urlscan.io logo urlscan.io
SecurityTrails logo

www.idrlabs.com Open in urlscan Pro
2606:4700:3031::6815:d20  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.idrlabs.com/test.php
Submission: On August 22 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 12 countries across 76 domains to perform 761 HTTP transactions. The main IP is 2606:4700:3031::6815:d20, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.idrlabs.com. The Cisco Umbrella rank of the primary domain is 398537.
TLS certificate: Issued by E1 on July 7th 2023. Valid for: 3 months.
This is the only time www.idrlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a01:7e00:1::... 63949 (AKAMAI-LI...)
31 2a00:1450:400... 15169 (GOOGLE)
99 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.36.28 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 108.128.97.117 16509 (AMAZON-02)
7 35.186.236.140 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.227.219.117 16509 (AMAZON-02)
1 108.138.36.122 16509 (AMAZON-02)
1 108.138.36.111 16509 (AMAZON-02)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 52.222.139.112 16509 (AMAZON-02)
6 18.65.37.219 16509 (AMAZON-02)
2 18.173.189.135 16509 (AMAZON-02)
3 108.138.36.36 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
40 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.65 16276 (OVH)
1 162.19.138.119 16276 (OVH)
10 2a00:1450:400... 15169 (GOOGLE)
1 18.173.154.106 16509 (AMAZON-02)
8 161.47.17.28 19994 (RACKSPACE)
3 18.203.116.167 16509 (AMAZON-02)
20 36 142.250.185.162 15169 (GOOGLE)
4 13 185.80.39.216 27381 (CASALE-MEDIA)
6 8 37.252.171.21 29990 (ASN-APPNEX)
64 2a00:1450:400... 15169 (GOOGLE)
2 2.16.97.41 16625 (AKAMAI-AS)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
22 216.52.2.6 30282 (AS-INAPCD...)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 4 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
4 9 18.159.228.172 16509 (AMAZON-02)
1 12 108.128.164.100 16509 (AMAZON-02)
3 3 13.248.245.213 16509 (AMAZON-02)
1 2 51.75.86.98 16276 (OVH)
16 142.250.184.194 15169 (GOOGLE)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.86.23 16509 (AMAZON-02)
5 35.71.131.137 16509 (AMAZON-02)
2 178.250.7.11 44788 (ASN-CRITE...)
1 1 2600:9000:237... 16509 (AMAZON-02)
1 52.50.218.26 16509 (AMAZON-02)
3 3.75.62.37 16509 (AMAZON-02)
18 18.173.187.28 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 142.250.74.194 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
6 216.52.2.39 32475 (SINGLEHOP...)
11 145.40.97.66 54825 (PACKET)
11 172.64.148.101 13335 (CLOUDFLAR...)
20 46.228.174.115 56396 (AMOBEE)
10 185.64.189.112 62713 (AS-PUBMATIC)
10 69.166.1.64 27630 (AS-XFERNET)
10 2602:803:c003... 26667 (RUBICONPR...)
1 3.213.136.125 14618 (AMAZON-AES)
3 30 37.157.2.229 198622 (ADFORM)
3 2602:803:c004... 26667 (RUBICONPR...)
7 14 69.173.144.138 26667 (RUBICONPR...)
5 95.101.111.145 20940 (AKAMAI-ASN1)
10 37.157.2.247 198622 (ADFORM)
2 2602:803:c003... 26667 (RUBICONPR...)
60 2606:4700:20:... 13335 (CLOUDFLAR...)
12 23.218.210.30 16625 (AKAMAI-AS)
2 4 67.220.226.234 16509 (AMAZON-02)
2 4 52.46.151.131 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 104.18.38.76 13335 (CLOUDFLAR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 69.166.1.35 27630 (AS-XFERNET)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 2 208.93.169.131 46244 (WEBMD-IDC...)
14 2a02:cb40:200... 20546 (SOPRADO-ANY)
1 1 2.20.213.154 16625 (AKAMAI-AS)
1 2001:8d8:100f... 8560 (IONOS-AS ...)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 64.74.236.223 22075 (AS-OUTBRAIN)
1 172.64.149.180 13335 (CLOUDFLAR...)
4 185.64.190.80 62713 (AS-PUBMATIC)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.144.103.147 14618 (AMAZON-AES)
8 198.47.127.205 62713 (AS-PUBMATIC)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 52.44.35.59 14618 (AMAZON-AES)
1 2 151.101.66.49 54113 (FASTLY)
1 1 35.214.145.237 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.212 16276 (OVH)
1 1 141.95.32.72 16276 (OVH)
1 1 188.166.17.21 14061 (DIGITALOC...)
761 98
28    2606:4700:3031::6815:d20 (United States)

ASN13335 (CLOUDFLARENET, US)
www.idrlabs.com
cdn.idrlabs.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
monu.delivery
31    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
99    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3032::ac43:c5a2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.idrlabs.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
31    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    108.138.36.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-28.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
10    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    108.128.97.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
7    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    13.227.219.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-117.ams54.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    108.138.36.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-122.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    108.138.36.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-111.muc50.r.cloudfront.net
client.aps.amazon-adsystem.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
1    52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net
launchpad.privacymanager.io
6    18.65.37.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-37-219.ams1.r.cloudfront.net
aax.amazon-adsystem.com
2    18.173.189.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-189-135.muc50.r.cloudfront.net
c.amazon-adsystem.com
3    108.138.36.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-36.muc50.r.cloudfront.net
geo.privacymanager.io
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
40    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
10    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    18.173.154.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-106.muc50.r.cloudfront.net
ats-wrapper.privacymanager.io
8    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
3    18.203.116.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-116-167.eu-west-1.compute.amazonaws.com
protected-by.clarium.io
36    142.250.185.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
13    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
64    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
22    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
vap2ams1.lijit.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
4    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
secure.quantserve.com
pixel.quantserve.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
9    18.159.228.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
x.bidswitch.net
12    108.128.164.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
16    142.250.184.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    65.9.86.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-23.ams1.r.cloudfront.net
choices.truste.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:9000:237d:fa00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.50.218.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-218-26.eu-west-1.compute.amazonaws.com
match.360yield.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
18    18.173.187.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-28.muc50.r.cloudfront.net
tagan.adlightning.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
ade.googlesyndication.com
1    2600:9000:219c:1e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
6    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
11    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
20    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
10    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
10    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.213.136.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-136-125.compute-1.amazonaws.com
1x1.a-mo.net
30    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
dmp.adform.net
3    2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
14    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    95.101.111.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-145.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
10    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2602:803:c003:200::67 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
60    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
12    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a05:d018:d29:3602:bd5b:64ca:999b:f400 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
14    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
1    2.20.213.154 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-213-154.deploy.static.akamaitechnologies.com
www.awin1.com
1    2001:8d8:100f:f000::21b (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
www.zaun-idee.de
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.144.103.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-103-147.compute-1.amazonaws.com
a.audrte.com
8    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    52.44.35.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-35-59.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.145.237 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 237.145.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
ws.rqtrk.eu
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
154 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
ade.googlesyndication.com — Cisco Umbrella Rank: 340
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
931 KB
100 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
760 KB
64 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
4 MB
60 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10961
as.ad4m.at — Cisco Umbrella Rank: 30904
assets.ad4m.at — Cisco Umbrella Rank: 41546
5 MB
41 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 647
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 11305
token.rubiconproject.com — Cisco Umbrella Rank: 748
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9594
eus.rubiconproject.com — Cisco Umbrella Rank: 737
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
139 KB
40 adform.net
track.adform.net — Cisco Umbrella Rank: 4356
s1.adform.net — Cisco Umbrella Rank: 10102
c1.adform.net — Cisco Umbrella Rank: 720
dmp.adform.net — Cisco Umbrella Rank: 3746
193 KB
33 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
ce.lijit.com — Cisco Umbrella Rank: 1118
pxdrop.lijit.com — Cisco Umbrella Rank: 4000
vap2ams1.lijit.com — Cisco Umbrella Rank: 52195
47 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 651
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
image6.pubmatic.com — Cisco Umbrella Rank: 989
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage2.pubmatic.com — Cisco Umbrella Rank: 982
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
108 KB
29 idrlabs.com
www.idrlabs.com — Cisco Umbrella Rank: 398537
cdn.idrlabs.com — Cisco Umbrella Rank: 483995
193 KB
24 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
htlb.casalemedia.com — Cisco Umbrella Rank: 741
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
21 KB
20 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1038
2 KB
18 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2663
508 KB
18 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 15133
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 15240
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
64 KB
14 adcell.com
t.adcell.com — Cisco Umbrella Rank: 56199
6 KB
14 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
791 KB
12 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2845
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
11 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1121
1x1.a-mo.net — Cisco Umbrella Rank: 3462
50 KB
12 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 808
3 KB
11 monu.delivery
monu.delivery — Cisco Umbrella Rank: 31113
imps.monu.delivery — Cisco Umbrella Rank: 37609
191 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 3
2 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
2 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
6 KB
8 saambaa.com
saambaa.com — Cisco Umbrella Rank: 21121
api.saambaa.com — Cisco Umbrella Rank: 23622
167 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3855
launchpad.privacymanager.io — Cisco Umbrella Rank: 3364
geo.privacymanager.io — Cisco Umbrella Rank: 2287
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3024
71 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
1 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
1 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1546
google-bidout-d.openx.net — Cisco Umbrella Rank: 1553
us-u.openx.net — Cisco Umbrella Rank: 605
1011 B
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
3 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
secure.quantserve.com — Cisco Umbrella Rank: 1412
pixel.quantserve.com — Cisco Umbrella Rank: 1151
10 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
spl.zeotap.com — Cisco Umbrella Rank: 3551
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823
921 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
r.turn.com — Cisco Umbrella Rank: 4432
1 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1697
730 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
12 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611
creativecdn.com — Cisco Umbrella Rank: 674
2 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
www.google-analytics.com — Cisco Umbrella Rank: 62
553 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
772 B
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 4136
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
284 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 849
cdn.indexww.com — Cisco Umbrella Rank: 1942
2 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 745
725 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
490 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1550
326 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
27 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1668
157 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
555 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3841
352 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3601
400 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
556 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
225 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
1 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
309 B
1 zaun-idee.de
www.zaun-idee.de
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17983
622 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
736 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
648 B
1 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 24893
25 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1302
634 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2456
199 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
481 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 1050
27 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
21 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1490
668 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 10006
551 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2445
174 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
729 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
4 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
402 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1691
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
86 KB
761 76
Domain Requested by
99 pagead2.googlesyndication.com www.idrlabs.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
tagan.adlightning.com
64 s0.2mdn.net www.idrlabs.com
s0.2mdn.net
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
tagan.adlightning.com
40 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
www.idrlabs.com
s0.2mdn.net
tagan.adlightning.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
36 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
31 securepubads.g.doubleclick.net www.idrlabs.com
securepubads.g.doubleclick.net
saambaa.com
www.googletagservices.com
tagan.adlightning.com
30 assets.ad4m.at as.ad4m.at
26 track.adform.net tagan.adlightning.com
s1.adform.net
www.idrlabs.com
20 ad4m.at tagan.adlightning.com
ad4m.at
20 targeting.unrulymedia.com saambaa.com
19 www.idrlabs.com www.idrlabs.com
18 tagan.adlightning.com saambaa.com
tagan.adlightning.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
17 ap.lijit.com saambaa.com
tagan.adlightning.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
www.idrlabs.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
tagan.adlightning.com
16 googleads4.g.doubleclick.net www.idrlabs.com
tagan.adlightning.com
14 t.adcell.com as.ad4m.at
14 www.googletagservices.com www.idrlabs.com
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
tagan.adlightning.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
12 eus.rubiconproject.com www.idrlabs.com
eus.rubiconproject.com
saambaa.com
12 ads.yieldmo.com 1 redirects saambaa.com
11 prebid.a-mo.net saambaa.com
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 as.ad4m.at tagan.adlightning.com
as.ad4m.at
10 s1.adform.net tagan.adlightning.com
10 fastlane.rubiconproject.com saambaa.com
10 apex.go.sonobi.com saambaa.com
10 hbopenbid.pubmatic.com saambaa.com
10 htlb.casalemedia.com saambaa.com
10 www.google.com tpc.googlesyndication.com
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
tagan.adlightning.com
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
10 cdn.idrlabs.com www.idrlabs.com
cdn.idrlabs.com
9 token.rubiconproject.com 4 redirects tagan.adlightning.com
9 x.bidswitch.net 4 redirects c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
8 simage2.pubmatic.com ads.pubmatic.com
7 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
7 imps.monu.delivery www.idrlabs.com
monu.delivery
6 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
6 ce.lijit.com tagan.adlightning.com
6 saambaa.com www.idrlabs.com
saambaa.com
6 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
5 pixel.rubiconproject.com 3 redirects
5 vap2ams1.lijit.com tagan.adlightning.com
5 pxdrop.lijit.com tagan.adlightning.com
5 ade.googlesyndication.com
5 match.adsrvr.org c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
4 monu.delivery www.idrlabs.com
monu.delivery
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 beacon-fra2.rubiconproject.com tagan.adlightning.com
3 ups.analytics.yahoo.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
ads.pubmatic.com
3 eb2.3lift.com 3 redirects
3 ads.pubmatic.com saambaa.com
ads.pubmatic.com
3 protected-by.clarium.io c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 fonts.googleapis.com www.idrlabs.com
saambaa.com
s0.2mdn.net
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 bh.contextweb.com 1 redirects
2 sync.go.sonobi.com
2 creativecdn.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 beacon-ams3.rubiconproject.com tagan.adlightning.com
2 www.google-analytics.com cdn.jsdelivr.net
2 dis.criteo.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 onetag-sys.com 1 redirects c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
2 cms.quantserve.com 1 redirects c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 api.saambaa.com saambaa.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 c.amazon-adsystem.com client.aps.amazon-adsystem.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 oajs.openx.net 1 redirects www.idrlabs.com
2 fonts.gstatic.com fonts.googleapis.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 ws.rqtrk.eu 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 secure.adnxs.com 1 redirects
1 www.zaun-idee.de as.ad4m.at
1 www.awin1.com 1 redirects
1 p.rfihub.com 1 redirects
1 js-sec.indexww.com saambaa.com
1 px.ads.linkedin.com
1 1x1.a-mo.net
1 saambaa-static.azureedge.net www.idrlabs.com
1 pixel.quantserve.com www.idrlabs.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.idrlabs.com
1 match.360yield.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 choices.truste.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 ums.acuityplatform.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 r.turn.com c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
1 cdn.jsdelivr.net saambaa.com
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com www.idrlabs.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 google-bidout-d.openx.net oa.openxcdn.net
1 client.aps.amazon-adsystem.com monu.delivery
1 config.aps.amazon-adsystem.com monu.delivery
1 launchpad-wrapper.privacymanager.io monu.delivery
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.idrlabs.com
761 133

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
idrlabs.com
E1		 2023-07-07 -
2023-10-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-07-23 -
2023-10-21		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-19 -
2024-02-17		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2022-12-16 -
2024-01-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
quantserve.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
cert2-prod.aut.a24365.net
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2023-07-28 -
2024-07-27		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh

This page contains 86 frames:

Primary Page: https://www.idrlabs.com/test.php
Frame ID: F8CECD2C117A4E52B87B7BFEB00A8206
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: 651B6DA1C84B7BDF7E699366D792CA21
Requests: 1 HTTP requests in this frame

Frame: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24831887DAF6D72FEDF10A8B3DB234A1
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 63C19E796A34BC27D1C04F2398924875
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D3CB1625294AB230ADB46EA04FF98281
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 912FAE4614A44C6D080F6B3ECD53DF34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75E085840062369806D2A1812AB8ABD3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP4T_tMsc0zfZ4Endvntnx3uN0jHwnhb7mLd6hsJpAmvBvq1vAcc3cyZ-L44J6rhxgafRmFaKvq65UWFvJMQqI3Pl82Da5wPin8inlWJXppqP-y_YJyntFytTo33TqS5JX_VGEaPvBbwv1iRThgV7YZBh0dpE2XA6kwy9gx_oP02SdpVjsL6qNQl-BkwINwoY_geRGglrAqyAXzeGIasWaAG4g9khYxuD84RESp4qYesFn4V8O6Wj-q3RfRFNDj4rO_1a3QxhiCxYRdPyOW-LhYqDwzGXWV-LnCR8LWL-WvEAM67wYV3NdAZz_8hFoE8U2gX29dL5IM5_Sn8xGhgeCAta3AZNMfJQ_JZQWhg&sai=AMfl-YT3b2ZvyFmHbEVLOPsfX27SRa6MYeC3UC-R6q3FVN-8-YBuJ5MHpS-8NvXmnTY5zOm25V9TTFtagoQGaXnzxEvQQmlVfPdFUPRE0dxImMuVUkuFpYC2xmAVF7V9Lw&sig=Cg0ArKJSzNytnb1ceRuQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3730F168F8F236380537535D01F8DB38
Requests: 127 HTTP requests in this frame

Frame: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4BF7D6B3CF7C11F7D501FB21AC11F75
Requests: 22 HTTP requests in this frame

Frame: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 40E055EF9E1F9DDA8078F2234C734D2A
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Frame ID: 007E4282A93420E7A1ED43751C6D4D95
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Frame ID: 7E4B7E69C85FB6FD4E67107CFB6D59F4
Requests: 5 HTTP requests in this frame

Frame: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4293519165F2155887467F7DDE26123D
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27EAFD37C042B3239EF098629B8B281F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Frame ID: 2A2B15CB8CBB893C385A85518903B759
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A1FF5143942ED61B7A984CC461D2687C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8DB1B0936AB99EF291664F586024B16
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
Frame ID: 1450CA09FAB1853BB21027FB2064BF16
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA88EEEF2C15F5BA41C818F618F8A7B1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Frame ID: 84C74CA66B3D86889795AA5687E4340C
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09A5230B88F1F4730521DED11834CD6C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Frame ID: 3369320B99A402F06125B4CB598B5523
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 804EB4BD7CBC82C40BFD7A41C2A1785E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 3E47EFDEDF463F2C25DC6CB982DACF30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Frame ID: 43D738DB7A2D479FA74A1DC7D892E974
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: 3AD180A639430EF972F6AE54F0BED998
Requests: 1 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FB266FA2E7C405667F5901623FAD4F41
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: ED850CA27BF8CDCA091C8B244FA97589
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFF3E8F4F14969C717A2AD0A3233203F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A0389EFD48D6192782227DB1A534A0E1
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 722A4D588C7518CE0C1B06E3D3F19E23
Requests: 20 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5867D7FFDC69A64853172DD8D2D367B4
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNWZSki1GCiVf8j4d2vn2Br7YQr4ND_2MCF1v-0T63KqZIKCp8Kd4pUSFLG0558yyeQWaDdVz-vUv35wStcem0qxNdEqlg
Frame ID: 9BA373EE607E6353BB621833BF64F188
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: BFAF479A9575D584E05582475E2121FB
Requests: 10 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6EF9B0497D02EA987FFA1B9EE28EE207
Requests: 21 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 370222A6D0753F6F1694246458A904CF
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 4C5A8FC27CEA7F153E6BBDB77FEB28B5
Requests: 19 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 62E2622E4A945568F0469720238C81F8
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D678296FC365160F19CE0407415FE27F
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 98DB3CC8AFAA60C18D3FB4512B60819F
Requests: 1 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2671DB289FB270C41DA2989B9EC0EC20
Requests: 21 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 8FD6358302047B269697147E2C842C8F
Requests: 19 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: D297F5456CD55AE92E7B896F77357785
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C4490C8450DC54CE437FAD918339BA1
Requests: 3 HTTP requests in this frame

Frame: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AAA93531D81C2354FB2D811C36DE4FF5
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNVJR-PSdlf9rFeoljuYNEUEC2JVb-nVu8_t1madT5A7yUXebtAlOKTVy0aRqe-iiRfH1GJc-87u1UIT98m2HTRyUGfYMg
Frame ID: C0D760F7706DB5491DF431C9E7E2A371
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 8F2CE2CC282E5341391622CDA88392D1
Requests: 19 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: F6D1E241ABEB86054BAA0861FD248C90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNUCMyh2v0oWiAwhm1MFn2mestqT2ufKgiFj-SydeYpAVnjN1JqXopU_MoiOjOhwWYv41e-9IxSbOG-aIJ59_ILFD80wug
Frame ID: 1828C319B8AE430160867917AE9C9A59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNW7xReZ1uIl7VBhchPH6xMYZkhAoSEJhwM95dTYWrs58KpRcaw_VrCi2k9SEhxS4aRQb9TNZADNrgbIixeN73cPEm-qTQ
Frame ID: D97E3C1EFF92133374B97A7D625EDC91
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7A65B85477499E07FB35215B24983E71
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: B030AE05FF3A442E32FB924DE1750102
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 434C5F87305658EF163B1E134CFE8B01
Requests: 23 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 37A103C5624E8832E7080FC6E6FCB565
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EBA1F6B122B6A998DCE213C5B0034E7E
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 2258EFB6A04BF6C9461CAC04EC6A97CA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 51AADCC40DF661F894BFAE569C5E54BB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNW9Y56-EB-0bt70jTb2ZNoPOgdpWsmpPgUB0ogO7phNGu8nNR8wTk0hyXBIkAfB8mn7KTkQX_9YkWTsi1SzQ6O3t9RX6w
Frame ID: 84409143AF5269FE117D453A31075C2C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 13D8422FEDFEF8EFEA29AA16153DBC02
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A1C3FE06BCBF8D8F8FE974A4CF5BA544
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 62827F32A72BF779FF3852006ED05336
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4CCD107E8DCC690205066DBA251C56BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B360F65FC641C80CB40D54F55359121
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7610129A22607EA5E178C6E6A854EFA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1810B4A88D9F4F82E021B5D4269CDD3E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: CF6B013365742A6BA708BFD7B8EB7E5B
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 59C98E49D86A15A358DCB9189DFAD034
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&redir=true&gdpr=0&gdpr_consent=
Frame ID: 9BEED9CD9C8B529543E9FB8841C87D33
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
Frame ID: 69196527852C8AC891F8FD250F2D95F8
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 83C0BFA55699896F75D0764E72F84F23
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 7212CFDF5D1C2983685A17056709B616
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A5D2A0E9991F3E030468210F6E5538C8
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: 534C7558E1141CE0914240092BCF02B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0EDFF1F8B1A9AA6E18C3D7146408C8D8
Requests: 3 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: D7A1BD5F02B17B5386F5DCF1924308BD
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: 204D8AC39C3AEBB896043574471793B2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 2F81E4D21F22A65E9D443AA63AEA33C2
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: B1B992ADD26EB48AE9998000921C3C39
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 39037A3BB8751D49752244B98709D68C
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
Frame ID: 27D7E2BDCC9E9364AA4DAAF138F633BB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725322781652957803&gdpr=0&gdpr_consent=
Frame ID: 50332FC8C44A8C667B6A29EB126AF780
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DSJasDjDWRZAhPmjYk7hYlQTr6U&gdpr=0&gdpr_consent=
Frame ID: 1D2C4D07B1C13C07BF15B18D2ED09E4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270080026586577042&gdpr=0&gdpr_consent=
Frame ID: 1BB1379460870A80C2159CCF2723CED5
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOSDTQAKdxSqwgA_
Frame ID: 332F57528A58CF72A5CE1D1CA86765FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 8DAB373C93734944E22FB88220E994A9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUbb3bebdc5e9f4044889fdee822c4d973&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 71D92C00239B5301F36FFD07EAED82BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Personality Test Based on Jung and Briggs-Myers

