1f5d200f346b8b188534f8daa865d53 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:42 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16982 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 2DE6	16 KB 16 KB	40ms 18ms	Image image/png	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash 756d1e4d87c7a4daa92f77a814c0c578a1122fdaf0d19606574e6800cd8dc39b Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:42 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16510 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 2DE6	11 KB 11 KB	40ms 18ms	Image image/png	88.99.165.19 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.165.99.88.clients.your-server.de Software Apache / Resource Hash b841b70f4a0d8aac4168ee42af4f7e02b9a90d37424c4a2aba311cf552dcdb04 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:42 GMT Content-Encoding gzip Server Apache Connection close Content-Length 10940 Vary Accept-Encoding Content-Type image/png
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame DC7E	177 KB 63 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 18a563122d2570c32608489f50a8102b35ea24621fd8b88f58c2381bc691ad12 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 64511 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 11 Jan 2024 00:07:42 GMT
GET H/1.1	200 OK	viewability Show response hal900014.redintelligence.net/ Frame 2DE6	0 150 B	35ms 12ms	Script text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/viewability?s=16567400003802404444550012566014&a=af37a106&vb=m Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:42 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame DC7E	276 KB 91 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0c852c288d478aee64ceecbeb1c8af111b114c9a7803bcd912314fbcc1290d9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:42 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93336 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 11 Jan 2024 00:07:42 GMT
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 907D	54 KB 19 KB	72ms 16ms	Script application/javascript	52.222.139.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=16567400003802404444550012566014&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.62 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-62.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash 1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 06:33:50 GMT content-encoding gzip via 1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront) last-modified Fri, 05 Jan 2024 10:01:16 GMT server AmazonS3 x-amz-cf-pop AMS50-C1 age 63234 x-amz-server-side-encryption AES256 etag W/"624072fcf9e7c9c12da505b4794801fc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id MAf3VwYyRSV89X6XiBl91iYE6IFUk5lQDZ_7lyWFG6Nwog7puJ0tRg==
GET H2	200	1x1_0.png cdn.track.production.webgains.team/7121/ Frame 907D	3 KB 3 KB	50ms 14ms	Image image/png	18.239.50.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1704931962&Signature=W1KsqQ8Ri47rxIvtc8g1amYb6WpP5AFxPOhuk2AtPlj03WpYF4uBnKGlGYFHf4Dj~kM6n2vhgzzlLAcw-uu~3GDlaKd5KC18ri26SJxLkwvSSnaXSkFSuz-aV0Kmd2pJDLuVYlUYw7Phd3C3YtZCNDHWSlkJW66fp-dCcnJ2kFeo8qFo9GjWo8xdCDufE6w-tNv2dbSnCqDhpoXAXn5G0CZKFBZUrobyk4IneSfw~rn-KGuK1DOR1nqZdPG1VksedGsALbHD1ZD0fMEhleXS6WBbmCxhNpmsdbiX2~cA~kJnpTwyDYbq7ZZkNod7zQQzE8UP7S3d0iuKBQyo-KnVhQ__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3319273081114067&output=html&h=90&slotname=1813346434&adk=2713689935&adf=3056025636&pi=t.ma~as.1813346434&w=728&lmt=1704931661&format=728x90&url=https%3A%2F%2Fwww.dcfever.com%2Fphotosharing%2Fkeywordsearch.php%3F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704931661513&bpp=1&bdt=646&idt=300&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=100771068987&frm=20&pv=1&ga_vid=666797036.1704931661&ga_sid=1704931662&ga_hid=1208744208&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C31080324%2C95320378%2C95320869%2C95320893&oid=2&pvsid=2103821037303026&tmod=881777853&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.50.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-50-21.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x-amz-version-id null date Wed, 10 Jan 2024 09:14:44 GMT via 1.1 ed6e39eea0e39e463514b9421b7a2806.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 age 53579 etag "4e57de0506fbdb487ffcd53b450caee1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2808 x-amz-cf-id E9qCTwOot0C9m6_tcwjwrRM7JxpYq8GW2Dc-WIkQAGNGhCmb88iiCA==