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

761
Requests

93 %
HTTPS

30 %
IPv6

76
Domains

133
Subdomains

98
IPs

12
Countries

14267 kB
Transfer

23972 kB
Size

105
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp&cc=1
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Request Chain 113
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOSDRANvG-mhC3oCYkpiZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
Request Chain 115
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Request Chain 117
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOSDRANvG-mhC3oCYkpiZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
Request Chain 119
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDF-6KzSDIZ9yr2BUSD0j20&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIiXxwpBwy1rH3iVZoTH5Dg&google_cver=1
Request Chain 165
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDXJTQlvNJ-QFjfNApC-Co&google_cver=1&google_push=AXcoOmTd99yqELp91hM7VCzLB55rqcPt10VGcwiKRSmYr2OBZ8xYE-mZ7_EjqHdteAQaFxSsf2sy64ZEGkzSsKxmwG8uHQ5o9LW-YQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE0NzEzMTAyOTA5Mzg2OTY4NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTvlBX6AbTHnroksV7CFy8&google_cver=1
Request Chain 167
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIeuk0-I1NY3tX2pe2k5s44&google_cver=1&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVfjOAqwJmd4_hl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVfjOAqwJmd4_hl
Request Chain 169
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEKagpLP08JMtlvTaGuIL98A&google_cver=1&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg&google_hm=M21TN29ISGJiUEhJcnh6RGFXb1c=
Request Chain 170
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDge3cYcQuUFS3yRgblC7Ac&google_cver=1&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pcz3g HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pcz3g&google_gid=CAESEDge3cYcQuUFS3yRgblC7Ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pcz3g
Request Chain 171
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELs79SKV7p8qoisrTSfteYM&google_cver=1&google_push=AXcoOmTEfGKmKb2rWyP2soiUiMhdrkWE7xjld0ZMbrjDe1SEg6uQA2-DWnVJdBrONYz1RqZ5ud_cRYa7hYqftqfeeN9rq35Mv4pwDGs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTEfGKmKb2rWyP2soiUiMhdrkWE7xjld0ZMbrjDe1SEg6uQA2-DWnVJdBrONYz1RqZ5ud_cRYa7hYqftqfeeN9rq35Mv4pwDGs HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 178
  • https://um.simpli.fi/gp_match?google_gid=CAESEBIsBn_LmAH0Owdk_c4-OWE&google_cver=1&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0sYCU-mRicXbc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3A0643BB117C49CFB15E7FDBDD98E173&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0sYCU-mRicXbc
Request Chain 180
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEyY2JPCaxcXK1k2VcOAssU&google_cver=1&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOcQKP2PawbdpHXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDA4MDAyNjU4NjU3NzA0Mg%3D%3D&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOcQKP2PawbdpHXQ
Request Chain 181
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG1YiF7T_qbzGAUYJiHG6Kw&google_cver=1&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lur-hECj6jmg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ow6xmQE6RGmBdWqtDar_0A2&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lur-hECj6jmg
Request Chain 182
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEFnNXbzj0PPDSYPZXuOIf9k&google_cver=1&google_push=AXcoOmSJy8TOHA1ej1DM0b84wTrSYj3-oWtKOL8zP5CaSbKy2jglZJX_OVX3Wz2a227vQMQ-6ycgWEH-OYudRob3_BIiQSinDWk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817254177635
Request Chain 207
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFAPkqD0zPVQYimrAhMVq3k&google_cver=1&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAntzXEmptr5vbq_KTErsnmoyJOsrIXQ8n0vkjmnu3_juW87cfY-8wlI0Ct5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAntzXEmptr5vbq_KTErsnmoyJOsrIXQ8n0vkjmnu3_juW87cfY-8wlI0Ct5
Request Chain 209
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG0cg6Lg7AfUtiKAGlGnQDA&google_cver=1&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jcL1BIpabBLORcRaYR6qFoUBkdz6jXURfGA8TddIih1prsYhH9uPW5oJ5worKCuAJidT4ju1sxNJ9dpyR2kFOiAOrU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jcL1BIpabBLORcRaYR6qFoUBkdz6jXURfGA8TddIih1prsYhH9uPW5oJ5worKCuAJidT4ju1sxNJ9dpyR2kFOiAOrU
Request Chain 500
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIk06TxJr5wQ7R32YQEGmiM&google_cver=1
Request Chain 501
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZmNDc0MTEwYjRmZWFiMzUzODljN2M5NmUyYWFiNjYxOTRiYTcyZQ
Request Chain 502
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExNNEMzWVotMy04NjZS HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEXiyUIIPG42arHLGUCAK_0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExNNEMzWVotMy04NjZS&google_push=
Request Chain 503
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nZ8zKyTuTGO12rCxz065Nw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nZ8zKyTuTGO12rCxz065Nw
Request Chain 504
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ynAekQFzS-y2YtGvuGT0AA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ynAekQFzS-y2YtGvuGT0AA
Request Chain 505
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/29843kmjgwFh-LoVXZHfuA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p.u65NxE2oKADdILjwzdbbvLIJ3lt3YxM8ZPxw--~A
Request Chain 506
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLM4C3YZ-3-866R
Request Chain 567
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ATvH2487B9VD0zDhsAr4&pi=sonobi&tc=1
Request Chain 568
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88&google_hm=ZGFiYTNkNTgtOTY3Ni00OTZjLTkxNjgtY2Y5Zjc0Y2FhZTg4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIdtoDpOJmWtABybmpTVDrw&google_cver=1&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88
Request Chain 569
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926800046777
Request Chain 570
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2c0384d6-ae3c-438e-a794-0d3f58b43148&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NFVqQ1FKYlVkQTRiOUJUdG5IamR1Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHyXoselGVKpElqcmguclCM&google_cver=1
Request Chain 613
  • https://www.awin1.com/cshow.php?s=3010213&v=25533&q=423119&r=412871&pv=1&pref3=oneidEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zaun-idee.de/php/htlp.php?utm_source=AWIN
Request Chain 643
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOSDRANvG_mhC3oCYkpiZwAADKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK36EXMnLTQxmk4yxHruhZE&google_cver=1
Request Chain 644
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8725322781652957803
Request Chain 645
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6136022691595043624&expiration=1693907018
Request Chain 647
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692783818
Request Chain 648
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 669
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
Request Chain 670
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XL_HlRsTQ26t1W0rcv4YxQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 672
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3488708791 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
Request Chain 673
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2xmcVVxVldDcThSRHlqc0E2djlBY2ltdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6136022691595043624&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 674
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUNCRkM3OTUtMUIxMy00MzZFLUFERDUtNkQyQjcyRkUxOEM1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 675
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvN-KyzXVBC3Zp0R4vIVQM&google_cver=1
Request Chain 678
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6136022691595043624
Request Chain 753
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725322781652957803&gdpr=0&gdpr_consent=
Request Chain 754
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DSJasDjDWRZAhPmjYk7hYlQTr6U&gdpr=0&gdpr_consent=
Request Chain 755
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270080026586577042&gdpr=0&gdpr_consent=
Request Chain 756
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOSDTQAKdxSqwgA_
Request Chain 757
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 758
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUbb3bebdc5e9f4044889fdee822c4d973&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 760
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 761
  • https://pixel.onaudience.com/?partner=214&mapped=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb8b318f9eb677ea HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8fe1699244e&zcluid=cb8b318f9eb677ea&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJOZ8SlSLdzfpaDLhCGWfF4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8fe1699244e&zcluid=cb8b318f9eb677ea&zdid=1332
Request Chain 762
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=daba3d58-9676-496c-9168-cf9f74caae88&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 764
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7147131029093869685&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 765
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e02b784c-2808-4199-907e-d88e3e1010f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

761 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request test.php
www.idrlabs.com/ 		124 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7e6668ee0c5bec25d25948eb033b0ed3a956786654c8ad317cd855d4ae3165
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7faa2bfdce9fbbf8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7Y5ef6t0%2BY31go8cuaGoKrsI17YP3R7ZmELT48urK0mFA4Nm5WaGGMrV32S13b4BEGlyE93u6l04a7dZOzbXiRFikg10nBQTdZE5L1X2w3pnDBQwHEgbnkgjJopQUZHMHf5dFk%2FeAU8NXje3aI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
min.css
cdn.idrlabs.com/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/min.css?2.5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8227
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 23:47:02 GMT
server
cloudflare
etag
W/"62bb92f6-5ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0rsdchVEzz4XXS%2ByUJPZRMQfqLaaJYMFjNpZk%2FSl9ksdDcghcNGa0jFtT7sX2n7X0sdDyRdTCEK5Puyf7mVWZtouw5%2BZFAoHx7xHBPxYwWhDqGUK9U6dUQo4ywmmTPe%2BcpunoV%2FgiC%2Faj2OX%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1876bbf8-FRA
expires
Tue, 22 Aug 2023 07:35:33 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 07:48:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 09:43:30 GMT
test.min.css
cdn.idrlabs.com/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test.min.css?6.20
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532485
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 05:06:02 GMT
server
cloudflare
etag
W/"64ae34ba-2c9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCQ%2F5AaHq27slaEleBJyuZ4U6VvC8q9gY439U%2BFnA4lXDeOHYJ%2FUc61tKLIiBEnzO5Raiv71EBevKKskBmZUYxa%2BmVYHlbJsqB1w7m3pjPU%2BW%2FD%2BMikhK%2BKQ%2B%2Bmx0Lc9zGBXBpROGUVITNk1%2BkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1874bbf8-FRA
expires
Wed, 16 Aug 2023 05:56:42 GMT
test-link-unit-compat.min.css
cdn.idrlabs.com/assets/css/ 		730 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-link-unit-compat.min.css?v3.2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436395
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Nov 2021 17:50:02 GMT
server
cloudflare
etag
W/"61841d4a-2da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfFoo1aQXAzA9FXca2r3UGBRFVQdkoV6tMXCG8VnxN%2BSNmuY8BnDuevNez%2BBn6Z4iTRNGlanhk7x3SUnNWI0oAz2ZvlcW8ef%2Fii1jAJlNSU%2BOk1Xm4jLIfM8FCKiR0v0JG9U%2BgVWmmYzNKJsJJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1873bbf8-FRA
expires
Tue, 22 Aug 2023 08:29:19 GMT
test-mbti.min.css
cdn.idrlabs.com/assets/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-mbti.min.css
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f984f6b111125e9e4373686d773290f30e03304825a651b5d1f55a31449ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
270775
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Feb 2020 11:36:03 GMT
server
cloudflare
etag
W/"5e3bfa23-25da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whywW08F6Yl4zHwGsgmFuFT7n66o9IgNehIchUp8R7TcJvHOEMjhDcMrN7EvLXQ8Jo23cbFTz2r4oRJjGOQ2DgL%2BoJM8xUPkzmTYv0%2BKv%2FEGIehT5orMsqf9TgJDZSnhlsVLzMdZkSbhRuA6StY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1875bbf8-FRA
expires
Thu, 24 Aug 2023 01:27:25 GMT
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/site/b/d/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
70111568e822ecfad1374bebecfbfaf5c919b018f3bebaa217cefa0377fb992f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduyG1prAY7-FU0HyLVFloYGLK2DfKQ0As7a8Is2t3SwVQs92LlDaSJb4WkdCBb6xgHe0B9EFVfwWTWdtTwB5sUwRw
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1692679648898777
content-type
application/javascript
x-goog-hash
crc32c=fJnLEg==, md5=HGZYjz9zP0NyzM2Y3BkSQg==
cache-control
max-age=7200
x-goog-stored-content-length
59590
expires
Tue, 22 Aug 2023 11:43:30 GMT
EN.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/EN.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52151
alt-svc
h3=":443"; ma=86400
content-length
3793
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BogT5pJCxFgZhZ6ILjNgQhY0ihwBU4Jg9iu8uphBlizcRmDpq5Q709PINzWUO4%2BOQVaiYOZuhHi10516gqTZC74IS7cify3DngdfB%2FxaNQ95kZwrF01AeWMXWDHLq5aAWsDTP8lMbqpZscx%2FZZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef83abbf8-FRA
expires
Fri, 25 Aug 2023 22:17:29 GMT
ES.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/ES.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13626b600e6da99f04fbed63da9b9c46264dc36302e7c2ef10bfa31cd325aa1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49425
alt-svc
h3=":443"; ma=86400
content-length
3358
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-d1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcTaJ2JNokR9xr78RFf%2BZPpeB7TGnGmexc%2BNkRiXvjo%2FOVqQxX3zmIFgKhVecNlL%2FNHJ8bsB2nsZNZkm7AyJe4gGl30jbIutVvrz%2BWA45glt49pngJxr%2FbgxBfS2sSC174fPriUIfSScvM%2B2w1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef83cbbf8-FRA
expires
Fri, 25 Aug 2023 12:14:40 GMT
PT.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/PT.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
374654
alt-svc
h3=":443"; ma=86400
content-length
3830
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyq9GX4oMnJjHjhKGgFUSANdez4B7t5zzniH1TCpf9IjKKVKw0flDAyQDVs3sw97sKqWwuq5XtQSqmqcPI9t2wcLdzIfaOeZWc%2FlxWvqnDDwo15LMpiboi%2Bj%2FZ4ykZ6OOpftLlbSYtV8GkYDOKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef83fbbf8-FRA
expires
Fri, 18 Aug 2023 13:47:23 GMT
DE.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/DE.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d0fcdd331242b989638d849e67bfbf6699af6769052dc434ba976fb819e5a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436005
cf-cached-on
Sun, 12 Jun 2022 04:27:06 GMT
alt-svc
h3=":443"; ma=86400
content-length
2832
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-b10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzQ10m9iOCuq2P9pIBGugqFxmR4h%2BNhok2E%2FT5enVp%2BRTEFoHLbfQi%2BJUDfnZ0o1iD%2BD5aqkmmLb8Yr6pfIVV3m4CdK7UB3AMubi2DORfV79%2F4taX2Y1H7IJjYrixvEAHJHi76eoDrMIqilt6As%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef841bbf8-FRA
expires
Tue, 22 Aug 2023 03:57:31 GMT
FR.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/FR.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91dc26176d513f30cd449ba98dc1be7c524f505c097a97f5aabf81fbe9a52bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436005
cf-cached-on
Sun, 12 Jun 2022 04:27:06 GMT
alt-svc
h3=":443"; ma=86400
content-length
3014
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-bc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLj%2FOO1E6SscFLlsLRK0XrZzc3Y8gPuz%2BLaPIWJTWSPUnNENwud6e%2B3NP%2FDXCHjh83G9s3uUB4lU1BFUtf3ESjo4x9sN8zRNEft56%2FjYMgallK%2FI2HvMSjtx2SmIpUwlXFmPzu28cbqmO%2FazqYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef843bbf8-FRA
expires
Mon, 21 Aug 2023 16:40:53 GMT
IT.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/IT.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4490282172fe33bec1fc4ed1f14b746d10634720dfb9093a52ac1db383c5701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
602437
alt-svc
h3=":443"; ma=86400
content-length
2838
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-b16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0G15MoT9DwY8c3PNH%2BeTM6UCoF6z6P73owRYG4vOI21pMIG2G2CmD0EPmxX2lYVHEQ7QaL244hSvqFMYItsZuug3ZYL1WzCh245Yf6yZcRCUEot5vNX7QIJ8AehQ8tm35y%2BTbml5kM1gZcWk5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef845bbf8-FRA
expires
Tue, 15 Aug 2023 12:44:33 GMT
NL.png
www.idrlabs.com/static/i/test-flags/ 		145 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/NL.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52bf2ccf4f60e9256e0a53ba17aa3dec5927fe74dee5476066bdd704ae43b70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
601559
alt-svc
h3=":443"; ma=86400
content-length
145
last-modified
Sun, 06 May 2018 19:51:07 GMT
server
cloudflare
etag
"5aef5cab-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX8%2BnvXdc%2Bl3dduOPXsSPhksVZAjtLoBdIq9ohoMdlbNkYR6sXy4uB3054BioHHc3LK%2FScjEukA8%2BCq1dnTWuZqvjQshwNKd0ZabJ6ksDImFnfm1Q18pmXSax41M2GaTkLlBf7ZIXsgnpBe7WvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef847bbf8-FRA
expires
Tue, 15 Aug 2023 13:00:40 GMT
PL.png
www.idrlabs.com/static/i/test-flags/ 		138 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/PL.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465ca6bd59306caeeabd0293a7138e20a6c8121417b8f02150c2e7d7486ecfa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52146
alt-svc
h3=":443"; ma=86400
content-length
138
last-modified
Thu, 03 May 2018 19:03:12 GMT
server
cloudflare
etag
"5aeb5cf0-8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNzlkizBOnr7ia02KbLvE%2BrAngPRmeiABOx1YHxNYd3CumeBbwODoL7jK7Onba0TdQx6htyXLj%2F6VTErckS%2BDMRgaCITbxy5DpiqqX7fkHXaXXR081FcUq%2Bj4AsgU5tkL76Zj9Hyb4kjvl7Xw2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef848bbf8-FRA
expires
Tue, 22 Aug 2023 12:37:26 GMT
UA.png
www.idrlabs.com/static/i/test-flags/ 		137 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/UA.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46940175ce1083199c26fed62228636bbc3a8bc211e1e3d5bfd0964abecca868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52142
alt-svc
h3=":443"; ma=86400
content-length
137
last-modified
Thu, 17 May 2018 15:07:34 GMT
server
cloudflare
etag
"5afd9ab6-89"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmTqSEmkHa0OEuBF925T6YjID3VrACqNUGVV6bj1gWeHSp%2BtF16R9uo0Qo9NlqqISXfURdUpVzboj%2BMVupYGxWHyza8b4k9nBgRfCy7bhXrMRYHDb62UNh7zyOOogNqG8C30uCWbfJQmNy8R84Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef849bbf8-FRA
expires
Fri, 25 Aug 2023 12:59:05 GMT
RU.png
www.idrlabs.com/static/i/test-flags/ 		261 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/RU.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ca72ab43b96d7f9c3d72990059dc60ee8cca2aae09c6276046f28e24dd8790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
602436
alt-svc
h3=":443"; ma=86400
content-length
261
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-105"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULtMb7ZGI1JOaM7xMUk12DhyUFoiJ2lSCXA3CibOFc3qOFus%2BHglenLtpe6Ck15K6Jo3ybMddrlEAVjMYqUMpM8%2BMekS3qb9YFg2%2FY8L7liceMwZd64P4q3CkQKjxC6WEyDTlr8HUijPurSYuig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bfef84abbf8-FRA
expires
Wed, 16 Aug 2023 15:38:27 GMT
TR.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/TR.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432320
cf-cached-on
Sun, 12 Jun 2022 04:27:06 GMT
alt-svc
h3=":443"; ma=86400
content-length
3778
last-modified
Mon, 07 May 2018 17:43:08 GMT
server
cloudflare
etag
"5af0902c-ec2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfKbq62QeeB%2BEQLUKzg7r4%2Fd6Pn9xDZVgOwYp975ovelldsIX%2FGZdLOA9KWH0NBP7cdkikgFO3ZkD2%2BtfoRy4%2F19dJk%2F530vwHUrLYAXD33ePgNurJzymHki6rgSelwU7c3HSn2gkPyJ4MWW0ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff186bbbf8-FRA
expires
Tue, 22 Aug 2023 12:40:00 GMT
AR.png
www.idrlabs.com/static/i/test-flags/ 		693 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/AR.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1ef47eb0077b0bcb4a56a1e6821e58a7d318a21542c6516d648c67ab9ac2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52146
alt-svc
h3=":443"; ma=86400
content-length
693
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-2b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f3yvGsv5h%2BpvxY7QVdqi03dZT%2FicG0M8p1Y%2BtIO05dQCN4Btw8UB4%2BaGjaD5e8q6BX93fVq7UA83zFf7N9C%2FsaFkxZeBxkXtF8s4xY4NEqCJYwMeUv4ik5ron93AxfIMUkG1JlkvIFfkgZlst8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff186dbbf8-FRA
expires
Tue, 22 Aug 2023 09:05:33 GMT
JP.png
www.idrlabs.com/static/i/test-flags/ 		796 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/JP.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fac29d719fb5991328446771438c2dcfa589b20579acb8432c608f59734c85e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
430109
cf-cached-on
Sun, 12 Jun 2022 04:27:08 GMT
alt-svc
h3=":443"; ma=86400
content-length
796
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-31c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BNH3mwA6FS05TtmDrmczulEfU%2B9hesyrjrBf5JpQaptI0kiHm%2B4Dil7IStBHHie99LJsdCgBLxvNrw4AuAv4uG6FxKjZXiDjjCbCHaRYGyaXp1WRx2guL7LuouRk60YGiMDV%2B%2BA78iwf%2F8B63E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff186ebbf8-FRA
expires
Thu, 24 Aug 2023 04:50:37 GMT
KO.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/KO.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc540c1de1f3fdd9bde60294d3912bc6b83294ad1734150f4aae717a7ea8315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49432
alt-svc
h3=":443"; ma=86400
content-length
4537
last-modified
Wed, 07 Mar 2018 19:16:25 GMT
server
cloudflare
etag
"5aa03a89-11b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBzE6ALSEhfDH30LaBYNzdpPpqnXOqVsgg4LI5ISnmgoGXcrSqNqhjX%2BSWhVpQM3zhhF9VFRzxIE5VC2SFYvzzlI1GBepgaIENAPc%2F38acRwJCZ6yypZAdtC0GlmaQduY0OfC9mdhE2c0AxHiFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff186fbbf8-FRA
expires
Tue, 22 Aug 2023 08:19:15 GMT
CN.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/CN.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a830a45c53ef48930492da2bdb28b05b5a0b323ceb7aec06608912c63a32ba94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
602329
alt-svc
h3=":443"; ma=86400
content-length
3321
last-modified
Fri, 30 Mar 2018 08:54:25 GMT
server
cloudflare
etag
"5abdfb41-cf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bg7iTc9Op9l0y1sqrZCIimFVqCVzz2%2FGUDYe8ozVS5W3NuX4Grw7tCoj30bQIWXTBm81WxE9U8IEsUptfOsKXmj8PQHJsom%2FzwzVf0i6fU0Ee4YXZYuuvvG8NeQ7S1Qz4cUgnjRfwwRJMb7aVY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff1871bbf8-FRA
expires
Tue, 15 Aug 2023 13:03:34 GMT
jung-personality-test-2.png
www.idrlabs.com/misc_pictures/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/misc_pictures/jung-personality-test-2.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed1a65bffc0cac4d177df9eb91faa9d45a753109e70245fe4cd2d7b1f54a5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1495
etag
"59b005ef-d465"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM0NFJSPr6YVPzQp1e9J%2Bj18F7I2GgU%2BpYLbrii8oTgEvirjlakYG3dDYhVQLclphOxXlfPmEIjaOR2qNkfKYtSMpQ59DbumL%2Buzg53vl%2Fku87Yl1xLcdQr58qY3N7rPcHd4nzai3f3iKG4Skuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
cf-ray
7faa2bff1872bbf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
54373
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18961716780b001d953d434a5db72e58acd26517e11b80954969718a82e6ae5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29249
x-xss-protection
0
server
cafe
etag
589 / 19591 / 31077163 / config-hash: 13318944492194595103
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:30 GMT
eu-check.min.js
cdn.idrlabs.com/assets/js/ 		373 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/eu-check.min.js?v3.1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436012
cf-cached-on
Sun, 12 Jun 2022 04:26:30 GMT
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Sep 2020 04:03:01 GMT
server
cloudflare
etag
W/"5f5af6f5-175"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0eJexAkPz90GhUOUT9qeTgQiQEpo1XY016lai2XFfBfaDs1k1TGWnPvFREX0GqQndXXdGBwYJ2vgM3SsOqfK1W5KPPdL0Sg%2FB1fZwGjN1Js5Tq9YkhTNFurtXOVvH7EWqv7S%2BpPluJYd3zGWQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1878bbf8-FRA
expires
Wed, 23 Aug 2023 17:17:33 GMT
test.min.js
cdn.idrlabs.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/test.min.js?1.4
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
450832
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 May 2023 03:30:02 GMT
server
cloudflare
etag
W/"64659bba-ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOMatCyuh%2F%2FQ%2FGG%2B6CInb6nq8fuZH8IzijYxxurn3DosGP7YuNtgowMQ89HTB2DCTKsBKvXsswYy07112BKFF4%2FJpXNTlyq9%2B%2Bo%2Fb7MrUxbR8vK3KXKdszd0YYX%2F8rQC4pVk4hHVIA8kPMpL43g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff1877bbf8-FRA
expires
Thu, 17 Aug 2023 05:57:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e6f3d17742c1f1454c93469f89485be79d18986d49de4f3f72ddde2d295ace3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50967
x-xss-protection
0
server
cafe
etag
14914865525411104532
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:30 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
211cfcb14f82c8d49dd0ec6f5b20ae67bab93631d6acb22558d78e66e235c63a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87175
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 09:43:30 GMT
mntzv2.min.js
cdn.idrlabs.com/assets/js/ 		304 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/mntzv2.min.js?v2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533793
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Jun 2018 18:48:05 GMT
server
cloudflare
etag
W/"5b1c20e5-130"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTEWGgZutHuZFq37GAhOKt9zfDA9Xm5mivOaJWm8W9qzzpJMd4i1H3V6fW6tRMPda9RA7f%2FqNpHGH8cCZSeUvq723MlVFABEdqqVy9D%2Btp%2FTrDqi%2F7GkeJb7Bvh0Af2viF9L4wLa6mMCnBTZl84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7faa2bff5c39365a-FRA
expires
Mon, 21 Aug 2023 19:07:27 GMT
logo-2--banner.png
cdn.idrlabs.com/assets/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--banner.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
528756
alt-svc
h3=":443"; ma=86400
content-length
19975
last-modified
Fri, 27 Oct 2017 16:12:45 GMT
server
cloudflare
etag
"59f35afd-4e07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJmWSDh6V6iq9v09cZ%2Blb%2BABqAIS1ZzM5W%2B8PHyRttW33Kvs4bG3tj1QHMXvUKH4YtTe%2BEa%2BOiV7fUO4KERugeHZW0E17VTCQGMmE%2F9q%2Bh3ClDp3ZPrzetVT3ft6XtQD1WHdrpY7nS8iyBzK7lY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bff8c69365a-FRA
expires
Tue, 22 Aug 2023 12:02:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 09:02:59 GMT
x-content-type-options
nosniff
age
348031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 09:02:59 GMT
fontello.woff2
cdn.idrlabs.com/assets/font/icons/font/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/font/icons/font/fontello.woff2?18854377
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5

Request headers

Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536901
alt-svc
h3=":443"; ma=86400
content-length
17944
last-modified
Wed, 06 Nov 2019 15:52:27 GMT
server
cloudflare
etag
"5dc2ec3b-4618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRahVDZx%2F%2FrBtaY%2BXcr2HsH2fq6ucAuUpETBEJ8rs7I1XEmbczOVnTZBWCEFBLvs7HT1f5Kz0rvizPsyNwMGD1jYqliEDuDHcbeus7uKy2FSXQF4MIad37cJ9DBGanELl4Wabr0%2FwCJMF%2BIwTd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bffda1d1b9f-FRA
expires
Sat, 19 Aug 2023 04:18:32 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:49:41 GMT
x-content-type-options
nosniff
age
305629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 20:49:41 GMT
logo-2--icon.png
cdn.idrlabs.com/assets/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--icon.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
530893
alt-svc
h3=":443"; ma=86400
content-length
3767
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-eb7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGkib7qzYZeSco0pqJMZYLzRYo8q8ZirIYCGale24KXn47bllXods48LoHhY1s%2BRxo7EC4jkRwvrV5AABiK%2FTF3n%2BvdgZXRa2BiEa3uAer6PM2%2B4wNA7yUPQZVwBtCkagUhdncieD3CBFdr9xTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7faa2bffbca3365a-FRA
expires
Fri, 18 Aug 2023 12:25:20 GMT
ajax
www.idrlabs.com/ 		26 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/ajax?action=eu_check
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6eHrbwdU6uXAtM5Yl7rV1Gg6y6%2F9s3oyn773Su0TKK1VH0Sggu0IIQ%2BhusabsSinvEhPb1rkUxmrrnJxplB2oMVd8kNdQFFqPSJzo5q%2FAJUOgxGmuDYvyU9uPpN8ByKHJVe3VUbAi7hPALB86g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7faa2bffecd9365a-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
test.php
www.idrlabs.com/ 		507 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/test.php
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb12ff1ef64df73054510365da294db236ec57a064866d14d533530ff50d461
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fvf4PLDu2lE1WOa3DdmvfOl9kjxMQDrZ2HPKa%2B3L%2Fl4qexCTlN5%2ByBOzj8H65ihiYvM4Biys69nAGdHf0GXIjD0D0%2B9%2BJpIGa%2FCDxoPi3XyuEp2i8wkUW3Xusfv7XAKEedoVh%2B5e0uJdlX2wjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7faa2bfffce6365a-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WZ4R7WY0KV&gtm=45je38l0&_p=240934623&cid=1807107546.1692697411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692697410&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&dt=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 08:07:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
5737
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 21 Aug 2024 08:07:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame 651B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 21 Aug 2023 10:36:42 GMT
etag
13776922816869014096
expires
Mon, 04 Sep 2023 10:36:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/sitesplit/d3/smartzones/0.2.1/b/d/ 		605 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.2.1/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
a41f39bb11466de410dff10abc98d5f3f0b1fea3b27c2293a1756e9c0a7da2cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvY80oJW_5OLTJw7m42PJIiXHweYMrKUL48Fh3McJ6VTEjD8B_e_0jRF71bTODW2nLVl2BIPbi5K_NY8yBqOAbgLj-GQUgH
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1692679651970345
content-type
application/javascript
x-goog-hash
crc32c=3EFV9Q==, md5=kIPj1V2WhoPkQomB+hbY7w==
cache-control
max-age=7200
x-goog-stored-content-length
619082
expires
Tue, 22 Aug 2023 11:43:30 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
age
2673
x-guploader-uploadid
ADPycdvKjUVKGKE6o80eFbP1SHqNNxYHD0n2qhCoxhJIL_GWBiQMO_SZKBwV3Er2odeetsQjLsh680MLQHkcwwjqP9aW5Y92Um-X
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Fri, 16 Aug 2024 09:43:30 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
62a4781ecfdaf083e70e20b79cf983e9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
79700
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
_HqGa_Myr76cUnl0uI5TSmX3Fp_il1h5vo5_2JO5KbQI-_Q9ZkENtw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 02:29:26 GMT
content-encoding
gzip
age
2186044
x-guploader-uploadid
ADPycdtgQcQ5-IXNGnj-bizVFPypnO5rWXUHHepVnzEiAeMz7KZUZ57OqZuzfW-lDA7aFwUvM3c09LWW8P8XbazHPZIusw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 27 Jul 2024 02:29:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		690 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4267630057295154&correlator=3386084309604503&eid=31076475%2C31077163%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=18190176%3A21807321066%2CMCM_Validation&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=2606464805&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692697410682&lmt=1692690210&adxs=200&adys=3050&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=1200x1200&msz=1200x0&fws=0&ohw=0&ga_vid=1807107546.1692697411&ga_sid=1692697411&ga_hid=240934623&ga_fc=true&dlt=1692697410366&idt=289&adks=604239422&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef0d0ba3266f303f74e5f3d5ac99b1657e2ec8c169d7339b7aa5d8d24513860a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
349
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2483 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
Wed, 21 Aug 2024 09:43:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp&cc=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ddc7868c27e2927490a65faa417940982ee2a765b06d08e111bc71c437e0fd18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-grJMrUo7jrdsKTAFBsBpPeYjlY8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 22 Aug 2023 09:43:30 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.idrlabs.com
location
/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.97.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
68a8499c1e7702c56dd915220fa96c91b7d8ef6514769f8b846c52c9d1bb726e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
x-server
10.45.26.58
access-control-allow-credentials
true
content-length
60
expires
0
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 63C1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2817
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
Fri, 16 Aug 2024 09:43:30 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ADPycduDJ54YbyF83KXX2w27GE06jI-qfiPWVrFfCGnxtzCt-UXIh1raO6p1VhnY0U9xNfLBDqwoQHV8DL77T_svETrLfXb8_qb5
mmt.gif
imps.monu.delivery/ 		37 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=p.d.l&u=FJ401M&d=%7B%22c%22%3A%22DE%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2Ftest.php%22%7D
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:17 GMT
age
2080034
x-guploader-uploadid
ADPycdsYMblYu6arwAmXRARktbvU5RTh8AGoKKXLJdCIcFPG1L-d02RqRQyNL243lNcnkCeNSQ1_JkbhkPPcYmgQgEoghAFQSHt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 07:56:17 GMT
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		398 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e588117bf41ae6c28d5f9e0359a3ac79dad1a8351ce105b92ca056d4cdd1972