GET H2	200	dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153 adservice.google.com/ddm/fls/z/ Frame BF82	42 B 401 B	86ms 52ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153 Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK3Ri7GF1IMDFXbLOwIdBsEHOw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4249262743994.2153? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://5994599.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	98ms 97ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f870b5202a4638f4fc875c408d274533f1e8ab91c308addced16f577b8156992 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12163 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3319273081114067&plah=www.dcfever.com&bust=31080324 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 11 Jan 2024 00:07:43 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5C4	13 KB 5 KB	15ms 13ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 7923 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 10 Jan 2024 21:55:40 GMT expires Thu, 09 Jan 2025 21:55:40 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 7479	829 B 559 B	22ms 22ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fee7e2f14ab521e699614ce454f8a0a3118b00bd003adbe0e499096680a40920 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-q6g3dR0UmvsnhL_cMpBfRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.dcfever.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-q6g3dR0UmvsnhL_cMpBfRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 11 Jan 2024 00:07:43 GMT expires Thu, 11 Jan 2024 00:07:43 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response pagead2.googlesyndication.com/bg/ Frame B5C4	39 KB 15 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 14:50:55 GMT content-encoding br x-content-type-options nosniff age 33408 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15229 x-xss-protection 0 last-modified Wed, 03 Jan 2024 11:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 09 Jan 2025 14:50:55 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 7479	0 0	47ms 47ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2103821037303026&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B5C4	0 10 B	12ms 12ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?b7R4iQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Thu, 11 Jan 2024 00:07:43 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	78ms 22ms	Preflight	35.177.175.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-175-102.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Thu, 11 Jan 2024 00:07:43 GMT server nginx
POST H2	200	tracking-event Show response api.webgains.io/ Frame 907D	16 B 209 B	72ms 72ms	Fetch application/json	35.177.175.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-175-102.