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 08:33:11 GMT
server
cloudflare
x-amz-request-id
NTMDKBNNCEHCKWQC
age
872
etag
W/"eed7d6f730d1bc7c8fb4a3b2a9ee99fb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7faa2c035d4c4d9c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/2KOM3awuukR1Du48gLPVwBm23Sr3g0DAECzu5svVVMyEuz0RFOJJYWfi38oLE73s8PtHsmzVE4=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-117.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
S3vVyNvHm.ARP_H4AY9j2FKE5N5OmuNx
content-encoding
gzip
via
1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 08:47:43 GMT
x-amz-cf-pop
AMS54-C1
age
3349
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 16 Aug 2023 12:39:57 GMT
server
AmazonS3
etag
W/"9ede2bebd0fab2fa445272da7e6bfa07"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
WBucTYLaygGirargYxW27mV-Zo1QC-DbYOmbRGz1rCWZrcChUOBrAA==
76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
config.aps.amazon-adsystem.com/configs/ 		537 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-122.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6d371ea6cca532d1e3784d54160b66bd5b057b80749bb3423a8cdfbb0cd5740a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:22:23 GMT
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
1268
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
TjB78PIchM4L1qwx861vkxT2JW6iC1AkhN3szxMAtDiYigGF0Xmnbw==
publisher.js
client.aps.amazon-adsystem.com/ 		232 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-111.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d0091bf01bcf43c0e5f328b4dd477a15d5e0c2bdedb9e8243b20bd840dbc6ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 08:56:44 GMT
content-encoding
br
via
1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
last-modified
Mon, 21 Aug 2023 18:35:12 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
2808
x-amz-server-side-encryption
AES256
etag
W/"cd090173d8eba3ca4f0654e4836a86fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
a17d_Gwtf_6tZ2qOPmqd5I0bP3KxXHDywgwFUsIf4u5AkbZsykRddA==
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=s.d&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:17 GMT
age
2080034
x-guploader-uploadid
ADPycdsYMblYu6arwAmXRARktbvU5RTh8AGoKKXLJdCIcFPG1L-d02RqRQyNL243lNcnkCeNSQ1_JkbhkPPcYmgQgEoghAFQSHt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 07:56:17 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=s.d&u=82db8863-a5a9-4646-bfc4-7efa7ca1ddba
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:17 GMT
age
2080034
x-guploader-uploadid
ADPycdsYMblYu6arwAmXRARktbvU5RTh8AGoKKXLJdCIcFPG1L-d02RqRQyNL243lNcnkCeNSQ1_JkbhkPPcYmgQgEoghAFQSHt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 07:56:17 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:17 GMT
age
2080034
x-guploader-uploadid
ADPycdsYMblYu6arwAmXRARktbvU5RTh8AGoKKXLJdCIcFPG1L-d02RqRQyNL243lNcnkCeNSQ1_JkbhkPPcYmgQgEoghAFQSHt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 07:56:17 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame D3CB 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 22 Aug 2023 09:43:31 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
5IjvKz0J.50cIikUGQo1jrfh9HyrGtVP
content-encoding
br
via
1.1 7759c849c7040f0b6b78f9d2199c04ca.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 09:28:17 GMT
x-amz-cf-pop
AMS50-C1
age
915
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:25ed2a0f-4360-4a94-a56b-3f7229d7df17
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
4bd975b8fdc81a3349192e248ce3e92f
last-modified
Thu, 22 Jun 2023 08:07:42 GMT
server
AmazonS3
etag
W/"2d5e9fd681541ba76d4e6c18fc669221"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
38aa63277a2cdadf2140d9dfc174efabc77e6e7e54482e1fd9a3fc32be748916
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
7g9PwI3aDpzxJNoQ50egc9RlTidlRDS7rvchgHDEqr3XwbAEbBj2WQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&pid=5HAw1tsiFVxmd&cb=0&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba_1_1_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDH.C%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
H18A0K7MMQCR8KKFEXGA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mEaZcjpNr166zUHgZMNSFwOdQfdvv1ZZ_tRAgUk6Is-cxVAvWiY0DQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgp...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Fgppapi%252FattemptSync%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 29d6db1b5ecb170f22487453430df556.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
GS4D542AX7FWYB86959T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
gjIrdRCQb1uTTNwQ-10jmoQWnh-_j-zN0MjGciygzB4Wvlo7-SU2vg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&pid=5HAw1tsiFVxmd&cb=1&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDA.A%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
A6HNSPXK6AW4EMS57B97
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eX5UxciyaKEC_Vy43TDrViG06bTdl8jK9nURwnSVnt6gxsESuldjnA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-189-135.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 42dac3d09c367576dbfe5b6113ecddce.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 08:04:11 GMT
x-amz-cf-pop
MUC50-P4
age
23898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
OmkQV1m7pWb8pKBVES5b2S8blZ_Yvbu8sMiaSMD2mvJDgwaTEkGh8g==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
271KXRYMY7KB58HP
age
2911209
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7faa2c040e194d9c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WV+pFUcAtievoB3WMrYgZ+iuhArXaEUSC+L2k/4nRWuidI+2PEQCa2Ych8OX/oCB4Dj78tjBb0U=
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-36.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Tue, 22 Aug 2023 09:43:31 GMT
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront), 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-apigw-id
KDlylHJJDoEFXEQ=
x-amz-cf-id
4--ZxcsQy5YJzgwYqUUXoHKtWyvdGaxy8ypgoAvinM6xKOxB-tICrg==
x-amz-cf-pop
MUC50-P3 MUC50-P2
x-amzn-requestid
20c6f3f7-f6db-4d23-aa19-e94629a5bb4e
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		28 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-36.muc50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 01:27:26 GMT
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MUC50-P2
age
29765
x-amzn-requestid
ac2462fe-72c3-454c-89d6-ad30422c64c5
x-amzn-trace-id
Root=1-64e40efe-0ab6db1e35ec5b6f113e18dd;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
KCdHvGdoDoEFl7w=
content-length
28
x-amz-cf-id
gS3EG50R7G__DcHspcTPh1Qoc5V66uEj5JvhvEnXNt1hQQPR0yXXZw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&pid=5HAw1tsiFVxmd&cb=2&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDS.B%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
M1AH73SFQWXF5KNXS1KB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NCLRUqARkedqtLpcHszpnqKGNPEzH3lm4xHRjAJtuU4a65frQ8r3dA==
config
c.amazon-adsystem.com/cdn/prod/ 		759 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.idrlabs.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-189-135.muc50.r.cloudfront.net
Software
Server /
Resource Hash
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:07:03 GMT
via
1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
age
9387
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
759
x-amz-cf-id
X5AtP3kauuMvaFX400gQEDuh0WMCeW23mjJZXGLBcbK1Ivkm6MDptw==
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4267630057295154&correlator=1281746303770475&eid=31076475%2C31077163%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=2&didk=3548844799&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697411345&lmt=1692690211&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1807107546.1692697411&ga_sid=1692697411&ga_hid=240934623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9fiC5aExSABSAghkEhcKCHJ0YmhvdXNlGOT5guWhMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lZbWRDYlZrMU5saFVOa3RhYzFwdmFqQm5lWHBSVVQwOUluMD0YnPyC5aExSAA.&dlt=1692697410366&idt=289&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9__notchrome%26hour_browser%3D9_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3D63%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26amznbid%3D0%26amznp%3D0%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=615838248&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
586337458196a2d923f31a53fe4923bba48c04158dd434f9526dcabf7f6a0349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11073
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4267630057295154&correlator=2832542557100015&eid=31076475%2C31077163%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDH.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=3&didk=2684580623&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697411359&lmt=1692690211&adxs=343&adys=647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=320x0&msz=320x0&fws=0&ohw=0&ga_vid=1807107546.1692697411&ga_sid=1692697411&ga_hid=240934623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9fiC5aExSABSAghkEhcKCHJ0YmhvdXNlGOT5guWhMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lZbWRDYlZrMU5saFVOa3RhYzFwdmFqQm5lWHBSVVQwOUluMD0YnPyC5aExSAA.&dlt=1692697410366&idt=289&prev_scp=pos%3D3%26monu%3D320x50_A3%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9__notchrome%26hour_browser%3D9_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3D63%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26amznbid%3D0%26amznp%3D0%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=588019753&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2950d207f5e20d7fd3108cb75d1a877d8584501347f491fcaa87e32a7758e78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11295
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=p.l&u=bd54a1fb-1ef4-44ba-ab83-7f8481ff624d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:56:17 GMT
age
2080034
x-guploader-uploadid
ADPycdsYMblYu6arwAmXRARktbvU5RTh8AGoKKXLJdCIcFPG1L-d02RqRQyNL243lNcnkCeNSQ1_JkbhkPPcYmgQgEoghAFQSHt4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 07:56:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b7a5cb0b0c9b00cbe62b68b79e4b2a554559ea00e43e0e27f0c187bdbca0c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 29d6db1b5ecb170f22487453430df556.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
P70EKPWR71T1KSGTJNW0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
6Wulk8v5b6FD5V15ir6S-hNnZYYSJzaa1zmKO9jTQ1ScEb4QL0I3Zg==
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4267630057295154&correlator=2679998542963709&eid=31076475%2C31077163%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&didk=1331039052&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697411376&lmt=1692690211&adxs=353&adys=1206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1807107546.1692697411&ga_sid=1692697411&ga_hid=240934623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9fiC5aExSABSAghkEhcKCHJ0YmhvdXNlGOT5guWhMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lZbWRDYlZrMU5saFVOa3RhYzFwdmFqQm5lWHBSVVQwOUluMD0YnPyC5aExSAA.&dlt=1692697410366&idt=289&prev_scp=pos%3D2%26monu%3D300x250_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9__notchrome%26hour_browser%3D9_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dfalse&cust_params=page_num%3D63%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26amznbid%3D0%26amznp%3D0%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1037148090&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1284e975bf9adfdaa9e0a07dfa9807df5df5fb550908a53056044aa6627578e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11871
x-xss-protection
0
google-lineitem-id
6151851248
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138410129707
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
2QBKQ4QA32SP9CMW
age
3256
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7faa2c05ae641e4e-FRA
x-amz-id-2
hAO4vpEQ8oqUmikiIdl6fb/V8IFLCXiSJ7HFuklOuHrKgCYv5p8B5/3DBpnMUqzB5t8cMcUUJL/IXzqIJmno6A==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:43:31 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
2d6c711b95fab6d5b0d8674ff96c7a10fdf010ad71bd2391ee59c89773a25a04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v2
id5-sync.com/gm/ 		276 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
d064631b360b5bf25cf62aefbfa660da59d569608488f2de08ac852aaf9dfba1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 912F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13453
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 05:59:18 GMT
expires
Wed, 21 Aug 2024 05:59:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 75E0 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29704b449c70299c45d5833bbb033f16209f6ee87e6e4adf3fc43997aca14ac3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--6GYjbnLeipJ_x12MoaMSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce--6GYjbnLeipJ_x12MoaMSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:31 GMT
expires
Tue, 22 Aug 2023 09:43:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ats.js
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-106.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a85afb7e1570cd2c7ac5857e79f8af2ecd5a2c9dd05deba5fc1e195fb34a096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
_u5OgUKRO6E4zXknj9RVRr44BtTSMsyc
content-encoding
gzip
via
1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 09:07:37 GMT
last-modified
Thu, 17 Aug 2023 11:55:12 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
2155
x-amz-server-side-encryption
AES256
etag
W/"7c33194ae1e9d64703ba9daf76065961"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
G--4NO6N3nS7jtC0wyg9MkNm18syRfAEZuZqeZEJQC9VtlJ7VRtUTw==
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 912F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 75E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=4267630057295154&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 3730 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP4T_tMsc0zfZ4Endvntnx3uN0jHwnhb7mLd6hsJpAmvBvq1vAcc3cyZ-L44J6rhxgafRmFaKvq65UWFvJMQqI3Pl82Da5wPin8inlWJXppqP-y_YJyntFytTo33TqS5JX_VGEaPvBbwv1iRThgV7YZBh0dpE2XA6kwy9gx_oP02SdpVjsL6qNQl-BkwINwoY_geRGglrAqyAXzeGIasWaAG4g9khYxuD84RESp4qYesFn4V8O6Wj-q3RfRFNDj4rO_1a3QxhiCxYRdPyOW-LhYqDwzGXWV-LnCR8LWL-WvEAM67wYV3NdAZz_8hFoE8U2gX29dL5IM5_Sn8xGhgeCAta3AZNMfJQ_JZQWhg&sai=AMfl-YT3b2ZvyFmHbEVLOPsfX27SRa6MYeC3UC-R6q3FVN-8-YBuJ5MHpS-8NvXmnTY5zOm25V9TTFtagoQGaXnzxEvQQmlVfPdFUPRE0dxImMuVUkuFpYC2xmAVF7V9Lw&sig=Cg0ArKJSzNytnb1ceRuQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
smb-dispAd_300x250_single.js
saambaa.com/widget/gpt/300x250/assets/ Frame 3730 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
66aff2c68283a6079a74e741d89f6d31021261276178f2eb15ae9b3041c5fd7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 03:55:21 GMT
server
Microsoft-IIS/8.5
etag
"805ad37b3ecbd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12652
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3730 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:31 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=p.f.i&u=FJ401M&d=%7B%22c%22%3A%22DE%22%2C%22r%22%3A%22%22%2C%22p%22%3A%22%2Ftest.php%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 11:44:16 GMT
age
1029555
x-guploader-uploadid
ADPycdvoMF-ST2uOlg7dSb9YkENOenFO6zreyZbMZkDv3dgFYepj1N66MpvHqKMhpCo-3Rkm9XULpa40zBkRV0XoUIC4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 09 Aug 2024 11:44:16 GMT
container.html
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
Wed, 21 Aug 2024 09:43:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=b54574b4-e4ff-433b-a0cc-31ffa5570cde&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 11:44:16 GMT
age
1029555
x-guploader-uploadid
ADPycdvoMF-ST2uOlg7dSb9YkENOenFO6zreyZbMZkDv3dgFYepj1N66MpvHqKMhpCo-3Rkm9XULpa40zBkRV0XoUIC4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 09 Aug 2024 11:44:16 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&pid=5HAw1tsiFVxmd&cb=3&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDA.A%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.37.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-37-219.ams1.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
x-amz-rid
PG2YQ7CAFYYKVG27PBZ9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
EZwMn6GRaVG1Zqzp0Olwy1m3lljiDlXNMdkvQt8E186FQ5UuqvMLIw==
generate_204
tpc.googlesyndication.com/ Frame 912F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fgCy1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 40E0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
Wed, 21 Aug 2024 09:43:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-36.muc50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 01:27:26 GMT
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront), 1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MUC50-P2
age
29765
x-amzn-requestid
ac2462fe-72c3-454c-89d6-ad30422c64c5
x-amzn-trace-id
Root=1-64e40efe-0ab6db1e35ec5b6f113e18dd;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
KCdHvGdoDoEFl7w=
content-length
28
x-amz-cf-id
3X4pKiq35yRdIL_pZXqGeidoldjzB_tlW-UTPylHFykp1xlYwXTF8Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4267630057295154&correlator=680514222485438&eid=31076475%2C31077163%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=5&didk=3549261667&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697411975&lmt=1692690211&adxs=805&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=AOrYGsnQm8Sw-ttiY3O4aW1SxTxsUV1L_lp_HMspwfn-VsM-9MvZcC2HtS_yuVlr1G4Le_5VS00eM2jWwMvNbt_PeuZIxw&ga_vid=1807107546.1692697411&ga_sid=1692697411&ga_hid=240934623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9fiC5aExSABSAghkEhcKCHJ0YmhvdXNlGOT5guWhMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lZbWRDYlZrMU5saFVOa3RhYzFwdmFqQm5lWHBSVVQwOUluMD0YnPyC5aExSAA.&dlt=1692697410366&idt=289&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D2%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9__notchrome%26hour_browser%3D9_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3D63%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2667010937&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1054fe4426fce5574dfff322066f86708fcfc8b212c7f905ee52b447e0156d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11357
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 007E 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F4BF 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADiY4W_CA1CedobHb-sOBOMGyhCkykay4POqBU16WGbICouR4SDFb9LrydFyA_897443DXcI7hAsAyHTlMND1fFUpK-kcAcAgCL3AaAMdkb3nGgXk
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17203417659828975339&x=1&ct=76
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame F4BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame F4BF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame F4BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9xGjhxpb2gDxQVKejj5lGtQQNX5Bqk2-gVRtmLIYi-2jFx2RqBr9ya6000v9ZYri-udnNIMqtI9-55wqWo1BuOt02Sg
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4BF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
pixel
protected-by.clarium.io/ Frame F4BF 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31h8ea1gfa&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERBLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTViZjVkNTc0LWI2NWUtNGJjZC1hYTU1LTAzZjFlMTRhYmRmMl8xXzFfYWQifX0%3D&cb=9900267&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.116.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-116-167.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E4B 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 40E0 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSDVPUpslwU24vM8yWNmr8hoEDcw92mKE7sSqrej_vSXQKZs7XOPViunxe6BdULo339gyQ5ifOdI8I76JQoljEf1SMpofb6pIJCWyqZTme9AKaTUQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3211120157186798395&x=1&ct=76
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 40E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 40E0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 40E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHaxNdng6pFdGXu7DectchNa22Qcv_bIcn4qzcqZ9WnitrED14P3G-wqQ6Nv6C02czkjgJQ91VzRTQL8KCoUdhhBQM_Q
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40E0 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
pixel
protected-by.clarium.io/ Frame 40E0 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31h8ea1ghv&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERILkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTgyZGI4ODYzLWE1YTktNDY0Ni1iZmM0LTdlZmE3Y2ExZGRiYV8xXzFfYWQifX0%3D&cb=359588&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.116.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-116-167.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 3730 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97e35b0f62b1819861a737133167dc6a2afde669681c65a8b204e57795eab55c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 007E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 007E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOSDRANvG-mhC3oCYkpiZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 007E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
an-x-request-uuid
6c6541c2-ba06-4338-adef-0c3416ab1bdf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 007E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNUcNGSMnw_jhBeYyPgrg7DXfBe1ftoEXRxWB_D5N72kfKnuZWkIz8L6d6kKo4M5EEzKHt6js7SoYoEOGeCtW2M82Xz85wrlSa6Q0f1R7-E7p8ifUPCg7qT3QDC6hASspZ1hlOEyXWudynfB3PBfkhuqPm5OGqhSrklrHpYFqasrG-lPnQmYWPWqvd1EgXBjUmcWZEjx
Protocol
H2
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
an-x-request-uuid
4f5a3b96-aa20-41dd-a1aa-edebea8575ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E4B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOSDRANvG-mhC3oCYkpiZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8lq7R_y-QEKw7r48kOpO8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7E4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
an-x-request-uuid
0ce0a345-24ea-41a7-8718-65bfc42a7d36
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyzN0UGdzcWnbnhubwQhrQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E4B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYoKv5xgEwAQ&v=APEucNW52ntiuU60hLuHrPesAZNRfRFiNbj4zJqimc8phRIVh0Bdfq9hEH2cZ-rh6em3JKG8TOAUo0uKcPLOS-X79VNnDD5lFAbmOKL0taKysWhBGQgRtqbsIw0jHrM-bZKO1ZOqfpaqvhtD41OYTFDrlpGD22n8ZEkIn_rNsnnRyj3LvI1ofD4
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
an-x-request-uuid
c43961c3-1fdb-404d-9875-a0c8c35f4e8c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyNTMyMjc4MTY1Mjk1NzgwMw%3D%3D
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9025981787875&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9025981787875&version=m202307240101&ct=76&x=1&cor=17203417659828976000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F4BF 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdUhj16ZRI4O8bvEwFZtaUelUEYUjFINVTY0RyBvANFpjDQCsxUkvNuBuPqX-vUCnKYjChein0wBqh1-KfQ0aecWHJzy1jkG8HyNopBh5CzVewq2XssValXE2IYnnEiR6zMn1d-oiUvbyzn9HukqHuIC-hkUwm1gIbbpFQh-hXd7EImvI&dbm_d=AKAmf-BbPiaopwmGLXJv2SJUZ_97SQm5UunRcjK3WfBW-J8qaLw21k8MBLjGY6y3j6KgrcbF_tuSiMeYvcuhgwZf2XkMjE7LWSjmuq13AX9hnUYDzeeC4hT2GhwuYvhdf_HbMUDCUTnxwHeYV-qkNkyQ8Mas5zlx5EwxV6GaLVHtqSE1vcW38nQphgAhA6jRlMSH1l8eWnz-iSN-A66DTl937k84T-qiYpp9HMreK5JNRjd9gAyl9tW9t9Z8GTf9pfbqbGmHV297KELPT8PFmtB1fHgrZ5B356uo1vBSjDpswqGlBH1WOLQai24GCayF9cbvOw1hS2BhhuNvoI31P_41UItpQzuPIRSNXS2oBEVNySztWtrIeDdQfMarWrhcRamux-A_Vr5Rg_9MKgqcYdXxdXj9GT2NMqirN9uAfocSEdXDRTqandKivq9Om3ArLiotoJsZznpKsLCgd7b6HPhJxq_WinEbto6zo_gUDCAyNN7OE3p1JUObkkpGuJGkYo5X6U6WStK6bd0I8OGSroUPkLWbkZ3WlT6GNIxHv_wmMiAU6tPVde2O6ETe4ayj7AIB20KnHf4EOPuEDCi5NIQDvOHeTzHSCV9AIfICWGz4dNCYu7VT79pXt9hoZkWzDvbWTwzMutWrlT0joFPsiEAvBXgMinNiTfhxSs_rUBNsLzA1f6svt9HIHgUNR3or3g7fxCY_EJaasbGzeRXo8dFU9GuYBbQQ3C4s18Ru5LpnfrAbHKdtFo0B5K0a6VX7FZZmGlx2sLNpXTWlKjOSVswZ5Vkf-t1M2xA7fs3hrizU_sD97zfvHlEGDdPXnQZkVyPpee0oakJ4RX8gDO-NhiJDp-gFDbNjUZ2mQpOIweqVlElwOWwSjFZM5QMqKGtmizhPLRZTW6c3oayF4ykeXei1hl-eXI2oZhEIXZ0e2oSA3SdgVg9YFTJDZrsIByey365vrUpJdPepWWNTBA-P9gmLMj9KmS-dqsudT00r0hvctsaVjKjMJ05yNMM83RX5LlnUiSyhoAKJmVc7SO2UQ86234-CdbsP534eBC0az-c4mW4SXhk3NK2eHoAgCeGt_HvCa6Y3cuf4zO6CPLVijFpTNNbSuihVxqs8rmuZIkz09enJRUPi0tip5sN0qO6pKfVhdT0e6vvSEE2VJSNefle1NS2Rwk3WC5yASaGQkI6u7nVgzaMnzGFghjlwZAqzSpXDZnpOobWwLvpQwCOI7mAu_72dWxoHxkU-yKEAzd80CP_-9Tl29D161FCmDBwLbp76vEmZNZIoKvi8UC_dNXvR3-WuRKwI0umNlKXqFwQMiB3zzC7tEC2H9lM82z0WI6SEOl0oeQEUWqK10IaMz4yB9unA9OHbOIq_B82jfpq-wivXFbMmdT8ZBgibWHS73XiCAmTLHVA-nCBEW8ofYL-1yxD6J-e9qyunZ1wnFfhzOs_27d1pZfw9hSmQ_F64-1phUbJqpeCXfCbo8uhTQFPI3VayNHkug8YPTjkgd3cvmbhFaWxRjftfUTlDDkKsaewPytrRqDa-jUhPU0GRqlzSJLFmVUuNUSgJovdBja9-T1srxwWoVG7cCF_b0ft-VwgsZQ_E-GHnnpjMJpkVn8XpYbIykQDyg4VxyOwM45BktD8ECNZjWoSqXNvApwldHbr2151bSQMh-IAPkMMtaauoaVLlJMdQCOBbBt7XY0E-r7Yk8NS4SZqWkafxrf0xq4YqKxdrspbUWxnRgM64RiBCLcFEZIUVCeEh9yUa5shAAR4zU32_F4YC4AgaD_pm_rxGKQ5jiNlAhN-wR1rS-FrWQiRdsckH8w_d8m_VUodYdCz1JTsm9MixqZUDCkjIip6y9wvur5BWflPHbI9PFogZ02hNFthH25gJnJ3bzow0mcanI1NYP4JAxKdFhg2jDU5jZdC8h252ZUv7IZkSISfsWlE6jYMS5hH047q0mUW8bNdLfWYhfel9ttHGR4jrdAFYQ639Hpiqw-_SPcSoTGVikJk7WLlAZA1qVQd_CtqkpuUNiPzFDxsa95JV6K21Tx5BXAIdu5XKi04aUhrdLb85KkoUXCge3Lg47iBRMSzWr6UmHCgwGf8t_i5jHM8HJW08wosLV5nsiypg2EM3BQ33XQGDp_wL42LyDFYe7wI73RmI5_EXnsp1JFgeYiiUDlxMhyZ0CVT03RUO4GA8iKO_g9ShzJ4Z0M5YziVa7ZopkcT3YYBi65uKJ3LtQXZ3Ln9TWoelKxCMOCUOfL5oFkItqGiCa117BNWzIcepibaBC1wcClXdYK_xJ7mlWxE81vpXeGghGZoLeyeiAm63Z05ZJiZVN34e64QiLStO_kE-FdY5ghfbadcl2M1Ua-w4XnZHzUuArt056rXsEK17kicSyP_hRqm8UZ6L6Gin8Nou14un5nzop_-zFjpqI6DxlVaDcXOQrS-ZGHuTDvmaaGXlIl36Dtom3lKQfm7_rmMgG-hsQnOvAyJhZ-kq5-5rSChz4gxQf6ByREcM8WFO451wmC3CuIBCxpRL705-VZrrXh_5OGGO13fGJsky1JJxK_3px9b4mT3ABGBqDfaHVewdgVrgOR-xLHFJ7uT_k7ul_SJf5McTTC_Ii0jMcekDw93zu7rv0bjr5lZynnph_RAKKoyrGQk9gnYA9bbow4KAhWz_t1HftOa-PFZHZKGTNX6rqy8HfvTO6-cnMWh2WEd36GmFpxMyxlOhmdfvi4xJUgMqstNHgXRWiYDAF0Yu-8odaxJHkXRLaAQf_U1gi7b1fIq8MtXfYnfUym48dFL4bXhPlS32oACWqlLvqmWLX5DaVmWHh8Yf0w1BCBpej0UJmuuI0t0NfQjW3cN_lTjI1GJSC-60IJ6TIq8d20uHK3p7ZFQvRsA4cB_brYRtnVwi4EYO-tv3SMZEDB33LMh1PpeBB8zq9XTpWIW46J54VA70cnKlwOuorOlCM5DqAXB6UdaP0FqxzXgf-JGx8-aiLudaMul16mnAB8y5ai6-QngqICdWWpEi_fxAll6zImkNcLjEZj7MD2_rcPOpRGespzkopPPFqFHVcwFQmo6i-bGMlNA-V3gDGYBqn0vqEbD3wTyfLZpB5Fe49GyfnzpaCubnxi0MiCEIKvkYny4anwSGCSwNSRJKnrD0tGm8flXszvrC3Zf-x9b3JRLdD4UTPJQC8MVN7gg8yO5QGnj-I7-M0pRK1I96mRfw3C4GLfBmLbT9w2GkO4gjwO-2vf1Mhiu6vohVJZT8krimHnNcBnto8KcKgTMeQBTqvhsy-k6wCgZLiPZ2sXIwvNlE5KqmeY2T_8UYQF799WX38CZaGQ2gkzJNNadlnyrvjO1G0pMaCRhyvDUDFaYiyCufmdLZ3Ggoh1jIAGbj96MuRgd1VjhajM8qyoMSuKtzjIRE7OJSBvNMZeU9b2svLbcsKdAgNqn92s-yFN41nU6Ih_wXy-BBHAmWEN8VPQ6rq_Oos5quOExFhbyTOFz35ThiuuH-pByeGDGEqsZR7aBdBdYHyGHaSk_BI3vj1G5sQMe8Doy72XxHGV_vjVrRJWyjBO3mH0FLFYO1SmJKs-rNBoiyzjhNcARv3DcO7jdGwyChtMovWfCNiQHaiCW5C_I-XkMl37FKc1pR4Gpr3b81_qFCkJ87RqNNSxpZAGUKYB8sTRC2QOY7Hrn7TM-52r-q23adXxI4RXnjK3re0Lpy_1m0Lv5oGNFq6rnjugFMWCLo5wv_4SIgw8JUcV_cUH0c7hmvVghW8Lyq02I&cid=CAQSOwBpAlJWfNlOpE9rTD1B2oh8l43kXz_udHxKEwlpXZtImVrHf7f1Yk5qhilnOmWZ4fLXHTVwwb3jCYhTGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=17203417659828976000&adk=3944675600&idt=131&cac=0&dtd=21
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51c7e9a23adaedfc5407523db88237755937e8e7a1bbe88c27980bb9a8327e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37986
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6473594757881&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6473594757881&version=m202307240101&ct=76&x=1&cor=3211120157186798600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 40E0 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaXwqOqT-HCmaYWEiK5ZN6c4vzFIy0LlPdjvfGKp2oznK-my7vX5_fSUh8rzcmLHDkWPnt_7i4wLNrxqPH03I2vmH1Fyxu15AzWuQWga9C-KJjlQDveCVGQzab7t5OZyNVerlTVP0_Y1eAsPb6v2gXvIi4-S5CYAli4g2JlXqPp5eJ70o&dbm_d=AKAmf-ACW6oeqqqEHeVgGIsUijO9lnTOX5DqgEjqFUhyrADAlgqlP2DWU8gCKEkcdqE1iTfH2sg8cSyR0ctEEbWoZotqoZf3KHi9IeFAbu_c_KKK0fgdyycxgap7-OhwR9cUPpfDiZmHaaYR2Yf0_6GF06hE6DocRJuRHHA8EocfWW1PzKUaIW0GcrbFTZ5waF3q6oAH2NUk-Yr1yJo2mgjp7JuDQel3-PZmJKfnxUUa26SeQvbgDA3zHeEa73Nv-k4AJItKTYvFgQgd6UjuSpYq1cSnDqcRtBiGyJVYZkKVZaXCKPc-lAVBHJg1t4kDkd4cuyLr-NCvvtUNL4NLuikTOKh-rEMVDT7_iCFhcP31TDp1yKTM4e4cBNbLbQZhTHCk3VV3_UXZ7WD23Gc8CL1RcbARig31NHO2HBvHBtB8u0cf6_37HUkMyawWU8_tUE5iGkLgMkbE3jj8cL2EPnxTW_g_1rFCuySE4FfY14fsKmUWw0OIxxjv4eTmsoDxpZouBrsG43D1gM9NOuGCbIpjHDLN-dPUt_uxMLFRGDKiFHZHndj8A4dv5fwKwkI6w78XpASWug6nSQQ2tG_iq9xXMgXzzVOok9E-bOrFDp12Cy7i8iYP5Cw-2V3omzHbOPpJUys_nmojSmaAGL7GvPMuv1H806C-zZ5PP4BFDe9VnaIk_3Rwlpnhz91GwZ0W4-0TLSShBOYSuX5XfMs8OJj6DGpb--eTkC8tal3if_LksSPfAdpMn78V9cTLGIOqu078gtRy3uxg3uR3uzHGssVn1LVEO4NJ9V9vkm-KffSTQLD3sYRj9_m_z6DZf75m9AoFp1lyvJgJVPZL_yauKNvVGqT3xGwj3bZ051luQm83ijW4_G6cBLcrPO61Ek7dos527q-Mq0yDVq-PqvieCrfxRtkDFx0EEUoRjQyip_KN9h55EeqnxftNUT-2viqfPUfpvOFpxho7KEaKQYCPl4m5RZsgJM1Epvxq7Twc3P557gVk6cokeGXrCyDyFNWQLT9rb03eIsjBaVXF0FEqM9Vgmzlf_y0ptQNVUuwrzKfLnGli-IREX2xToZr3ZjyY_cTGUUG85eLrrnn4dux5iYmAkGhpQ3T0uI6X_a9q6-04PXw3P9-O2SdKyRiU4kOuyDKKnw_8cIbud9WRs7y3lIphsAL4e3sf-FYpw_6Z_X9emQxIxn6pQFXcPM71rWqzafpZFcSf1XiCpKvw7J9NM2tkwYitr761KcNitgyGskSvST0mOWEqhjpuTNEJIuApM1a0so0hfhy0oMjAhA1d6f9SgkocoiXN0HOaXL1REc8dv0l6gHqt6CC7xO00jSbkxx6LNX1cLnsIvgNcwsIghoWOP4YvfjDZabEl0nMLb2kvsidpvhk21wc8KCS2TyUfz36QLVN03gQuLw1I-iEZjX6txqf97f5x0_CrA63IiYZT7FiHoUZH9ClUdfKGy8oMOMSuDAVHX6acEluiU7MWvnOnwdxI2SrNJAB4CEFde3-xs519LoGJ8JH9CZlQlgQ3M-qHXxYrSB3X26CbYSCDVWREpvuvm47uL8A8HbmYq_5CoXbuJGbj9Dcyo1s1CbGyVY7vA-KfMK-xY3-1SSJoRfUIc4PsXwWD9ivucMyY_uVJZUmWd0zZE0FeFLiz2hkDN3L0K6cVPVrWg3rRjn4fzsnt6YqJjOrSliJ7ZhRgRtC9h2WkQI-KCOhr_vRwR6zZN6dPJrGIamEzO-ITpWuoBcap1y-Gogqp85FACqcPR-PlTSKymJWNEH6mc5RlNyzjyrcx4-VO2fGyIV60p-_cD0PuUAPT6yzUPgojgyrhuaPS-BZnG2EZiBwcX3Rv8cJNmpHSCkqW1YnZ6dRomQXfbYejRrRH0t-rT9TVvkyP5amZrJ6YnkitgJQw__7DliX1fWH48khLQ3c7lIi1j73K2voyNGhMBtM1gHP_gViKxZKNTyA_k6r_YrZPrI61nf09mV-RKe50FdEZmNH-vkOViyiKg_VejCviUpsauGBTWsY0TsUzsz1Gzfm6adOJ4P-M6j5oe3Xfk6lqMgTrKXQRFaw5lNUW0qXHgK3E-WpruOHd8ibwVjsr27sfLQOThC7PFw3usMmYZ-E4sMiZwjYMRfYW5s3AGYqt_vvoIQ19JVgaKaVxJqrVWMYBGFJFlUZWh3H-RqJgIdeZRymyrIs_3jjp3M4F9e1GALnXCMXAesLxx1FjXYyw5wDpi8FLMM6Bit7uRC2RPZTofycpaEawNmySX872MMp0dXncLiJoCGF_HuU2wdPDTa1urQstZQCYAPlEnwmW6vTrcZi0Qp50zZa3Wj-Js6QmzrnCjDIFCD--Som7za5u5yvC9L1a1u2kTkHEOdVHcXSDVsYo7KmBeK2lgah2rMFIEdbFXkTDqLdr_rCPqeEHrrn3ShPF19LdVhwco6rpsDvkDyaOJ7NJeORWMO7202L-0NYBwFl6HryD9zVDUiWxYm182YbZbW4FYd9Ap3DfcLXlAYlZuF8oIdKfvzaR0lu99nF5IzzbyRs0PO0ugI5JQVEqoaPtKpPhUX_kre-Ph96vfJhTyho_Uu-OgTRSCZciAh12W9KDFW2kO_rHna7dvjLe8-c5Usw0fIqSDQf07ovAIL32HGAMxLCUJBH-Gv6w2_dBaBwxyU-3KA3lUDsjziZr4W5OXfuMoACjNOBY4WBvxUVkasqDpN3rnWB7hDOd-i-eJVMinL5Ucm84hG_XtgNF48ac3lsuYiM7WkiI3uUlvVuYnOvppPMV0TdPkca_NuVGgqyxPAZiNaufsn4ZhOhSCUpn1iulpHyHuAPu13d1_s7CunMehJkPxkh7F8EARPdYL5JuYLo4zcHWxCNR4-9qt-LGJwFQbJfjN4W3wTmxSZ0_9vogqv7phqFtqpLpBztQFDn4ZgObNudb60lQOSGKzAaI46b87JK493VQ5JorUKZpO2iGszCmg_Qc0mTlewBjXzJ8U-UuXxqCwMSK3oNy-Lt6c6O-ksK0OpkuDfBPb2BSkEJeAVhbynUgnRzW2bWRHyt3PEHAEHhI5nvxmSWlHc4Y-h0s34yr9gfJj9EDvun8HXGDvD30NXe2TurNzVXDPKj1TmpnL-H_hGyproeO8nA3jeF7jdorulpuLOPlznVsom3txDgc0faiC4ypjQqMkL-WS5uKJsdLEmgK6nD0pcviFzU9GRNAHp9d6NE8M1MQ_AVWar5BFC0bOrvTLhWlqox1oNmTa7VNHVFBFjne0gFnp9x8EYkpQASDlWWrwDjIxxRGwECAyP1fAZO2nCWAqPZHlxCKzv5xnMMvs9-dFF-65hrCeCgr7_2DJyssKp0WjshYoGnIhXeEvEidJDdR_NkMpTHefl8obso4RdAlsqvhYohyG5zyL1nS75UQ96ruUDsaaVfkSGNnE0N-JdBYljlR_jrj-zIAEP5nAloq-eJBi_2SDAQWl_uCRotpcNLA9-rePFSZ5XnV18nb57APIvIqaf-XJhBV_qEEZcPEd5cFl1zNulisjm2cvHq5xxB3w1Ng7DjRDy-K_dzjlTNkCI6SaC3iRbDsa9-yhUWn560awXdI3Gg1u7bHmFE_SIML2gcMGn-OV3HRCgMQ4aaXO40sYRO27EdB7qhQ7U-KmmzrMOFTDKDJk1rSOldIU4sdK8MO7OHq59xiHir_oXAtRFWLOU9d6M8xF2or0UBXdSbnwR58SBN6_P66mzuWoQ80Hqhi3I2xq7YdUtpv0Td1vaca2WcBr1lUkkidHaG4MquvceuovF6z0rZX4jlfdle-ltn6nXEHwA1hBopXuXcjrqorlVkEbqXyiKBy0x8&cid=CAQSOwBpAlJW_7-rcNKhpIXZAeZ4e9eyb8pXWo5cslxHMmZh-awU3Cgr4crcRu1372J39Sqs8Tqe5H6tlfzCGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=3211120157186798600&adk=943508955&idt=127&cac=0&dtd=3
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e06ac1023b1f36aef13764bae154da4f739babf48d41b51ad6f39f373372dc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38780
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4293 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:30 GMT
expires
Wed, 21 Aug 2024 09:43:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F4BF 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Origin
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 09:29:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame F4BF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame F4BF 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F4BF 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27EA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Wed, 23 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F4BF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20762ffee4d90ca0747920754bcd642be861d74385deb6cb4f88944da9033f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2A2B 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4293 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4293 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkfRax3vKVotYrdd5_iuKUDHTcaubNEnRNslhc3_W773UNhGFEfFunZrk64NHEEzpb_FfZe1nxYsX4dmmOvVeVCq9U3bHoKOfWkUiRq0AbIia60_Y
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4293 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8504431328828288071&x=1&ct=76
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4293 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4293 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60847
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 4293 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSu36f4B7WwhBNEMzkeFhr_y-UUhxuhZUDDdU6D8pM-wzPFrA-k7TdSpcs6rJFy7GWLIfDkka3kQeHVuJDQzYa9H44eTQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4293 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
pixel
protected-by.clarium.io/ Frame 4293 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31h8ea1gue&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERBLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTViZjVkNTc0LWI2NWUtNGJjZC1hYTU1LTAzZjFlMTRhYmRmMl8xXzJfYWQifX0%3D&cb=7442480&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.116.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-116-167.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 40E0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Origin
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 09:29:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 40E0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 40E0 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 40E0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
sd
us-u.openx.net/w/1.0/ Frame 2A2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDF-6KzSDIZ9yr2BUSD0j20&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDF-6KzSDIZ9yr2BUSD0j20&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDF-6KzSDIZ9yr2BUSD0j20&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 2A2B 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 2A2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIiXxwpBwy1rH3iVZoTH5Dg&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIiXxwpBwy1rH3iVZoTH5Dg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Tue, 22 Aug 2023 09:43:32 GMT
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIiXxwpBwy1rH3iVZoTH5Dg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2A2B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNWcsOqOxQ_QBslIfKHtoGKDEv-Ng8etAAV703RAarz1IXMvu8nFu978KM2tFIZAuGNVsCk3Wb4iA1jQSLuaObso3NIHCLhtS-vF85MVwU5eL0MkGY9pGUQIwpRrmm5IMAlHVifcL0gxxVnt2Ly3oQm1XRb2jSkMS7_rk-m4GTo9BKEL_79_UW963ejJpoe4Khauv4jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Tue, 22 Aug 2023 09:43:32 GMT
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A1FF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Wed, 23 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 40E0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
862b0015ca5917905e95ec698563410091bee3694bf88acff563200ed0645786

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4293 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=889233627218&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4293 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=889233627218&version=m202307240101&ct=76&x=1&cor=8504431328828288000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4293 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcFHk15MTE53xoB9vACGsqdOK-pQmXJ0FYVhAiZiYfc_Qb-bBltArMvhMvS0amhf0_NyIRuUCTmPGk_k6uvWzHCx1zEA&cry=1&dbm_d=AKAmf-C0DZy5AaycFm1hUS0-LT8wh318B75qPX6prz_Oc4HNe_TNi0uib2Z4qIPySo2EB2-aYBoYylCXL_OHjgq58hUFxW7uA05cdv2Q_oRBxCc_DVoA_QV0SqAZYKU7QcHa0inWgMJGefuE99XENAOgkglwiGk_cVu6f2YEAidcOmj2gYqbsExkJee2wdxNI7_TltwMBqTDP39vNcACpt2IIy0EpiqFs0Ked4bZD4qxh9761Gnlz3ogxI32GVdopko8JuLlEjOn-ryfFAh_8ORFuLZp7EsnxFU73TgsJAEMk64SMtH-yd-tVTNnV013YWG0IAz9Xe0Dw-gKg-HXPmrAJP6I7acPYvg-1m0T9q5MCZCAFOS0YqXL6pY-rFMg_0bqwz4USYkHE2c4-zzK51oPLC1plz9imCEBzXruwaeuVc0xYNXQK4Pz5AB1b0KmkuLq3Tr4AdcdX-JJsArkKdumHvWUjpCY6DZrlgzW3_bxs94emgaTL4uESMw58uadBzmYZ_jJXkg6Ne7odtLqDb23WCMpLG194lennBoeH5M2jfIXpn6Fxy3hdds_DMPukQSMd8K4_M2jNmZn2jSOjyqYgaSbZDqE_k6YnRbUItgQG4YO2O8mrMgJbA6NNzntc_JMIjUsUD5rHVJmnPY-glt3xyN1HmTZeSajzeCZcp4kZJkKCmTyuWIpQ9Z7pZyWJyNv3IjDqpVJ4DfUsMBAJbE_k4KafDAa0DsTMNqaBWQzKnF0O4XDuIE8ajRQ_O9rL60sQR01AgNDHTUF0OhkuqxV8mOzz-5v_KYnQzRnajB-yvsTUXBgBq0k3epKj19_pbJLWpG4FvwIMtIg4QNYfxpQqfi8v794eR58maw8dVNhjlybFpbPQpW2-NhJjXa65Pucnl12aVLeAxsEqIIrJ2JSF0I5ad3NpLPRGaoqC6Fs6tsAXRh9eYZwqff_cJgA5HREI3nI7-PVCHiLgAHU-xleXWXE-1cumYbc9_HXw1crn5RTesQTRsJoZ-4yRDSo5H7-Ec3sEbtEXMhNCFxxwsp_NGy69g_76uLokiICx1YlNJ8IGO_-jlrYHeb-sslrOVl4U5oB-P6xTzxwCj8UoV2ui9zP3yP3-mCMRPxOPCvn9PjC4knHqtV4zG0ts6Bb9byda8hlJwgbXe62_HJ_Zofwv_k5nBXhRA4hF-IhrXwboJWhqHQDAvB-rmV4vaFxJ2-1C8QV9qOw2ThC93vc_Cyg7Kl0zcorfAlm1xhhXzrxPPHSHMivqwEnkfkb8CDrfIBGaR9z69GlN3Q8V0ZYqYe3nP3RNOHzLaTE9GHKYb_MG_UQkoJZB0BfAWSOhm1T2o2Qt9vZUZSuEo19FkK1CVmm6ld_spJ7AqoIEe0riuApFEF0RfpD6VqkBmJ4m0V8jnHJioFMBuKJsgq9s4NG8556xCRT62BTcUOZvWPmiaAikjWgg0zH2tyR0BgySdAYp-Pf8zEQtomDKwkdbe5-l2AIVL4EooYRMaU2vcTsknFrZFzyi3m-kmlONDfLJxrl4Wtbr80Oj1zjbZMjMxHkZMoSFX09LTO9gcVZGzrwxKoo5pvYTA7u5XewiAklWTXWX8hbaKDR2ffTVsMlpUeq4_CCtduYKGyOrYCSHCqFRmlgoNbUaTdvoFuwPaQkgJy_VPqbp4kMbPumDJIoW75EOjU_Mv8Qq075HviaQo4Ijhj-xlgSj_4CXouAiSQfMR3FGgmkONZhbw7XPrdmjhYWf9mKTcOrgzC3YVVjAASZpBcYkbwG_PmHpJ0_zqo1K1WhR3pA7Z9lOJXUadPJhkw6MIa1v3wBOFNFge1hSUBi0wv6WRxRC5Ll7zqzlOpg77KwMZQ0Ne42foHkLM9_5dGKxrPBYvV3a-s8wyy9mchciBuhUIOOyDoPwR9skmz9jsXOiV0hThYmEKlQGUteSzoZJI6BHgShlELrldOjLsG2d1aiVkx5yaNTX_W9eRGCja7Y0RXj5kTl-fvqIzkcIe44YIHSQrpdpwhO1moJ4711YdSBTBz5UGpiF8jGU-31_BOHzc2klEtJP9_0_jAL2O_FgVsid6k8K_-d26I4SMSeQyCOspVyP3_uqWpcP63RTbZ8ChdMRjAsoxcjEYrcqLbUiei5jqbX8J4Ki9E0TdV5JqqNPaQz54P1FM9mjjfwz_872nTE6EFZqWq8hZMGSkWoXd9Rgj-ukRKCEIY0QLXuidEE4dW-Kvg9njQ-OcPT8PPpTCedVx4uvyv0UxwEiUHfsNgufwEn8I6WNSBXRMtEBRRPqF1AoW2TA7HABikDDORoSjQTR-VeKeFxa5C4WyA2Dd7ZDIdu2OuT27Fr83QtZWFT_ShNl18JcoAX13MY2pi51lLfAV884YEe-6X0wtbnVj3CqcGBE7IM9mV38WdxfsNUApESyMIvSmDEgqMKRJVZgKQ-zYUZknPvDqrzz4YNnX6zLnx8DCVT13ShbWsUrobZEiCuFMT7em092FHzTs91umWMYul5z5eSp5jtCToYS4Z36gitwSiXRUmiDoB2E338DBq0pnmkAvpDKBsvO8612HDYzBNd5Sp3ZAzPjc2x03W-2mVKQNkAH7dhdUXsnSD3jHFVVa0Z4swiMqiqizStbuQPID6aZcxEIcCdYWdwpK_ifC3NXpVTILn-lIf1os4cEd3odzIBJwDHmqq7vVDuA-X3MNjgHMRwj1ODKaPDUvwvxKQQDNgA9QbU2a0Tj8g9I565itGPf5qcLMnoBuGvL8Iela27dUXRiqEusqEaQ9PxPQN7LGnWaV3KuIY1I584PgoUxp3q-jfF45qV9xIUHv6pfU1ruiYFUgkl4cFlP20tHj3lu5Uov2KjN3MO_ZTxCv0FI5beyLQO3ehGHlyTv1UGPMw3Npeyv6XLHJvAebU2l0rDnBq2wk0wYE6LgKbpMWdz_5bTKSIB_aOwdXBt4o0fdT3inHVLjbtpJ0u2o3G7FdGXgiakDD1Mxb4RRSpJHPyK10eoVjcmT_2Q8Hej-58kiW43wUoOHRAGjBHnsAcFgpuAZ-3TftdzAUHzHXQ3hH0N92f9xY6VXwpxtRbVyunrqbTFoCDnZBvEnowRkmFydVubyzEofAkCR6cY_NcDXWhE3rL-U2bobvnDTFxynGbJRh6-JhKfTqfirhbCO7Moa3w34-0bYgryrXC_vntpQlUU339WDVCd7yRhdPO6ETia3nMmUEpWZEx7Ow207dyhEOEbzUL10xBP01ET5R8eYZumm7Z4nRqou5d_ZkoXR28OH3PoBkRbl-baRSGXJR2lblgyQIXPpe5p6MXByloKu2597HKdubp9S_ZUHQHk5U1o8Vyt9VywLG0ahXF-LuKAO3qabu8i5lqdB-KvvDjEFKQbuheLFW-Y2WMBfWiK7Tn-dla1wKyDN0S62DVwu7Hc4kFS7QPromcZN9AQzTW_4Ix2HPKfu6a8dp5awwEl1ROM0U3MxWCyXwqMsXAfDF2N_I0wlgcb2h2H1aj3TLGc9ROLSflRCQpTcS9d5cTJSMvdBeBRGfgfqoluinKVetCU5He_K8_-diLf5mudZprHcmyO4jvdWWVYin46_48dzPE3EGx6uuJJqnCDEz8SwJ0dasbA1yOGC91iSWZtroGDNvQPwnE48j0bDelgDgb4yNElEZBO2lH4fibfd2Y_1dI_p9rbMZAR2A&cid=CAQSOwBpAlJW0I6p-4EVLZQqD9M9x56BdqYp5YfkEZcxMeZ8VGHCwDiu-uNc4Kn4nnZPYBtSlPn54hRXQMm8GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=8504431328828288000&adk=3690638929&idt=84&cac=0&dtd=11
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3b7b405be44320e2e98f5de6b3bcf1438b8f9ff6dc14da8be88c5c7797e0264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37795
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3730 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 08:11:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 09:43:32 GMT
select.css
saambaa.com/widget/gpt/300x250/assets/ Frame 3730 		1006 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:29 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispVidAd_300x250.css
saambaa.com/widget/gpt/300x250/assets/ Frame 3730 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:29 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 18:27:33 GMT
server
Microsoft-IIS/8.5
etag
"805815b20b1d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
3071
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 3730 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=162963
accept-ranges
bytes
content-length
78875
expires
Thu, 24 Aug 2023 06:59:35 GMT
0
api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/ Frame 3730 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/0?callback=__smbcfgldr300x250361702
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3cd9a213004999a2d782dfde079bea21a6d9707f1d45dec06b171677b9658c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:29 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1460
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame 3730 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30775
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRQS3lxNcTEua%2BAXFFKtHzjclonkgZP1LWJUqWyTC6ktKurmS%2Bdu%2FcZG673oBaey6%2Bx6k%2Bkn%2Bs5X4TJwYJls6Ia13XBi17BTJa7zVzJ7Nk2%2FqK64IQ7TRuAhNrm%2BAtWhhwhS%2BaT2tqoJuGT1zTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7faa2c0dfdb3bb71-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3730 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deca804193520d2723c0c93f4ff2971cc871ac025b299596da12af15e92e361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29245
x-xss-protection
0
server
cafe
etag
298 / 19591 / m202308150101 / config-hash: 13318944492194595103
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame 3730 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 3730 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C8DB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 27EA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENDXJTQlvNJ-QFjfNApC-Co&google_cver=1&google_push=AXcoOmTd99yqELp91hM7VCzLB55rqcPt10VGcwiKRSmYr2OBZ8xYE-mZ7_EjqHdteAQaFxSsf2sy64ZEGkzSsKxmwG8uHQ5o9LW-YQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE0NzEzMTAyOTA5Mzg2OTY4NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTvlBX6AbTHnroksV7CFy8&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTvlBX6AbTHnroksV7CFy8&google_cver=1
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDTvlBX6AbTHnroksV7CFy8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 27EA 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAyK_Sf9EQYsU5wrzmbZe4I&google_cver=1&google_push=AXcoOmRGQ4EnFOGQEVR5vTvxLGUs99MNqTXUv35UwqjpxkucWbAEq0_ASVg7YfmrNcn6W_42AjBuLGuvSN-9A9rly1uSmyk0cuC32w
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27EA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIeuk0-I1NY3tX2pe2k5s44&google_cver=1&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVf...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVfjOAqwJmd4_hl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVfjOAqwJmd4_hl
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x31 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmR3tu9ksPxa3RkGtnxC7jdK3GLiRQyrz41JIa2Z_Tp6cTCM0aIvYOZysoUqqVow9V-DPogKbbNGI5uF0pVfjOAqwJmd4_hl
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Aug 2023 09:43:31 GMT
sync
x.bidswitch.net/ Frame 27EA 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEt9I5sMZcPfdS7pdPJxHhg&google_cver=1&google_push=AXcoOmSLgRxd8LD_r4kSgMzf9iNuHABAOoRffKx6WZnq7oS-oWqVeGOc0SN057w57ua1JGrxTeWkd19XKbD3Ay3xDEIHrDFUsWU6ag
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.228.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 27EA
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEKagpLP08JMtlvTaGuIL98A&google_cver=1&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg&google_hm=M21TN29ISGJiUEhJcn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg&google_hm=M21TN29ISGJiUEhJcnh6RGFXb1c=
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQeHig65Z3cMEmEDjpzSBwrRFp8stj7CWFnQCFVYLG5NVBflT6myiPBigLoNZHl-m8nttHDQcOk5mLaHroAkxydJsY3BvAfGg&google_hm=M21TN29ISGJiUEhJcnh6RGFXb1c=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 27EA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDge3cYcQuUFS3yRgblC7Ac&google_cver=1&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7P...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pcz3g
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmQL94Cw1xNceSYmbKWADqKwEdPL_nOl4Ga7FKUrNdghu-kyq7IEqYpr3CcRpOCS6Slb_wxrhZLkhzvfdQNYn6Rb6Grb7Pcz3g
date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 27EA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESELs79SKV7p8qoisrTSfteYM&google_cver=1&google_push=AXcoOmTEfGKmKb2rWyP2soiUiMhdrkWE7xjld0ZMbrjDe1SEg6uQA2-DWnVJdBrONYz1RqZ5ud_cRYa7hYq...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTEfGKmKb2rWyP2soiUiMhdrkWE7xjld0ZMbrjDe1SEg6uQA2-DWnVJdBrONYz1RqZ5ud_cRYa7hYqftqfeeN9rq35Mv4pwDGs
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 27EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0HvSydmQpUnRFpYhDpf4FByL-pg7nYIb2vllGmUVmPzZriWlH7W_BQZS5rgSAdpi5a5PXWQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
de-DE_2023_07_Back_to_school_728x90.html
s0.2mdn.net/sadbundle/18219021426269093888/ Frame 1450 		2 KB
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
697a3a6e1f4f817493fe4809b2af09c5c05697d3899e6b0ed1f7375366898f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
871
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:32 GMT
expires
Wed, 21 Aug 2024 09:43:32 GMT
last-modified
Fri, 28 Jul 2023 11:21:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F4BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbuWv2BLXEOoChPG4xTnBUOaDJnLu08EcifpRgr4jmi2Or2LKquyVsrFHT0TOcZmWZdz9ngyaZrV6zDQvMwcEZbqy5kEwp6e3fvBzHN_V4wnzdYEXq0Q63p6zlKZ3mHouQ0ivFlqUbkXfGcgKx6rzV-3tM8AsBWQOBYBO84VNiLqrwNW9efa3AqirTJ3nDd2UIkOt5WySWnVw42UpK-BgrtNUM6XJpja6Vef9oX4SaHLQ4zOvMvgh9YrGBbhIUY3sFmhEY7fKMS47sX3yVdoDCWlWtwxDRQkYPufq6nQXTjwn2XAHVD-yLKXWsVGKaPZRD1NNZcbKPzuiGrCH0SrtMZK6PgnAkrlfUFjSEvTwkqV7R1SQ_9xVayvTsVl9Pn1eY_crgj0Y3cGE6Y5UlMe8ypX1zsn-Gp-Q1t0Hc8hhAIEOumF7KXR5zayXVCZeIklCChxlZfFrMiI3uSSrPk9sV_3CDzcZPtep1nMsIXLjUSGN6Z6rmaOrNoSCR-klPuIWzFymERB_g7f5BCCtVcWuxMGQEJ9aY56ac7PXfH048gOPD-nmcpeKgtklum5FQUUuvbR4cdqh4fBSSTs_5BFBXjViJHfkteNM6D67_96qGu3xOAxJj1t1DMBuM7xHXcN8pjW9uF8lDyhZ0iPJ0kn4v-3pDfs4jf0jV-abFPaUwF4Sc4kWfgjbfomiLTuw7Aou_4wB_gQge8SzAKijpRo3pUuI7hAVYbxpH0JkPCRuW26nRYs69h-kReZxoCFqtMv4yhaEu9JGLHTRK9vt4VMPzLEwj8EtMGvo4TWsbpWkirKDiT0cmTanLPhKY1bWXaMkxs76yMIk8oxoN1AsC04VljE-gKlh84d1Q3PPKQeT-8VEINiSlDYl2GjMH_MaYrZmvLD01ad-OuUwy6cpdDyeScYpu5ARyTultOy8Ur2PoY64lBrkVmHy7RHFJHgiHuUUj_aNeRGByu7DjNKQTHILgNfXwrQnd4vL6banJO6W3pZQt_Ivwo4_jHuHY8wkhRWPEouW1Zh0YsxWPixifuECOSQChdC3_sagt1bg_3dM3CrQGwzi5c5lYex_Ai5plJP0OHNWu7jtIp1OVPZrFySYHkSOmYLRCU3wOigT115Ro5o5QTajPNbr6JBijM7Qena_ri_UqDgV7iE7S9HXAkhVyGe2rRtwzBAXZsVp_OyPliiPXrndB2JAc52Gb2-gJLNgWfRzXpTdbYPvPDsAA2a-88FRf-hB1yg9P5bCxvso227d9kf9Y33LFZFy5f8g918Ee9EVxB6kl8luBwiz3tCzLwWPHU6G6v1_KvPC0IHE&sai=AMfl-YRoAWAbAjYVSCz8YHaqRzucerDdVSVMp3-40PRlXaxLsIPop3cUMmrMhT-KMCcrFafymkN6R3ybpO1F69M8CC_qFcyahMB3eKf0uy6cKeH3bk9_J7Dzz-cCG8pOchM0MPrZVTRzmQC1mxv3anG1biTWs1Oa6A5BWYdZB3weL-tWTxqGQXpkFPJukgenP_kQSM5-UEsd7aiQ7pXXvn3wAgse3EFlogz2sxZ-ObgDYPU8fMm9pTc2PfV3jBwnOQ9av7QF&sig=Cg0ArKJSzBBIfoRFFTRHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=326&cbvp=1&cstd=316&cisv=r20230817.92275&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EA88 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/13992577357167395121/ Frame 84C7 		671 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d40f0a14249b5ace4ebd28c0567539c94dbcea09bb30eeb766d2445c095d920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:32 GMT
expires
Wed, 21 Aug 2024 09:43:32 GMT
last-modified
Mon, 10 Jul 2023 11:53:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 40E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7Db3gKzu42m-q0zL-GlfUq8ZsFco16zKXnwYgm-TBO5YyiWNPKk-1lo6LZSrh-5OOet6ITZvqLMJqEz7RdGZ0kPZxdfctCvlV6n6Bu_F-RRAjP-Td3abVRYlqrTTIzoHiwZqvhM4unbDf9aNBrwTztZT_WazrE57wJy2qvbu_dmQ-6P1wNI2q24kw4U2hgLhePUfclxzzAizdtDXyg7DbvcOfnO8D1CVy-usL-oD6kmXFS3U-bgljEf8EBQegcoWgbUnIuucWAUw9DNmxJPpNAJl8ig9K_u3E0JACC2cNvrFoaqM0E-ygiVBCsPr_z9DpYWSZnPQPMZ72Qdpu55YR8mx2-LBT1moDn0gLnPWQP6u-jb1Czcp3-TxCmUXLlEysMdTOyRF5ouMhFurnEbWDc2RTH3f4kiQ2Nok55ElQNIDUGFBIjt03uhL7Hi9gGntdWmknr2dOWRQVUpQC2IsYJQ9YmBePAes8AJFXrDKBaEKV8yqX7KcS1_2XrXotThj10aTwYNA4vZ1XTieK5P_9pWPm3ETVoNFE3A8VmDH9l--ZhjlmQB-QV-dmVuBR2QfAAb6KBl5BftWdfg10m2YEI-9ntdIQ2eBsWal5hlLxVaib3vbUUzTyBj-9JCBavGL6MyO_gtG0TC_kDTkvzNCr-8G13sX7zd8Ye0SLqP3CkDF4WbRf1d6QMLRmET_U5y5mCbJA4QmtYu305sobBPw70kUwv-HFVHQ2Gy3IFTODo1PD81jj-hR3U9a3LvC3yt2Q5DF7Jys50fGMpajg06awJa0079KsliXr6bqd8ruLIB7iNemmZL7FztnxQXziT8cIgTWDlbO6ZrF3SXoGDYdaxjbn1HVmxbZUCwIdc5_PSUtoDLbCW7E2wnoIuFBqwJfZyLis6XZd218p6uSkyFUlhNVkwxmO9wyxPyE4BZA3aruDPWUWCwuEVKMjXqYLLx6EkQHNpHXOrvzOYERJRvtnc_WL1wIXU5R-G9RctqQQMTV8qKlyKw9IC_0YJFJXfFKqdrNJS0ZDOZdSHcfsI12X0VcOnkKizQTBdTjJT9JwGq54vd5BPbb1Zt8ywVzxJn-PJB_TUn91WVfotWlp3NXAMJV0RIPRDEoyRnr8A-qEVknRlPGV_o5aSFnHPhGer8i6cpqe6I3_4mJpNNkLQmFXKsibO1mR7RAPjcXG4FCLXKTTMAhMlcuk0oIbrn0VpzdIUOQipypV2qiUvV_x5xGu-P3feyVRZkocIbIZRDX3JAmuVIv7sipxl_NOiVH_wJHNQxYuqjxY7BzzdJP6hCTOEGXzfmqvdlQcNdawJA6aasOFwmUF61E0n-utI6ZTs0RUrJHAtqdRMYVVJSaI4uUI-vnlb-uPrhegJKc8etKv&sai=AMfl-YQNHtNZMtnUYQfkHpTb-MTRSQQlARYK0Vj6ufo92mPj8JU_A2F5qdhATeVo8uXgoP5zrhiPT89QJIvzgegAWE0TiFf4bpMgaTB8GMOHNJbDLBPvu9uuIkCPUH8esveXsJO4MwOvUDlLkoCm_LsiTiRfGRoxaX10GIzHuQM_TiZepU9qIHlrbw6azfdUOlbZd11XLIMjWlFs-p5L0qTS4zTHL_Tu5a17LknQYPA0uPTfuuOy69m5jU_CYyjALgMh8MwC&sig=Cg0ArKJSzKaP5lSrcJcREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=176&cisv=r20230817.09406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:32 GMT
pixel
cm.g.doubleclick.net/ Frame A1FF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBIsBn_LmAH0Owdk_c4-OWE&google_cver=1&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0sYCU-mRicXbc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3A0643BB117C49CFB15E7FDBDD98E173&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3A0643BB117C49CFB15E7FDBDD98E173&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0sYCU-mRicXbc
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Aug 2023 09:43:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3A0643BB117C49CFB15E7FDBDD98E173&google_push=AXcoOmSyrh0zq9sAFHwWF6VdSrVJN0AlwczvwVRauP0vl-RHWIG1X9qqUaJ0GiJgzT5uM0Ki0Z-iykISLFUkwe0sYCU-mRicXbc
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 21 Aug 2023 09:43:32 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame A1FF 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGO5zXY-0TRea_OxUaKF85Q&google_cver=1&google_push=AXcoOmSLNLBWPhVR-Hf-AE-qA_6cvydBgo5GE5syYF38estdBoK3yFvl5MZPECi6Ogfdld4aIB-HSUdvIMV6h7C4L7W1ALH6oA
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame A1FF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEyY2JPCaxcXK1k2VcOAssU&google_cver=1&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOc...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDA4MDAyNjU4NjU3NzA0Mg%3D%3D&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOcQKP2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDA4MDAyNjU4NjU3NzA0Mg%3D%3D&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOcQKP2PawbdpHXQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDA4MDAyNjU4NjU3NzA0Mg%3D%3D&google_push=AXcoOmS4lLMSV7dAzvMLZxiCQbJBZFHF_GK0naroTfeVMHFuF7p4LvEr6w1H8VAeDRmmKb_qeZj1s4qkDLVrOcQKP2PawbdpHXQ
Date
Tue, 22 Aug 2023 09:43:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A1FF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG1YiF7T_qbzGAUYJiHG6Kw&google_cver=1&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lu...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ow6xmQE6RGmBdWqtDar_0A2&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lur-hECj6jmg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ow6xmQE6RGmBdWqtDar_0A2&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lur-hECj6jmg
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Aug 2023 09:43:32 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ow6xmQE6RGmBdWqtDar_0A2&google_push=AXcoOmSKn3x8vQN39C0JqH2tDo8mCqYfaKNQsLQfCk1LJsa24GjpR6LUs3cR5FWJXr2U-6zsBISsmPb3yxBY_2Lur-hECj6jmg
x-host
tde-deliveryengine-production-6ffbf575ff-7pfkt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A1FF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEFnNXbzj0PPDSYPZXuOIf9k&google_cver=1&google_push=AXcoOmSJy8TOHA1ej1DM0b84wTrSYj3-oWtKOL8zP5CaSbKy2jglZJX_OVX3Wz2a227vQMQ-6ycgWEH-OYudRob3_BIiQSinDWk
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817254177635
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817254177635
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817254177635
content-length
0
sync
x.bidswitch.net/ Frame A1FF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJSYAftM3u7hV1T802Km7Co&google_cver=1&google_push=AXcoOmSgEs5mOi6hH_RKhM7FDkW5gIYTCgwI5i-Heq_1xq1z_9KAhgEu9LoHifxRXPGyCDsHwSv99PUZrm-H_6W_2TUrSAYAUqI
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.228.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame A1FF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEAD_RxEiPAfQId5QJQzEMU&google_cver=1&google_push=AXcoOmRACCH92-M9QXZHbqbEBOCyXyPgKgzjxMZEDmhZ6gJ2TdUgXC4ssS1sVwAwu81pKgDiaPgEpZy3-3IkqlZWSohy-9rdWtgp
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.228.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame A1FF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8-QfYNUHL9AmejZ4jkJM-QqVSH3jpQNWsf_WdQ7A90I3URkt45H4iJ948GobWXIVvKd3dAQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=4267630057295154&bg=!s7ClsP_NAAZGPLJIZjw7ADQBe5WfOBE_iv3yRuwU2fUMEeUfGz5qgZ1u2ukFd0uS-_ZygVSS7-Xz4mtPODqh9rWLFG45AgAAAfJSAAAACGgBB5kCzL0Y0wLkApP1cWxGG8fYFZbQsX93Sktci4-mZ-JuQMVyijRZHNT1SLl7LRvf9J2Yxk7OPhdtLXNHWph3izRFAJf1p8NBkyY1khdQsSA4HyyTR95Oj6AeZ0lKuCN1ahiCNIDkiZoXCZqs8JOaDhXJVy6mn7ClQmkHY_0FxhYNz29pK1b_3W0KFLOq1br9Jfe8Djpq4yroMbHkFc00NQ04IST-XGthb_wxQKwgqkMY9WELtKpNbRKVxKcBAIF8oABf7F9JSyzF54sqLVNUyRQUlSDCHkiOhyGBroKA3outwTpGeMuPZLAuk-kGRq_tA6EhYZ8s--yMFHEwvOlkmUslXc3YkRM9aVy-L5gFj1z93QHQrzL--bJFAhSpZsKQv4B9QFSYvDv1Bepw0fB55z1JzfWvxCQeZ_rZ7uGiwHbYLYBpWMiMxGO5LJI-mAYJ-68AZPeQROqfpkAJOu5WfhBi2MwRbhYpq6bhn6oAzQvbq84_5DJc7XI8Re_-HNn3R8zWesy5alolH0wYKvMkRgBxn0f-vUQbxjNXNJAoVoTvJfNpULmke0_UZH1NqOVh81fMV4zgzVZzTH4BB8KRv1fFusszJ0Kqm2PNZ5SLfaeqbXBgcvjRwThjOerrRRUPduHNm2cKiesL_2SuTm53TXwQkfQWVmtPLbJa5MpylFaSd0O81xi8wbKwuMyrgX5WA4BHzxhHwoPWifSQwb54SfkscBYHjmwADdHNlzmXUSZRoo9TQ3m2ckRuzW20ZzQhk0V5XYCNaHwwMuDRegmJQ309Q9s0Vshi2RAxNIgDbZS_G1OnTEHAj4pmolrt0y0X7yAdZADeytZGHPl_v1CHgkO08G8PfgN3RT0jYGm56oEjukn6pyRf99Ss6YaPHU3haKR7ql2nz9pIcGtQxdxjel7HrAeER5OD2AKFkuz8hopcZrjWrNqGp1Qvsd5ppKOd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4293 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Origin
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 18:51:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 4293 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 4293 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4293 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 1450 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 06:12:14 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/ Frame 1450 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6363093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20311
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-ddb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8plfMiv3S4DzoISBrDbbzWXm3%2BXMt%2BVqWuhqIlYVxc5B9t7iYCDtB3lDReLzCyAtmNtPyNCqxpSXvvBsgH27a8RYGhA9YYE3eWFvOFzLdDRsi6LYvnpO82eWIiFXd02qEn8Fdt3CED6YhP9rwwDzAltp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7faa2c0f2ab1694b-FRA
expires
Sun, 11 Aug 2024 09:43:32 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame C8DB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 84C7 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/13992577357167395121/ Frame 84C7 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13992577357167395121/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:53:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:03:10 GMT
index-09647504.css
s0.2mdn.net/sadbundle/13992577357167395121/ Frame 84C7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13992577357167395121/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 17:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:53:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Aug 2024 17:09:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Wed, 23 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4293 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bab8a1f351f34e32542519e20b90cc955e35b5925ca7644f023e8dca2ceaa8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ Frame 3730 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:24:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
76770
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 20 Aug 2024 12:24:03 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame EA88 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
index.html
s0.2mdn.net/sadbundle/16251597516964128356/ Frame 3369 		33 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
327455a3d292c084faf64e76b8abd2fa7fb79588f1dce1c8709205fb51b569df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
536824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5760
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 04:36:29 GMT
expires
Thu, 15 Aug 2024 04:36:29 GMT
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIA9t-njMXh-5w8AX97ULDAnrXSM8nk_VBssvPZAstQp51A3zRdYUme2A_wPS_S8QF7alytQhFJIUObXI5c7Dz4YZKhNmpDvPxgmnNDXvViwvmM-mB6Z8QKsOv5Er9TxWeJT7akytuashcQMG43AWJ93e8ywgxYcgXtxJ1QEQStfv7_2MAGRb-rIrPWRxI5YU047IZZfDcLImbm-JSVGOACAOW26PDUFCoGZP7nUK4LMZLY05rXcvzH_cm1MCZ2oTHEh1VnyR6ZkiQyZnMQN1X0kSf7f4nTi741z0z1KXJVzavi7Mb2PUwZf6OVahk34RPgTlWat0acqGkCoMJDWlyuv8T2NzbND89SWlrFqLWFmNHqiFpZBvwh4jac3qXhhn0BE0A8Oo0TSgvSKswp3iVn4XsHgu6jm9mTXPeqEDSzApWF0FpXsuG_Hl-fs5Av35lRIy0v1zJh5GkmlvPrLpzNGc6wdlkPbTSkmwUcfdovCZini04WIwDPCHnn26ZbKUIpfbxDFba68H-HMB0DeSB9aPpjxl9U6A0uFSwweo-lYa9ZgHiz3cM6xEEl-m0Fd5My3eClxoluqMlTmSB_5HBH2y5xQsgxbo1Od8zj_BRU50qv3r3nHiMUQUkFXwEBQrKkyojoKoFYfxcUURkeLytNjSUKvgd5_aFLxQMgGXuPF1zdi8vAiQl36vC7p20avoDhL9aTM-AGxxINySrq54yuX0UUp1qLBPV1wrQTeOR6TGCPr_iYQQOAesxHgRfbywwtw7Tgr1d2PzVc8VSKCkPzr5iTMXS3lQPIq9fAWxM07C2X9IJKyiLbctimwpOuiiA_ffmJFB0eCvrxZwJojfxLIyLcJ49vBp-JLnfzU0KRGzdxbdaPQfQQTtEJ55t6F8hrA8Pb248OGocNVgPusanQEX11ifyHXp0OLRb9n9pNxWbF2udPRD0fTAxHupx2eh6znNSioMJZPBHT3sfNyZLM8QQ6lQvJdhbAEw_3O4wGIE_DM9ABdqymj7G3_OhpmleekDjCbsvQ50CPbnVRPvQnRnYsox77gZmx9amxdmxEYgE-5-DcrjduYvZbXzRJMnVsdCXPU1JxYdsOD3WIBQ5jlesqGJpw_dEiB4EsliN1uGcXD7r13QxXeuch73reneC98PbfJRg3tqL_uDsQRX6ETozcPvIIQC9PFMVYyZkDJ-GSs4TcYo_hsKwNSwDEuotfPeNpULKX9qX-WtmuowcjB1speRnsV91GgHtQtUvL-pESQXULb_DZvUI0lAH2N7WJCCSwRgriLSJEXf4-_bQo6_u7q3H&sai=AMfl-YRVTkLN50x3uZ5kVH6wspAC3G0XMN_au2mC1TTLrze0tp0M6j1-u5iTS7lLxuQHyk-d__iC0bbyQI3tZCcUKwudxaJ8UFkhq2eiTH4e_vsVPsgJKN7DUgxn2QPkD2MhIVmUCAHBLWa1QWNnTmgltrc1TjYgTK4H1GMGn2uiMc4OAk_vC8L6C_zgTUbxtlJivGdaI5XqKtN_xMomBulE3zrQcw1mjgNcaLIlJ_DKpLWmL66E7BH5BaBPKUoSBw-4Af9p&sig=Cg0ArKJSzOI86ONOJ5eZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=139&cisv=r20230817.62738&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:33 GMT
ca
choices.truste.com/ Frame 4293 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-23.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 b75b06741e5146585057681bd60737b2.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop
AMS1-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
jAnxl7z4mnHY2O-xOkKr4hrFoVphmxy1z65Clhu39cB2xkMQgYIi3g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 09A5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE5I8WgJrmWhdJrrSxE55mM&google_cver=1&google_push=AXcoOmRrt7TCkxmctVa7kqU6W28BGrMFtdFvEq-0yxqr8Jo0wLb8lTR6t_HPZ13frJJmygDQK3nCXThUpN0EDgfhGp-XVJza5FD1kUhPkIoPgls95Rh6ADMfZPlklBVpSlhHA2Rbtlz6-L_6
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 09A5 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJSYAftM3u7hV1T802Km7Co&google_cver=1&google_push=AXcoOmTEV7jZ4J_Wv0jKTFtIebYZrAGAPLH0Z7Kqo0VOGqZVDadw8bHyKnURHzAStrDlC0niqWV9DEX8KrB9XilrAjj6lXp72wytaXUmRpwGL22mwsIZpX0hvsBZPMmEb-s4-bnEVQBjtnI
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.228.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 09A5 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSATHcPcqnqwkPQHSFOc3kdnel6Z6IUwmnAi9v63cOFgmQEQPgrxkJ5LFa1nwIH0IDYeNB_hq_GS7xqlO9lMeB2SsedF3pTDRQyeg3uh43j5DxlvU2wrOdF16CfALZ9K-qiAKZctwo&google_gid=CAESELG0CxoT4HaRDBvvor2ZnPM&google_cver=1
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
231313
expires
Tue, 22 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09A5
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFAPkqD0zPVQYimrAhMVq3k&google_cver=1&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAnt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAntzXEmptr5vbq_KTErsnmoyJO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAntzXEmptr5vbq_KTErsnmoyJOsrIXQ8n0vkjmnu3_juW87cfY-8wlI0Ct5
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Aug 2023 09:43:33 GMT
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmRGEt9E4njAGi_58Exk1fal3lxnVDTynZdG5ny_lkSnLhSMRaLcBAMho0uzylK_3XQFuGigo4UCvKcJGAntzXEmptr5vbq_KTErsnmoyJOsrIXQ8n0vkjmnu3_juW87cfY-8wlI0Ct5
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
x4jNgqmYuNkob0qawEynuxo5Vc_JEFzlWlBRMpLSWhvT1aeNCVFJJw==
ebda
match.360yield.com/match/ Frame 09A5 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEH3nsgURGbsgwE3btFJOVuU&google_cver=1&google_push=AXcoOmQk79TFuAU_7Nn2WcGCk8CGkjTSGeom9DlLO6Hf0o1kEfp9afvz5nWeOOvgHGODItGM6yM5Yqkvp54GLv7jY7OMQGG1dG37Mo8PFEfjdPzmfUZiqOi-XLM0TUNG1jd5z6kzSYi1ZSRD
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.50.218.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-218-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 09:43:33 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 09A5
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG0cg6Lg7AfUtiKAGlGnQDA&google_cver=1&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jcL1BIpabBLORcRaYR6qFoUBkdz6jXURfGA8TddIih1p...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jcL1BIpabBLORcRaYR6qFoUBkdz6jXURfGA8TddIih1prsYhH9uPW5oJ5worKCuAJidT4ju1sxNJ9dpyR2kFOiAOrU
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjIxMTYyMzUwMTE3MzU4MzEwNzgyNA%3D%3D&google_push=AXcoOmS0cFQ48QW92MuCVPWmgTD_nvMWhB2ZkCg63r1j-xTBQkumI-jcL1BIpabBLORcRaYR6qFoUBkdz6jXURfGA8TddIih1prsYhH9uPW5oJ5worKCuAJidT4ju1sxNJ9dpyR2kFOiAOrU
date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58281/ Frame 09A5 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJSMghJftsNCJWkWBcp3hyY&google_cver=1&google_push=AXcoOmRhEjEtykA-xNa77XkdJxA9hoTyS81tgLzdph4TV5q6XV30kt9F1uo-RF5ADVqZtGUF8lU-MSOOA6rXm9zsnkUJOBMbVog2VNmf5z7TXihV-ZUmavs_5fvw13AlWXjB7Nlv8dPePevYvA
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 09A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KufNytfkMTwVDqWxJTHsA465kgY2pYNdPTM0i2_e30fXUBLjTu86KwQuu3HoQKRUTe3n4fGQ
Requested by
Host: c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
URL: https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
2023_07_Back_to_school_controller.js
s0.2mdn.net/creatives/assets/4945525/ Frame 1450 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_controller.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aab40de161061febcc2b8ad6e131fcc712a6f846691e48dd558689b37e596c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2821
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 13:57:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:44:25 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 804E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c8048154be43edfd0b4fcdc3fb22db5c.js
s0.2mdn.net/sadbundle/16251597516964128356/ Frame 3369 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
849032524598b6ff398f77a6bfc95235029778c3f6905e1459e53198077fb176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9807
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29104
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Aug 2024 07:00:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 40E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7Db3gKzu42m-q0zL-GlfUq8ZsFco16zKXnwYgm-TBO5YyiWNPKk-1lo6LZSrh-5OOet6ITZvqLMJqEz7RdGZ0kPZxdfctCvlV6n6Bu_F-RRAjP-Td3abVRYlqrTTIzoHiwZqvhM4unbDf9aNBrwTztZT_WazrE57wJy2qvbu_dmQ-6P1wNI2q24kw4U2hgLhePUfclxzzAizdtDXyg7DbvcOfnO8D1CVy-usL-oD6kmXFS3U-bgljEf8EBQegcoWgbUnIuucWAUw9DNmxJPpNAJl8ig9K_u3E0JACC2cNvrFoaqM0E-ygiVBCsPr_z9DpYWSZnPQPMZ72Qdpu55YR8mx2-LBT1moDn0gLnPWQP6u-jb1Czcp3-TxCmUXLlEysMdTOyRF5ouMhFurnEbWDc2RTH3f4kiQ2Nok55ElQNIDUGFBIjt03uhL7Hi9gGntdWmknr2dOWRQVUpQC2IsYJQ9YmBePAes8AJFXrDKBaEKV8yqX7KcS1_2XrXotThj10aTwYNA4vZ1XTieK5P_9pWPm3ETVoNFE3A8VmDH9l--ZhjlmQB-QV-dmVuBR2QfAAb6KBl5BftWdfg10m2YEI-9ntdIQ2eBsWal5hlLxVaib3vbUUzTyBj-9JCBavGL6MyO_gtG0TC_kDTkvzNCr-8G13sX7zd8Ye0SLqP3CkDF4WbRf1d6QMLRmET_U5y5mCbJA4QmtYu305sobBPw70kUwv-HFVHQ2Gy3IFTODo1PD81jj-hR3U9a3LvC3yt2Q5DF7Jys50fGMpajg06awJa0079KsliXr6bqd8ruLIB7iNemmZL7FztnxQXziT8cIgTWDlbO6ZrF3SXoGDYdaxjbn1HVmxbZUCwIdc5_PSUtoDLbCW7E2wnoIuFBqwJfZyLis6XZd218p6uSkyFUlhNVkwxmO9wyxPyE4BZA3aruDPWUWCwuEVKMjXqYLLx6EkQHNpHXOrvzOYERJRvtnc_WL1wIXU5R-G9RctqQQMTV8qKlyKw9IC_0YJFJXfFKqdrNJS0ZDOZdSHcfsI12X0VcOnkKizQTBdTjJT9JwGq54vd5BPbb1Zt8ywVzxJn-PJB_TUn91WVfotWlp3NXAMJV0RIPRDEoyRnr8A-qEVknRlPGV_o5aSFnHPhGer8i6cpqe6I3_4mJpNNkLQmFXKsibO1mR7RAPjcXG4FCLXKTTMAhMlcuk0oIbrn0VpzdIUOQipypV2qiUvV_x5xGu-P3feyVRZkocIbIZRDX3JAmuVIv7sipxl_NOiVH_wJHNQxYuqjxY7BzzdJP6hCTOEGXzfmqvdlQcNdawJA6aasOFwmUF61E0n-utI6ZTs0RUrJHAtqdRMYVVJSaI4uUI-vnlb-uPrhegJKc8etKv&sai=AMfl-YQNHtNZMtnUYQfkHpTb-MTRSQQlARYK0Vj6ufo92mPj8JU_A2F5qdhATeVo8uXgoP5zrhiPT89QJIvzgegAWE0TiFf4bpMgaTB8GMOHNJbDLBPvu9uuIkCPUH8esveXsJO4MwOvUDlLkoCm_LsiTiRfGRoxaX10GIzHuQM_TiZepU9qIHlrbw6azfdUOlbZd11XLIMjWlFs-p5L0qTS4zTHL_Tu5a17LknQYPA0uPTfuuOy69m5jU_CYyjALgMh8MwC&sig=Cg0ArKJSzKaP5lSrcJcREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=491&vt=11&dtpt=308&dett=3&cstd=176&cisv=r20230817.09406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1450 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6578ff6f1ff251b024a5964bb40abd365e0aba4b521153341918d38340ed4566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5868
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 84C7 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd901d49a25858f20c575f7da0792e60cebbd53d4be8ae7eec98ac1df7dcb7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5775
x-xss-protection
0
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 84C7 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:34:00 GMT
x-content-type-options
nosniff
age
76173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 12:34:00 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 84C7 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
13088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 06:05:25 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 84C7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 14:26:44 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame 84C7 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 14:26:44 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/13992577357167395121/ Frame 84C7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13992577357167395121/logo-d0d80991.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 07:42:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:53:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Aug 2024 07:42:27 GMT
cbBdsV2.js
s0.2mdn.net/creatives/assets/3781309/ Frame 1450 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_controller.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5325
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 08:21:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:46:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F4BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbuWv2BLXEOoChPG4xTnBUOaDJnLu08EcifpRgr4jmi2Or2LKquyVsrFHT0TOcZmWZdz9ngyaZrV6zDQvMwcEZbqy5kEwp6e3fvBzHN_V4wnzdYEXq0Q63p6zlKZ3mHouQ0ivFlqUbkXfGcgKx6rzV-3tM8AsBWQOBYBO84VNiLqrwNW9efa3AqirTJ3nDd2UIkOt5WySWnVw42UpK-BgrtNUM6XJpja6Vef9oX4SaHLQ4zOvMvgh9YrGBbhIUY3sFmhEY7fKMS47sX3yVdoDCWlWtwxDRQkYPufq6nQXTjwn2XAHVD-yLKXWsVGKaPZRD1NNZcbKPzuiGrCH0SrtMZK6PgnAkrlfUFjSEvTwkqV7R1SQ_9xVayvTsVl9Pn1eY_crgj0Y3cGE6Y5UlMe8ypX1zsn-Gp-Q1t0Hc8hhAIEOumF7KXR5zayXVCZeIklCChxlZfFrMiI3uSSrPk9sV_3CDzcZPtep1nMsIXLjUSGN6Z6rmaOrNoSCR-klPuIWzFymERB_g7f5BCCtVcWuxMGQEJ9aY56ac7PXfH048gOPD-nmcpeKgtklum5FQUUuvbR4cdqh4fBSSTs_5BFBXjViJHfkteNM6D67_96qGu3xOAxJj1t1DMBuM7xHXcN8pjW9uF8lDyhZ0iPJ0kn4v-3pDfs4jf0jV-abFPaUwF4Sc4kWfgjbfomiLTuw7Aou_4wB_gQge8SzAKijpRo3pUuI7hAVYbxpH0JkPCRuW26nRYs69h-kReZxoCFqtMv4yhaEu9JGLHTRK9vt4VMPzLEwj8EtMGvo4TWsbpWkirKDiT0cmTanLPhKY1bWXaMkxs76yMIk8oxoN1AsC04VljE-gKlh84d1Q3PPKQeT-8VEINiSlDYl2GjMH_MaYrZmvLD01ad-OuUwy6cpdDyeScYpu5ARyTultOy8Ur2PoY64lBrkVmHy7RHFJHgiHuUUj_aNeRGByu7DjNKQTHILgNfXwrQnd4vL6banJO6W3pZQt_Ivwo4_jHuHY8wkhRWPEouW1Zh0YsxWPixifuECOSQChdC3_sagt1bg_3dM3CrQGwzi5c5lYex_Ai5plJP0OHNWu7jtIp1OVPZrFySYHkSOmYLRCU3wOigT115Ro5o5QTajPNbr6JBijM7Qena_ri_UqDgV7iE7S9HXAkhVyGe2rRtwzBAXZsVp_OyPliiPXrndB2JAc52Gb2-gJLNgWfRzXpTdbYPvPDsAA2a-88FRf-hB1yg9P5bCxvso227d9kf9Y33LFZFy5f8g918Ee9EVxB6kl8luBwiz3tCzLwWPHU6G6v1_KvPC0IHE&sai=AMfl-YRoAWAbAjYVSCz8YHaqRzucerDdVSVMp3-40PRlXaxLsIPop3cUMmrMhT-KMCcrFafymkN6R3ybpO1F69M8CC_qFcyahMB3eKf0uy6cKeH3bk9_J7Dzz-cCG8pOchM0MPrZVTRzmQC1mxv3anG1biTWs1Oa6A5BWYdZB3weL-tWTxqGQXpkFPJukgenP_kQSM5-UEsd7aiQ7pXXvn3wAgse3EFlogz2sxZ-ObgDYPU8fMm9pTc2PfV3jBwnOQ9av7QF&sig=Cg0ArKJSzBBIfoRFFTRHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=797&vt=11&dtpt=471&dett=3&cstd=316&cisv=r20230817.92275&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:33 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 804E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
metrichpe_501_normal.ttf
s0.2mdn.net/sadbundle/16251597516964128356/fonts/ Frame 3369 		59 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/fonts/metrichpe_501_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Aug 2024 07:45:19 GMT
25a789ae20cc5806a49ce1b5875568c0.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/25a789ae20cc5806a49ce1b5875568c0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68bacf652d7a7db62c86f4fc74ee7ec0d6d2ac4390e2a84aa7a98d2381445568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:36:29 GMT
x-content-type-options
nosniff
age
536824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15628
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 04:36:29 GMT
395d370bde56edb1a7a13cb7c151fd9f.svg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/395d370bde56edb1a7a13cb7c151fd9f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 06:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 06:30:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1450 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:43:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 84C7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:43:33 GMT
quant.js
secure.quantserve.com/ Frame 3730 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 29 Aug 2023 09:43:33 GMT
op.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3730 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67d2bc277208d9b6fcdaa8f11e46e79341d0856fdc41b3fdf19192fd1c0dc1ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
f60ZUGmlrQYXo16j24UPSgonvQXFIUoz
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
date
Tue, 22 Aug 2023 09:17:58 GMT
x-amz-cf-pop
MUC50-P4
age
1535
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6864
x-amz-meta-git_commit
ee4b1d5
last-modified
Mon, 21 Aug 2023 18:17:21 GMT
server
AmazonS3
etag
"61e813179400c351e58c9806ed94b4ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
hDr760M4EM8D7NokpgKnW1XpX6Mj0g6_1b7DSJZBylRvP8b4fIk6CA==
0
api.saambaa.com/post/storyboard/15002/market/ Frame 3730 		541 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15002/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
014c7e737f5d8030f00cd80d58499ce60f401e30a092cd840cd2ee8bb4af66ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
logo-saambaa.png
saambaa.com/assets/image/ Frame 3730 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:31 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/300x250/assets/ Frame 3730 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/300x250/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:30 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
truncated
/ Frame 3730 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/g/ Frame 3730 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=609267835.1692697413&_npa=1&_s=1&sid=1692697413&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_300x250_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame 3730 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=609267835.1692697413&_npa=1&_s=2&sid=1692697413&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=300x250_desktop&cn=300x250_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 1450 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4582
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 09:29:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:46:07 GMT
cbLib.js
s0.2mdn.net/creatives/assets/3781309/ Frame 1450 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7876
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 12:12:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:53:51 GMT
cbResourceList.js
s0.2mdn.net/creatives/assets/3781309// Frame 1450 		94 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e577ced0a1c18229f841b986786497219e6cc4dab07e9de218b02a04b0bd57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:40:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11482
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 09:44:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:55:21 GMT
moduleList.js
s0.2mdn.net/creatives/assets/3781309/ Frame 1450 		8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3781309/moduleList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
993
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 14:00:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:54:55 GMT
AssetsList.js
s0.2mdn.net/creatives/assets/3757766/ Frame 1450 		1 KB
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
333
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 08:13:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:52:20 GMT
cbElements.js
s0.2mdn.net/creatives/assets/4615943/ Frame 1450 		100 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb0e85cf8a5e0953a5997538edab29e75417ffe81d7097459e7c2ab99f371e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16920
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 08:52:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:46:07 GMT
cbElements.css
s0.2mdn.net/creatives/assets/4615943/ Frame 1450 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05a9031454324dcd0150aeb877d980bfe8bdc132d39f87dab9623994e8e1f6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4706
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 08:50:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:55:15 GMT
metrichpe_401_normal.ttf
s0.2mdn.net/sadbundle/16251597516964128356/fonts/ Frame 3369 		60 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/fonts/metrichpe_401_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 01:36:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202023
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26072
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Aug 2024 01:36:30 GMT
metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/16251597516964128356/fonts/ Frame 3369 		61 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/fonts/metrichpe_601_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26501
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 14:09:44 GMT
25a789ae20cc5806a49ce1b5875568c0.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/25a789ae20cc5806a49ce1b5875568c0.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68bacf652d7a7db62c86f4fc74ee7ec0d6d2ac4390e2a84aa7a98d2381445568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:36:29 GMT
x-content-type-options
nosniff
age
536824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15628
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 04:36:29 GMT
1730852a9bfcc0792be039d9c5a788cc.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/1730852a9bfcc0792be039d9c5a788cc.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 01:36:30 GMT
x-content-type-options
nosniff
age
202023
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22905
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Aug 2024 01:36:30 GMT
bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 03:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 03:17:13 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 84C7 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13992577357167395121/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:33:36 GMT
x-content-type-options
nosniff
age
597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:48:36 GMT
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 84C7 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 12:34:00 GMT
x-content-type-options
nosniff
age
76173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 12:34:00 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 84C7 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
13088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 06:05:25 GMT
dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 1450 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:41:36 GMT
x-content-type-options
nosniff
age
117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11356
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:56:36 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 1450 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:33:00 GMT
x-content-type-options
nosniff
age
633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28524
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:48:00 GMT
aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 1450 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:30:47 GMT
x-content-type-options
nosniff
age
766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20060
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:45:47 GMT
OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 1450 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59331
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:29:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:56:36 GMT
dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;stragg=1;&timestamp=1692697413503;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 40E0 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;stragg=1;&timestamp=1692697413503;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 3730 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 08:44:06 GMT
via
1.1 2be4364c1cde74eab64cab67d1de266a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
3568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
0-GhAN6EgHJ3zb96h7NhF_HhqkMf6jwfKdHvJo28YYjd6vGHQ8KLgw==
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 3E47 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIA9t-njMXh-5w8AX97ULDAnrXSM8nk_VBssvPZAstQp51A3zRdYUme2A_wPS_S8QF7alytQhFJIUObXI5c7Dz4YZKhNmpDvPxgmnNDXvViwvmM-mB6Z8QKsOv5Er9TxWeJT7akytuashcQMG43AWJ93e8ywgxYcgXtxJ1QEQStfv7_2MAGRb-rIrPWRxI5YU047IZZfDcLImbm-JSVGOACAOW26PDUFCoGZP7nUK4LMZLY05rXcvzH_cm1MCZ2oTHEh1VnyR6ZkiQyZnMQN1X0kSf7f4nTi741z0z1KXJVzavi7Mb2PUwZf6OVahk34RPgTlWat0acqGkCoMJDWlyuv8T2NzbND89SWlrFqLWFmNHqiFpZBvwh4jac3qXhhn0BE0A8Oo0TSgvSKswp3iVn4XsHgu6jm9mTXPeqEDSzApWF0FpXsuG_Hl-fs5Av35lRIy0v1zJh5GkmlvPrLpzNGc6wdlkPbTSkmwUcfdovCZini04WIwDPCHnn26ZbKUIpfbxDFba68H-HMB0DeSB9aPpjxl9U6A0uFSwweo-lYa9ZgHiz3cM6xEEl-m0Fd5My3eClxoluqMlTmSB_5HBH2y5xQsgxbo1Od8zj_BRU50qv3r3nHiMUQUkFXwEBQrKkyojoKoFYfxcUURkeLytNjSUKvgd5_aFLxQMgGXuPF1zdi8vAiQl36vC7p20avoDhL9aTM-AGxxINySrq54yuX0UUp1qLBPV1wrQTeOR6TGCPr_iYQQOAesxHgRfbywwtw7Tgr1d2PzVc8VSKCkPzr5iTMXS3lQPIq9fAWxM07C2X9IJKyiLbctimwpOuiiA_ffmJFB0eCvrxZwJojfxLIyLcJ49vBp-JLnfzU0KRGzdxbdaPQfQQTtEJ55t6F8hrA8Pb248OGocNVgPusanQEX11ifyHXp0OLRb9n9pNxWbF2udPRD0fTAxHupx2eh6znNSioMJZPBHT3sfNyZLM8QQ6lQvJdhbAEw_3O4wGIE_DM9ABdqymj7G3_OhpmleekDjCbsvQ50CPbnVRPvQnRnYsox77gZmx9amxdmxEYgE-5-DcrjduYvZbXzRJMnVsdCXPU1JxYdsOD3WIBQ5jlesqGJpw_dEiB4EsliN1uGcXD7r13QxXeuch73reneC98PbfJRg3tqL_uDsQRX6ETozcPvIIQC9PFMVYyZkDJ-GSs4TcYo_hsKwNSwDEuotfPeNpULKX9qX-WtmuowcjB1speRnsV91GgHtQtUvL-pESQXULb_DZvUI0lAH2N7WJCCSwRgriLSJEXf4-_bQo6_u7q3H&sai=AMfl-YRVTkLN50x3uZ5kVH6wspAC3G0XMN_au2mC1TTLrze0tp0M6j1-u5iTS7lLxuQHyk-d__iC0bbyQI3tZCcUKwudxaJ8UFkhq2eiTH4e_vsVPsgJKN7DUgxn2QPkD2MhIVmUCAHBLWa1QWNnTmgltrc1TjYgTK4H1GMGn2uiMc4OAk_vC8L6C_zgTUbxtlJivGdaI5XqKtN_xMomBulE3zrQcw1mjgNcaLIlJ_DKpLWmL66E7BH5BaBPKUoSBw-4Af9p&sig=Cg0ArKJSzOI86ONOJ5eZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=623&vt=11&dtpt=482&dett=3&cstd=139&cisv=r20230817.62738&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:33 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 43D7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3730 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465502
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
u3MudR_1Z1-zm1H8PgSGmfabPu7BxseSoZ6GHpj1uy3McL_go7KN_A==
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3730 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
53997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yyVNXaRwAHp4e5nMe91gZtt-kJjQeMA9r4_otB6cBiQ__af6bmH8Kw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8DB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4nW4RIPkZLfBE8mY-gaZhpmACgAAAAA4AeAEAg&bg=!VFelVxjNAAZGPLJIZjw7ADQBe5WfOBmdzHmA8tHN_keiC6RzgkjIXqMoAhpznRwFc3mUqhyY2G3wFd51MBDqEhLmSR44AgAAAaJSAAAABmgBB5kDCXWNowpYXZzpgMYuvmk0nurE02vWMQwg3xlc5_2kJR0t3XjpyuFaFlt8hnw4lIL6MI873KNTGMGPzoY-tcQG9KF4i4QiIZLLqktgCjIBI8elD7LMdp5gqD2cPeMVCQYQuSm6Ut5ZHvFiVu1Qot704J98CjYshxBmAE8sR_9JUBQfFdJdrlJgEWzPKkidO8pRvzmnn9eUSuQQWkJaeD8VkmGBjBnAM-WKHZoheFcoxKK-EXj09UT2WNVsCWdZBwTKLye25wP5X5xME-SpwdwwUk9RRVrzu5CPzv1xnNyjQ6f0kziKA9J4B25ZWO-wmNpYY-PtgCJJ4-atZrgV5rtIdLAVAf6tSLT1UUgMcq8EKbtkTGl3cJu9q0XeNfyYjdP1a9Rlfk41GhcjStdzridaL1UvcQgkOQxpkHLAVB_EPLH70LAxASgSwmRlKcC_Oa5folytLcyBvIHlYYBfcouRyIrnz-JmD1L8MhERUUj3RhzFYd7mTbFuBOnaVLET8cZ0I0B9Gdr6rKqB3Io8XcP5rQl4ODv_ikhwk8SHSqmlHG82uwIMBOLGz8vqI9rd5evcXx-g4qANvAW4BhbyULo78dSGB0p2CnK4jTX3mM4y5Z4gcQS0wDt2kGLbsUd0OGf_sMvoHePpFuAclEz-GgzvvI1-P9VU8MKBumyFx8SNeOcMkRBLX7TKybrKt7jURMAezk63hgH5G1ksi72G2gMqaP6NeZizUaJQm_5sMbe0zdt041OJBcNXKaQSOJvC9jCTbihXTrvHmJOI6nfZdoxRM2_VC8_FU5Ppi6KWyWJl61OnVCXwTOBpSkRgPOzkkVEvLQJNr__P3pDL0bDC-tKC31fD8pn-WyTTTc1lEFWRpecjtga7UC57v-Z5E7lsJAJ11qkXCbJmU4wWPr_t84YbwCtkYWLlSD8IaL_UdGffmPySdIMLf-Rnj0QlaQV7U02qNoHCkWyg7Bw6pIg1GF--sAJ9JRpOhOhXV-MWNqOHYc8nSVxUHGQezWxjMzTb8-oIV7NtRNR4Ga54cQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F4BF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEfo9K7cyPQmyB5Rgs7hqclhPL-wI3uq79PJR1jZXZyPd2cDOX3iPEcBXIp5-lJg8ZnC0FyWz5TxvorYhbRxh-mK-WEbekh0Q2vz7SFcAuWibS2AdKnP0PQnnGCZzQ0HQJ6DRUUrlUur8F&sai=AMfl-YT9Gg-p_WN6TqwfMbvdBM4lKc2MyaW9h3xfQIpIQ5jrrrBmz1S5aMO1rvX7ZoTMgSJatqsq0reL5HGB0tA6s5o4BsfjBz0yiEXuMebTeB-EghJ7yg3ncuFlC4M&sig=Cg0ArKJSzEXk9bdXINkvEAE&cid=CAQSOwBpAlJWfNlOpE9rTD1B2oh8l43kXz_udHxKEwlpXZtImVrHf7f1Yk5qhilnOmWZ4fLXHTVwwb3jCYhTGAE&id=lidar2&mcvt=1045&p=1110,67,1200,795&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=615838248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692697411845&rpt=640&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2023_07_Back_to_school_design.css
s0.2mdn.net/creatives/assets/4945525/ Frame 1450 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_design.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af22380d5deafa05590754ba24ee155d3907ecedab1a14439ea2d9dd4e5d84ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2528
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 13:57:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:50:38 GMT
factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 1450 		4 KB
753 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
717
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 13:38:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:53:53 GMT
factSloganSplashV3.js
s0.2mdn.net/creatives/assets/3782803/ Frame 1450 		35 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6335acd39fb5e7657ee3d854e2a92717c6326955dc8615913d1aa3b2f82bce38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4454
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 10:21:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:56:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA88 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0jZdRIPkZMLvFemOjuwPmNSs8AcAAAAAOAHgBAI&bg=!LS6lLmHNAAZGPLJIZjw7ADQBe5WfOA-tCj95b5jIIFqQkJ-fAqch_raNY6n0LOCziJHaDvSJaalgl4MNcSq_VoBM5Co7AgAAAdRSAAAABGgBB5kC_PWahO-TPtC80fFphK0eQWda77D_TlMIU4oSZGhk4hCoUB8hNIGfY_yh62LIXyr1HXRKwSu-FyUt5DsrPdIj3ipR8ozXbn_vJC7Omvu6-o7kGRkHvCgX2U84MY9PuO8FlFkKjf4yhSHjlYZuS9h-vYNXbnl7-RhQJYDRXX2v-x2w2t7AitV8MvVKwHeIt9VXDD9cU1W5WTTg-DlLjFMK6C5SnEa6GPxLc0VxJe_iQwNSSbRfe2U4ZDm8_QVosj5EVFD7vbmEwf3f1w_pp_IJbZtQU8DXuS5oXbn9jP0UiERvhHov_Yqcr0lGgoyRyrT2LKi5ipUeSqcJxOzXq7NzjiP9SovGXQP_FSeLABiyRrOGNULukrF75KmfQPyJLp8GR74r9CfKO3KMI7ikZLt3rhueDP-l1NDZq8fFj8FR9cPNfNo7LQQDOPHGLah_W79wsxC2cBJgkGtJ5y5H6H2dU17QTy-vkH3ZDUXE4jAW9T40DF6mSMSTDOJpN-IXGkDTyEiGu0IhHUtTL_TutoxqF22NdD_xFZMA7p-aPItSsyJFCliwM_G9x5E7NwsnKzAINyp6Bcn_JIj_fVvcRk3Q4abt9rcY4n8aS1N2YoXjKu21TpEOstYZXtSgra2_Rb048KZePHH_1h8ZcDiuK4_wOjyo02ap31vbutlimgePLqI8Uk-JhSc-zsFjcIPo1EdX0g4h7trYlq6sxt21_1ScRhzbhqahWn89_Uh7bJv_WhUG51e0yPghyhPm_5ogceBnYZfGkXGfBsF4hOJK9EczZIXu67ZlyAxKmuSQFiSy-kaZLrydTp0w0WOzOr9AtfZy0mGJHQC3-GivK5dh7SfOZY3mlawLC6_Nq8-JyiWT0q0fmiYWsU0WhRA0Zpczuuq86SsMhhW1o_7JiRCcQ_Mm5vmkp0fD0Py47GGA1V-09gfE5-aBn-E_qnDI_PeIsTz2xIGR8ptV3NSEp9nLFiEhUKv_UiHqDfrJMBEbScWz0reCUkjAeDYarTKZ6JHE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=2133649315;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php;uht=2;fpan=1;fpa=P0-778462614-1692697413506;pbc=;ns=1;ce=1;qjs=1;...
pixel.quantserve.com/ Frame 3730 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2133649315;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php;uht=2;fpan=1;fpa=P0-778462614-1692697413506;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=1;et=1692697413753;tzo=-120;ogl=;ses=3526d981-ff76-4f09-b9d3-633604c2a03f;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 40E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbwM32VqZIXEIA8urd9asB76ClJUT-4gEuJoFoBxtyyoQj3f9r2PLPRV7ZTkWu13Z_RxZHRfcC7oqZxtzNEK5chta-hwz4Ne6-LjXpfA1xYl_yoYXic9hl5XNMl9SwR-vjMXvbPsipY5eX&sai=AMfl-YRJkTetuO3UxIBPn_RqRvppLn6yxnofkLNmP1sOkeh2yunWQYsPdE3RtC1HUOGmF2EZPlZgeAcK8OEIqwzrFb2LsPBWkIR8AVeGaBTZP96OH5uFszC2nmLqWTo&sig=Cg0ArKJSzHJ4rwAHem5LEAE&cid=CAQSOwBpAlJW_7-rcNKhpIXZAeZ4e9eyb8pXWo5cslxHMmZh-awU3Cgr4crcRu1372J39Sqs8Tqe5H6tlfzCGAE&id=lidar2&mcvt=1261&p=622,343,672,663&mtos=1261,1261,1261,1261,1261&tos=1261,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=588019753&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692697411889&rpt=794&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250_fitbux_v4.jpg
saambaa-static.azureedge.net/direct/ Frame 3730 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/300x250_fitbux_v4.jpg
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE7) /
Resource Hash
ca88e9d1b4cb8c46a92b175d573fe9ec1c1597c89b72fa52dbab3622299614a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 22 Aug 2023 09:43:34 GMT
last-modified
Thu, 10 Aug 2023 20:44:07 GMT
server
ECAcc (frc/4CE7)
content-md5
VqTJNy507X5BAeDR1Czt+w==
age
390522
etag
0x8DB99E28AF28064
x-cache
HIT
content-type
image/jpeg
x-ms-request-id
4646fcef-c01e-00d2-4a4f-d1535a000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
25056
CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 1450 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1492
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:30:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:47:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4293 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRLVVun8J9EajB9vmKZMRScVHdNOwqRrVd19zAjLpDJQuG8GmiH2ORS9hIzaBbFGhLTGV-gMgVMhJLAUkGp2JJvexWh3TQK4I1k7KVFWeUR40Y0LxgKDGK0S4U4HQWLiwfujkM6uSRHlZr&sai=AMfl-YTLnt78ZJbEB_DciVmiNinK5aG6RwxZvOB7Jbe0l4TaEQusFZ6kX869WQbZl-Yr23eg8SwZL8m7BSw8lKd_7KYnCUnBr5zVNlRQH57bGhswGyKSbLttdK3AIeo&sig=Cg0ArKJSzP4prE4ojLbTEAE&cid=CAQSOwBpAlJW0I6p-4EVLZQqD9M9x56BdqYp5YfkEZcxMeZ8VGHCwDiu-uNc4Kn4nnZPYBtSlPn54hRXQMm8GAE&id=lidar2&mcvt=1011&p=1110,805,1200,1533&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2667010937&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692697412357&rpt=616&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 804E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhtQ_RIPkZJq9Loq1-gb1uLSwDgAAAAA4AeAEAg&bg=!ISKlIm3NAAZGPLJIZjw7ADQBe5WfODCS9VHal6FbStMikVO5hoA6VSq1SO9lm_ZqD3PY3_kRXrtCd9nQ2eDvBbFx8qqNAgAAAqRSAAAABWgBBwoAMqtut2Yq-voKU0BEmHbC27zN7Vesjbr297J2dWHbW9xzKUF7c1eB9Z5pDosAVF6wDPr8mQMMQUZNSO28PhrVZhb_UrMLtePFZIO64H82aSIYgoYtA-fGK_otpBI_qD8Hydd42vpE9N_uVKp5AFMhgbLs2ARYvsUXY_ZfWdg6j8h8Dgc1-xa_ziTQ79fqgLnOUNs1VMUTs3PNDwhSJ-yzS6KaKBvOJHmYZm4pI7xAhQ08oOLwng3yWNgZojFHTUmscLMlL6-ko8aor2eF7F3ocdvlJbxXmVcqIzC7GrlLa8SW6WhF3Yparo1kN1u3A04-tA4urt79P9mw8EAOQ17Sf_kZtk6GYTu_TLhhshM5AMYxr98E4epie_VV5U1uuS2YAlbGGNoNJ-xw3HIzLjTMqso2LRDQOWano-_sZklkAe3SFka46qtlmKkXoeZDVXndafsw0UogD0Qcx7LohIMqHDXq1KStpuu_YKP72NZxvwcNXW9o-UVf9FX6d5onYPfO_z3ZnoO4LgQeCoLkIKIsi1UXHlTtebEB__o6MFAnnNX-UGBjnRlU9RuzGytkIvM_p4uHEz60dmQXqGIJu-G9kWfRUUFx1Y93KlAVTCbLbMGBk1X26BSE15vrM6ZMDOEEJfor9--fwXckVRVhPUPEEVDxWTn8qnLrdEUNI_ITL9LUNeVVLQh6An8zVeUTcq5_VBdGSIQuV4dkxtcxwmSkSOCvQhm5YBOdTBo78Y1ckFpYujwlwKny-hYz1athI9fs7k-GH00uICSaHsvDujrNITIeyqya593T1VaLlFr1fY7gzU9COgRi2S1pymreoyHqxyNLkNy3fBAORFtF3ki6wZRmvyFoVDh7NpbW_r83NN_jYth5GXpFl2Pwq44TkoSP99O5EwT83RZXhpwf4eaLECEKZob5SIh-6PihE67dbxnZc33mrGa1V-9jQb68Oxz1Y3vJeEIg66r_ww-KTIJV2tNkw3FWaV19viD1_6WSDK7LlzRKKwZz5pdDU0XnbhgKkKENa_slLJYlca4Kqytvp2v5_sdMyxOD9WfAnKfMQYq1Ut8Uk_REW58oYzoyyomysm9NXw8MPrAvj4_w13Wdy3Dp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3730 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYZPp8d_Iwq9WOJrGps6enK8V4IpcDST8scWrlm8rPFS4M6R5tMGW7mdBziV2W9I1naw883Ljf8uY6a0gGTZ8vW83fRozQpp_vWu5Wv841Dm-eD2E2olpRdWjXLayjjWfz82SDs9rK4Q0DbBzgd6iazfsZPTRH0cxuvdm9g2pdW_DlDbehoOw33XdMU8mzGMawpvo1tD1gIER4sDTSNSm7kEvOLjnePkd5Mvw5iu0v02veZo700lynkYGqsgK6Uly3F1PQeDW6hTUWQCUT1M1LF1r6Bu4UNrKDdjS-HQT6ITJ6QOw71Zu1xHHhWkPoFP1OXQbIZ-gpdwP2dPMUutTnKw&sai=AMfl-YTlyK7Q2Y_PEQh4TpSvJb5yAHZxO3kSEhj9YoVDgZ8dan8GIxE1BbbGVdcv2YjEG_95AikY7Yx13LVM1d1Tg91wdZ1teT9wBgMKF9aurRxMj9byueR5f4gARiMQvw&sig=Cg0ArKJSzPViKVQTw8h2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:34 GMT
CB-orange_percentageDot.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 1450 		2 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-orange_percentageDot.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
786
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 12:03:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:45:39 GMT
beacon
ce.lijit.com/ Frame 3AD1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:34 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6473594757881&version=m202307240101&ct=76&x=1&cor=3211120157186798600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e33341002ceb1e806be874b256aa36f14b5272f46e87c25b981756176eaa356b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2512
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%224caea4da69820a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697414208&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 3730 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
45e1a77f0c14862195e079cc1747f653d2d982fbbea50042fbe1b611ed91d1a1

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
170
content-length
10150
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4889197c0549c4462dde8b20537e02e5c82d3a70cdad916e8fe8fe754017a3

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPHtDa%2FT39hZscAXkzWUrMpRDg7rPqC60Ahd%2FfF3GD8PCOykQFTCa5BS8ytXrPlfAtUuLMTgYlgPLK7Nr3UIStktpiYS4VBQ%2F45YPDyQoRJjgFJsmWVAqJHcW0mnwjU%2Ffm1Emsoi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c176b284541-TXL
alt-svc
h3=":443"; ma=86400
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 3730 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22144065145f71d9f%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=f151cd0b-5283-456b-9203-a9ab6065a8aa&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d7e6b82560e582dbd606cc91e9414f9d8e4f242d59f6c7b98f7801af686df4e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-129
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=163e64fd0ee3daa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.15990197535191641
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3adca0aa424267c00d210820a630780848f62da2eb1279c8c45149de717f473

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4BF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9025981787875&version=m202307240101&ct=76&x=1&cor=17203417659828976000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:34 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:34 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		94 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
9711f52ca474ea2f19631f302ee2161cc9fd0299fb2de47ec1d090f1cae30f4e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-1%22%2C%22callback_id%22%3A%22222ea40e1040d3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697414402&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 3730 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22241b341a7557793%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=4a7b81d1-6924-4abc-847b-b5768aa1d54b&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
845b4dddaec1d29de20289db249856b9f3da41f3b1bfc640e65d1a3db71277c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-59
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3bfbaa43590a528409b9ad9ac810ab9e53c355ab05dbcd0a6a1679e8c9e33d5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCvfUtzdNiry3Ut2r7OnZnDRt4GKtKvKW8tMw53qJCBxuQNS0wrcu2Da1zNzJF4Q6Q4NOEbWdINjDbESabgnWZ2w8HfWohKL3KKbKbnbp0M6NS1PRRgicahm%2BxceFg2I0bXfNUHV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c182c934541-TXL
alt-svc
h3=":443"; ma=86400
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=301ff40c11721f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250b_desktop&slots=1&rand=0.11559088207426527
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
66e02c04ad63046e0d0644bac779f1706c6560b94a6ca44c3674fd88e9fb1d05

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 3730 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
f7f17aedf355c66b736420a60cd75ed07b87b8cd7244b3092b8837b4e1e59e6a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
294
content-length
3795
CB-orange_percentageDot.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 1450 		2 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-orange_percentageDot.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
786
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 12:03:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:45:39 GMT
de-DE_back_to_school_2023_07_wider.png
s0.2mdn.net/creatives/assets/4945528/ Frame 1450 		723 KB
723 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4945528/de-DE_back_to_school_2023_07_wider.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4e9a04c9b942a515bdf7d40b23e268ddecf37de3da796e563307b6542b98b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:36:37 GMT
x-content-type-options
nosniff
age
417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
740053
x-xss-protection
0
last-modified
Wed, 26 Jul 2023 13:58:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:51:37 GMT
arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 1450 		659 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18219021426269093888/de-DE_2023_07_Back_to_school_728x90.html?e=69&leftOffset=0&topOffset=0&c=zWZYtJIivV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:26:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:53:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4293 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=889233627218&version=m202307240101&ct=76&x=1&cor=8504431328828288000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-2%22%2C%22callback_id%22%3A%2240f48a9b5a6c909%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697414597&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 3730 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
169
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
50b899edd8876f227d52f219098323ca6188bdd467c059edfb13889780c4ccbc

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2514
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		37 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b09d1bdd80e1cf977d87989ff46c01f9a53ac0c467e317e9d51dc6786a7bd9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIjjkwdl%2FtS%2FQYtGzoK3KN00euhTvdMgfL6WTcLkrL%2B4y1tYR5XJHhKZHALUxOv47oSbnvoK1m6cXyQCWOjrl4NnOPLjkAyoQJ0vkN8EMjgObo3%2Bq8diwz6rQAb6Ym6j8No5r6QI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c196ba758ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
trinity.json
apex.go.sonobi.com/ Frame 3730 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2248567b3f930369a%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=428b87aa-a030-4f7d-a7cb-745ae84cbc89&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3bf1aa115e020a3438cb03e8b796feaa2c4dc6158493e2cc41098ef7a0347df6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=521fc74c2b11b6b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250c_desktop&slots=1&rand=0.6915489925958751
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
653c028c014831ea765ae7ef41cd60d773bd79b1004b30b8e71cd394fa80670f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=4029100208242466&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=2887917928&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697414627&lmt=1692690214&adxs=353&adys=1331&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=7hlk8cb2wtjh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D56a167b4333f91d%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.00%26hb_adid_amx%3D375cfa159723d3%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D368afceab5dbebf%26hb_bidder_sovrn%3Dsovrn%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D1861dc3145c246e%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D368afceab5dbebf%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=1246821082&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c594bae6a9c6aaa5a6ac1b62e8e59457e97aa2b31202aa46548c95b2e1f9c98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12099
x-xss-protection
0
google-lineitem-id
6152679480
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693534
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3730 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4af8775c0fe4a0f6e90f99800a7829e7c63f84f4c378bbc7cd190ae02c3750c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11865
x-xss-protection
0
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3730 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 09:43:34 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame ED85 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
b2YLc5w8FpkS_Idr_vIu6sVtvqQyYRLCgDl4dvEKQwb86kwLnF79mg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED85 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:34 GMT
g_pbst
1x1.a-mo.net/hbx/ Frame 3730 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=300&h=250&bid=58a0a619eb69994&c1=banner&np=0.01701&aud=34d343773ee78c4&a=div-gpt-ad-saambaa300x250x1-1&c2=hb_bidder%3Damx%26hb_adid%3D58a0a619eb69994%26hb_pb%3D0.01%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dkaspersky.de%26hb_crid%3D2676%253A38735235&ts=1692697414841&eid=59ae98b6eb42bcd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.136.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-136-125.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=2340955036711204&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&didk=2887917929&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697414846&lmt=1692690214&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=wovud1isibxs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D57c666d99816621%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.01%26hb_adid_amx%3D58a0a619eb69994%26hb_bidder_amx%3Damx%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D3878f3c75deaa6d%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D58a0a619eb69994%26hb_bidder%3Damx&cust_params=domain%3Didrlabs.com&adks=3215044782&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48480f911acc8f4bace080eb1eb22e64df0d5320560dae2534017bdb309e358a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9437
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:34 GMT
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-3%22%2C%22callback_id%22%3A%22628de29d63068e5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697414853&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 3730 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
99d64d91aab34512237063c941f7614a0189424cfd02579b5f49b1218c8e0ab6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
118
content-length
10076
trinity.json
apex.go.sonobi.com/ Frame 3730 		729 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%226643e62d47e4789%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=e39dd012-35fb-481f-9f36-5159827eb8c6&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5dcbf56ff912e3ab5fce9463b5ea4bb5d0a1732c8c562aa09fb4309143013420
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=6857850aed5edaf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250d_desktop&slots=1&rand=0.7235749391391659
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d80d3835e81fb67c6505c8314953a4a2b1971af5b396e49e8b1160f6ac4c5329

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fa381852708f193d24b4f2c3afb63f23a2dac31b09585653871b9095d652bcd4

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2512
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8f3efb337c0ffe0c8b17ef20f3de50385cfa4b210dd61f9fdf36bcad4ffb33

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKi9OF9qw1pAHFgnvH6Xa1v9eGTZIYr3xzZKiGWuXVTZsYZpwDLuEBTQWT4HVpYNkXGX8EIXZltfWF8WcGpauNDj5CNSiY1wreJHQ%2FwAqYRIb7pHTSaWR%2FPnHEbB4rAn6gsdXF1P"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c1aff0c58ea-TXL
alt-svc
h3=":443"; ma=86400
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFF3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 05:59:18 GMT
expires
Wed, 21 Aug 2024 05:59:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A038 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab5c84df364a865e97bb1b3957f03f65452949925bac4e5395f1b70369bbc58b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j_-hhBY_pNOZ5q8Nz2Igew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-j_-hhBY_pNOZ5q8Nz2Igew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Tue, 22 Aug 2023 09:43:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame ED85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvobHr7xXijrAQwyPxpgdQQjO1-rLUqZod_75nxPWsSYui5jHTZ2SkkATvlqKDQhoBWHx6Qnfr6D3bDnTYvhy2EjIftf7zcCZVHtKaQWNQbdBDbaxbMgkKK-TIIEga1PX42Fzu2qaEQ9CdR2i7yChBbn9rUnTnf-CYVGfhmKflSRvZab_lHD3Q-r7PcUh3szn_3MKBXavJuubs5m-E12aUf3lVNHAjLBGBlnpl_LL8sUp_7n0UVdsPqOI_OXFkr185RXuv5OLEiNPTveBGl9-NOgWFdqLj6n_IeZ9ovVBit-slzSx2LJ_mrk91THep-iBQ_oyY41XDxIjexFRA4xFBE&sai=AMfl-YR4znFNZ21NOb_2_Qfdyn5fbHRYvvwqHJHbJeG71goIfgwFhliPSLEP-obVccDOwz22VZqjKwUp15rMXD8SYz5lFE42uAbpizVCIcACoxpSIQ1-WaSzbV52xQGbvQ&sig=Cg0ArKJSzMboqYVzFtVuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame ED85 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=zDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/fra2/0/bd649237-2aed-4d2c-a581-b739fd3682e4/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9f99d1c613e06ab5833886d0befcc3c522b2b49ac9df6427648bdfd82ffd772c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
928
expires
-1
/
track.adform.net/rtb/billing/ Frame ED85 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=38735235&rtbwp=0B180AA7CA362A19&rtbdata=zDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0&winparams=2_gWFNFUk2lxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmY6meKuQd51cFOBNon7mYQNpCBKuUw0J-JTmKJ0v79DqHMVpgi-PhNVf62DxHGrK_4BRpr6fL2dJ5y-NmNvOIB2W3OkdmJVho0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
bd649237-2aed-4d2c-a581-b739fd3682e4
beacon-fra2.rubiconproject.com/beacon/d/ Frame ED85 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/bd649237-2aed-4d2c-a581-b739fd3682e4?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=15&e=6A1E40E384DA563B8F5C5AA93B843E3BAC0E99404CE3EA2107440EFAC09961A7044F2A85447982F964E2E606595577955FD5B3BEAE3486BEB6B37B665A9E662986CB070BF62DE7D2C5E174E8FCB67C07E4943CF3E5BBA510F5997432FFCF8E395A34CE551E477DEC57AB92806F53E7465241A2202006B4718827CF6E7F3A5314681C342F9586E258C906E3D99347F00CFC3BE8685EBA97EBADAB465A5B3F12B6DE603687CCE898A6A82ED7DF28CDF1955066CF81C97420D4D2EE9F0185599CF79375B7F4DABD266C
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:34 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame ED85 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LLM4C3U8-25-F6QO
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame ED85 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=idrlabs.com&pn=%2Ftest.php&pubid=Saambaa&v0=252623
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 22 Aug 2023 10:43:35 GMT
impression
vap2ams1.lijit.com/rtb/ Frame ED85 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/rtb/impression?i_data=Fz8wl_I-AsfptR7JIIgCKq-9g_QD0Cn1AuNEjIYzWnv-DcQ4bNTi1XDPXvuHUFARn_8nwGFE7GwnIKWjqeHekoX6d8GnF6pb62vqckaIBkSsfFLIsdyQ7JdmSugjMUW1Nw6CoS4lGFVmQFJyQOVY75eO7y7GHq29SysBHsSx4AJ-RecrH78S5hQSucEUW97GPLq8SNONqhnLTVqX40-g35ZYj6eNTWVhRxXd4PkRYneaQOvDHIMelrmb-VhkiNXEDrGhMA8u_rwgy9Lq2tFxGTxAhwog_saYaajeMkGbtbcKczlVbRKlLd3Ii9zqGB9s2x8gKWISEy5NYlTJNH_DkQjVX7dQCqN_S9uYqaagHDSd26onTIcK&bannerid=209348&campaignid=3387&endpoint=PREBID&prebid=prebid_prebid_8.4.0&rtb_tid=0fbb84a8-b36e-4f58-b6cb-f481198c25b8&rpid=80&seatid=2676:6896&zoneid=1063593&tid=a_1063593_bd59c8ff70f3459f8102fc05f6183bff
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=1431367151107512&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&didk=2887917934&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697415038&lmt=1692690215&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=dth9vwlkilcq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D60eafaff7ed757d%26hb_bidder_rubicon%3Drubicon%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D7835a64eb82963%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D7835a64eb82963%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=495745907&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bfae6151b2a1bd1d8f55a86916cc63d370bef08e0b8e6300161f261ef70cd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11673
x-xss-protection
0
google-lineitem-id
6152679480
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693225
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:35 GMT
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-4%22%2C%22callback_id%22%3A%228402e6833bf19fe%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697415049&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
f2c0a00b14d6618a1437841a1d09241b97604cbf813f8e33a17733259e1e75e6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2508
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0c7784da83b7c09d274e55a72e3fe27ec982118b8e3883881c1a10a8f9e226

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI7maQJUT%2FTp44eX0GGTFw1kgvgfAFH8PJ7%2BTSbvuwLDzNjqKhou32C5YzpmvObtFKlZvLxPKFZ62LD0lqdRyC8VKhe8wF83SGioX7aNDDTFtvTySNZyv23NF%2B%2FuggQM7kd3eD0P"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c1c297e58ea-TXL
alt-svc
h3=":443"; ma=86400
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=90f97add5c29b23&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250e_desktop&slots=1&rand=0.5011405215620777
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
975e9c742feedf22b400e07f9b4cd28f5d19f29f722f928e77d012df4677b1a6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 3730 		729 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%229280c2b3db63f9a%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=fb5fceb0-ab54-4118-b5e5-e4f913a5be86&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
34d9dde83f33077cdfd0d8eeccc789a29fd5008680f18b0ce218ebd241379a7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 3730 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
24
server
envoy
vary
origin, Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame A038 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=3480316725653984&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame CFF3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 722A 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465504
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6hR1YGIiIZEO2mUxvEsYgKVvdh2b78hv5uxjNXN-a3tgpzTFT8UQrA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 722A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=458388457577793&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=2887917935&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697415212&lmt=1692690215&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=7xupjthp87qz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D984e501408a0365%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.00%26hb_adid_amx%3D8066210e36513ae%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D100b1339360f233e%26hb_bidder_sovrn%3Dsovrn%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D79df32be3d24ef2%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D100b1339360f233e%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=965386203&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb2b025be42f833d4f14c5f81bef7bdb1bddfc9d78aecf939a2ffc858a0cd5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9431
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:35 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
05fc23dbc5ee26062ae7e86a29ab744250f3a650b9e309667498dca15796b250

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2508
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=106fa0970a5626d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250f_desktop&slots=1&rand=0.7145295934240623
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b606c8b12559dbee078ecbd384cd6e294b2173ed63f3630083cdb1127327715d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 3730 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221082be2eab0b1e1d%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=c5ac0ffd-aa30-44a6-b426-d57eb2d1af6c&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1162d608167cc4a3218ff8ed6015d092b08214934297b6ab3fb2448845b4a637
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa7c961ccec2b406c1166ae70d355aaef8ceb59b36adfee65c93d58a7622f27

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsATTpaSSF9sdQ5GIJn9i3Nlx8KXFyKlHdn%2BQ51iT%2B%2B3bgfIBK1PxWiE626O8xFhCDiJueGgp4TxEwB%2F4dUGaJY3IZY3q3cTrYL2UrdoJ4qBy1CurxaC61J0p2HnYrKBCqQOz2ka"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c1d4be458ea-TXL
alt-svc
h3=":443"; ma=86400
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-5%22%2C%22callback_id%22%3A%221144b67e6999a952%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697415228&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 3730 		21 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a48d30b646c02d84cd19901e982551534ce550613682ccb678ded7efadfc7e93

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
132
content-length
13905
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame ED85 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:16 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5867 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 722A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDGtkmYZKVQv0NsjQDO7H7y5GEUjLCEWj5rE9j2aFsh712CAgmfQ_goJ45Ng_nTxpKCbBi8GwXGuAevW0EvFdS8PQOfASPbWQEI1H4cEXe2TnpGa3I3pWW-_569kjda8G6zDjlbpwc5HZDePan6RG3Fsbs3uCf9vZHl2It4htGgCVHPACgmhwy98epS7NmCjf4jz2aTd_ME5zxzJpdsi5WWTetmRgkpHGrK3Q3nWZMo6iHhfePcQmyKteht1ifTbzyDK7146YkbvlItcKI37dVXzEzM8Od1xSSMC-EamqoIM007dqZx1C6ERY1DQkMZW3DhqUYmtwbLlAKYOSBXhI98A&sai=AMfl-YQsWM6uiqcwsxrQLPZzUttqfRXIZiZ9ZcrkUZvzKc0KgBn-DBtWbMmX30T7SX5yCn6ElUGY4cwdVwG_dLV1k5edF7D5J2fayCNO-QDn5pkRt5KKlAj50jjBYzaGEQ&sig=Cg0ArKJSzEPV0I_QAb2JEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 722A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=Ld4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/068b33a8-dd5a-48b4-8c03-6e95cc7c0040/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30ccf684419e3b1df5191aa52c9f284e8539531e53e4c7dec2111c8d4adaead2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
919
expires
-1
/
track.adform.net/rtb/billing/ Frame 722A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=38735235&rtbwp=0B180AA7CA362A19&rtbdata=Ld4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0&winparams=KTd43ybKhpRxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmY6meKuQd51cFOBNon7mYQNpCBKuUw0J-JTmKJ0v79DqHMVpgi-PhNVf62DxHGrK_4BRpr6fL2dJ5y-NmNvOIB2W3OkdmJVho0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
068b33a8-dd5a-48b4-8c03-6e95cc7c0040
beacon-ams3.rubiconproject.com/beacon/d/ Frame 722A 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/068b33a8-dd5a-48b4-8c03-6e95cc7c0040?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=15&e=6A1E40E384DA563BC1592798EE497982B0C107F8EA4F188A55B1D30BE7C0A2B39166F226C217F027F5B0AEA86095A9B07B64F388DB70D0E9202E8D7DCBBA137B40DCF3237ED9CB6CB322CA6CBEE317D38C9E2827AD9FCE9B6254FBC0A1D58C18274F2D03AF81379EEB529D0FD8A7124685516B53660CC72DDE707A9E045D31BC9D83A59DD37AF6B97E625848872D964AFC3BE8685EBA97EBE99EABF93A65C0ECD0AEEDA895257D19F3ACA2D47A93257B70D611E709D8FAA734FAAA46F77E6305589F4869C5A75D20
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 722A 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LLM4C44V-U-AAA5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame 722A 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=idrlabs.com&pn=%2Ftest.php&pubid=Saambaa&v0=252623
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 22 Aug 2023 10:43:35 GMT
impression
vap2ams1.lijit.com/rtb/ Frame 722A 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/rtb/impression?i_data=cdA4QI8LCyI_zW3U3O0qQbQzOiU6V2834xm62NGTQcME5cEtFDhllNETdwT2GW8kmZ29CPhG2qYj_MBvd9XzkNNPHN7nW1twTLo047KkFxx7DddJhxWZegCrt7QUxSAhG-6w93fddG6rK1UqHgUmX1fboDe8KhqILmdP7vVey7rXAuJYUSTyuf1sII6lEKci-CeJu547E1GLWY4pSkJ6KTmP-OhPdkv57Rmex5o6c9pffTHGn7TkHGCPuYbukQuTbUklgT2juSP1aKWHRDXFivNBaa9k-immqOjCFepirLxwi5l3JSAM39CtaFKSbvccZ1_gB5UP9sqJ1c2d9KTZ6VmmoMazb_iPQ-Dk-DPSH_AZR4WnsqFPuQ~~&bannerid=209348&campaignid=3387&endpoint=PREBID&prebid=prebid_prebid_8.4.0&rtb_tid=58a8fea5-f982-485b-bc12-c9d586c11188&rpid=80&seatid=2676:6896&zoneid=1063593&tid=a_1063593_ec141f0d5f094fa6953499be8cc51e92
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=2978429189982774&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&didk=2887917932&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697415431&lmt=1692690215&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=sxgy634dlonh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D11848333c7abcd91%26hb_bidder_rubicon%3Drubicon%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D1194fa2b74dea219%26hb_bidder_sovrn%3Dsovrn%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D99a24b1ee94a8ff%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D1194fa2b74dea219%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=2460199046&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9b3055d701ff3e974f3144b5ef38af3e4a2697499f658fc11b4eef078bc2f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11658
x-xss-protection
0
google-lineitem-id
6152679480
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693201
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:35 GMT
c
prebid.a-mo.net/a/ Frame 3730 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ac1250dcdb2f245bf53d9e8a65f6b47194d20cfea008b559b407287dba6ba7f2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:34 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
273
content-length
3743
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4a333823fbbccf50083145a46727880cf677a79008cb676dd0d9c3b88166daeb

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2509
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 3730 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212801b39ab477da8%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=db4a4912-7a60-45dc-b4ab-919c9859ce92&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ecc46dc5eff05f6f501b13e9829361b8b91ffe0aa443f648868034bb5e09d20a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-6%22%2C%22callback_id%22%3A%22130449e266042293%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250g_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697415442&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=13406e4d744f3c7a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250g_desktop&slots=1&rand=0.4613290947245998
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
667db19b0b09e116d423f830f92d38279ded81f0c8f00ee0806db7719fe37de6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194d42e91b7c680ea2daea29135747b1a897bb4bf6fd4b19f559b6eb7866ac08

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtglG6cuSYta3Nrb2re0h9WMf8ZSRI1GTkbPYAIXpj%2FqNS%2BbJlPjx98FhuhnpFb2l5UExXwqE7pwgNMLyniF06nG9KqYWOJYvC%2Ffw9S2atfNvUSNpgkA7Adu8aRCnJuEFJqP%2BfXn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c1eaf3258ea-TXL
alt-svc
h3=":443"; ma=86400
expires
0
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5867 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
53999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_EBcB2xTXHVfgFK1-dcz3ofFT7lG36OBd-2nDsRn_Tgl4K7KdCTrig==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5867 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465504
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
vRMg0AZgwZ8cP4V4BBhliqOYyCztJX_3NFdC4Wx7kzDuZM4rWUkDbg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5867 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkAMnRFIIYL6kwuSAzSnTblDzancybyyDIoSV0XJhGPQFKuAERJLsBMU5xCmu7s4JEYEDuWYFaPqn6xSFTXAKL6xzO_-Zyr6qtJ4iopjCRAFsTTWk
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5867 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14863457318148709587&x=1&ct=76
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5867 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5867 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5867 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 5867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsxRFNgHz_8Tmmy1Y20h33Re5nLM4XirTJH6IjLD9P5hsEqYvg2_vshQG-KMIcJou_yWQu
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5867 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:35 GMT
/
track.adform.net/adfserve/ Frame ED85 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=zDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2ffra2%2f0%2fbd649237-2aed-4d2c-a581-b739fd3682e4%2f;js=1;adfxid=1x;9553;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e2af8ea3aa37a08d84f810dcf6470f036028268160a582722e4058a859539f2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2616
expires
-1
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame 722A 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:16 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
generate_204
tpc.googlesyndication.com/ Frame CFF3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Wva0eQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
r62eglto.js
ad4m.at/ Frame ED85 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580388
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJRAtW7ZXe9aT7oobzzQyrIKJHCj%2Fst6Invg9tOW36feGCsgQcLSp4g%2FwSNKfVn4R%2FvLhaGhzrodVHF16Aij1lGSUbLyThh3WmOj1EQvKsyDHSKuQq3xn52QblrB24IBRQZ4zkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7faa2c204e7e18f1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
/
track.adform.net/csimpr/ Frame ED85 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38735235&csi=B-OVqsmRX-XMmNmSnDIqHIBGUJ84IjoVqS0eH6U_iLPrygPkIxxfk6SIP03OAaNsTl2V7FgnGqoHlcQv_mBVoWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9BA3 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNWZSki1GCiVf8j4d2vn2Br7YQr4ND_2MCF1v-0