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/json Response headers date Thu, 11 Jan 2024 00:07:43 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4D2C	42 B 64 B	53ms 52ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyWZE54hX284YUSWa7oVmOADcIWYbVcY6QKz2TeXmsWwLyW2EPBjtYQBLoUiBycVU_hZoSKSgFyy98s3Au3H-IooVEpiMoOhVAA_5EfkcD06esbLzG3K4U8dLVPphy3GwX3RVQHDIz-ZIIEFczWaZ8WK7B&sai=AMfl-YQSjIHm0kb4gKSKq8tmHJK6P-ktZRjMVBZkgrvKPdHvtFOuvAkVRsfDs7pGq_FR2MfyjcMG-qU6hbV1Be0LUr3iM3ADDSZEma57AWCywAX03WCSOgV66locdrJf-uQRO7EtbOCUllnsPKvbdEGF&sig=Cg0ArKJSzICjY_9nu69IEAE&cid=CAQSTgAvHhf_gRPjwqycLFQfbMwi13IAr2lh4FqsiFOWl7D58X_P_EG_0tMvlkncnkGjH2ihl2Rt6MUeiTvq66_xigT5mCbi8ETIoeIacx1VHxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2648484672&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704931661821&rpt=932&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	49ms 48ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2103821037303026&bg=!kpGlkd7NAAaumcC-jpk7ADQBe5WfOCtMea9-rUuSkh-0JV2KWvrbXsVcCci0wshBqTGEgUigtReM8AWgoA42zcmep0r2AgAAACdSAAAAAWgBB5kCvdJzYlwd1o0Mwk8Q0fg5ixGky0hpVrsvAhZOA_K5VGbOkMryFaW5YBC3GwFDCFaYEMrR-pIjNbISRCGnQOp8pAIbELTU8C66i9MOPV2ZLIvTaKVvfHZMnTr33Csb0q7qSZxGG7AzhTHrtuhm2Ou2EE6J0Tt0fHEld133PaZJWUugxR0CZo4OQoimz3eeVDr_m03qnXQWsuxqryq5fZJjA5Z1Yd3ndsOqpqWI-RRwx6MYHVPGT4sQlNhrOjppOOHq741mLgrKCJyxxXhItrwoaitEV6gS3KdrLMRHEyYLtmCIf2hmuofwsZcC0QFHk_DNbe1Wp8kfpe52iDksRBefA1pUMINZIeApcIeYKhbDHkfnEic6_7ZWlDp4COgy5e-srdcP1kL-M-U9f8ZLP08nwAU8HJtTvlAGWN17XU87g8UmGQPRMZmfyWlyTOaq-uWnp1uy3AxELjw81N_KLtfPlWIqA1Yjt_ceV6X0W4kZT_r3evmCu8O63iaaInJixuTUF8ZbPz62pruedWOycf8QavdAsNPA3QGIAlAOwzIR_i4T-MPjJhlsYhu__HQPwykn6IrKwZ52UdL6OFpLKMdMHuN7FTqFVVBVBcQJl4lfWAES50Zrru7PEBeGdE490_mmS_y0lK_xCFCjrmRA_B-Y_mMInFUHfBtHh9vdulk4ozY5_CHuYqEivj1P0hnowkNPCYAdS2ovqMicSrQCXWPL-R8lffBcPCjHJAtAo16SCH20hh3qreXOhW58h-B7_X9Ww3LpF6wvNRe1Cs4wnj6ha0PjykSOD2v8u3kIlU9mZpyWbsNxCzQvNSXkMEwWgmG9mJf4vGghyOhsGf4_kxftTl7x4RFsqk-p7Hz-57QAI6On8huH5JXi69dnndpAAHwMhlwr1jDYYOyFEBkSl74UE_G7zEs3---5TIrppq2s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.dcfever.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 907D	42 B 64 B	50ms 50ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszUvtsGA7MUZ1XFPX1iIICxd2eP2mlnP1MSdF7icCEY5IT29Jd12wz2cXeLCT8j-N-M7bbaLEh9hCEePYfb4PP8vMNXPIV15VqPppfw-9s8JOiZ7sO2oJYq5kMtb5ko31Tj0xgr1Xa7qM&sai=AMfl-YSeqD4dgptljz0bbYipLy2yRryGLc8yLgO8iQNz1jyKW4Y4AhyIuOdkKk0WtQeJ8YuZp_2jn12jJFd62MXrxQRb9wwu3pAoZXyOhzuANNHKTQLpMrbuVksJr2b8iy96ShxbA9YckPtsMO3awycm&sig=Cg0ArKJSzG78wLVOJbg9EAE&cid=CAQSTgAvHhf_Qgkt6PX1wegvMUcCz0k79nHxMYZ9MSJhTNsJpBBv2k7BEcMqEv4edeEvJ9PEEBHCo2Z8A4WPzq0-K2MVFWhNr6wjOlAyzna3VhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2713689935&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704931661817&rpt=1065&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3A2B	42 B 64 B	51ms 51ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb_A-QqjJefq1SF5wES6WzwKdkLXLTdAYw7VQNTHpbVzYEBHu9VWvUEYRJ77oB2ZSlmncdHbE-ScJIvj0Y5Tph15vfR2fTMmqYlqyQr62V_CjYQaI_XKo4XULuxg2P7lyn2t1kDR3N6PxTOSOKXYpu5DAs&sai=AMfl-YR3TFsm9m4Bqa7mrw9ZuXWpDUwtEjgAFIffwy8ur2cJnSwtok02jpnsX5A1xlHPRBPCWXxQyra4UYWF3K3iRTO2wsfKrmPqsrDadElbxWY-0KrHm2EKo6011FiLFtso9WgAhMIthko7clAZWyapxA&sig=Cg0ArKJSzFdO5EZkOlfLEAE&cid=CAQSTwAvHhf_NeT7KScW9z6dNrbnFFS91A5I6uMYFyYHqcWD_XvMV4Pskiy_YXhk4rL1VtBcF6JxS6VY6XHKjHbHtw_E8YxoiegZR1RQkvggorcYAQ&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=87,771,1001,1116,1122&tos=87,684,230,115,6&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704931662487&rpt=275&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900014.redintelligence.net/ Frame 2DE6	0 150 B	34ms 12ms	Script text/html	176.9.26.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900014.redintelligence.net/viewability?s=16567400003802404444550012566014&a=af37a106&vb=v Requested by Host: hal900014.redintelligence.net URL: https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.250.26.9.176.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900014.redintelligence.net/request_content.php?s=16567400003802404444550012566014&a=8a1a6b77 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Thu, 11 Jan 2024 00:07:44 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 907D	0 20 B	52ms 52ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2478257368322&version=m202309260101&ct=77&x=1&cor=14352624536422963000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jan 2024 00:07:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT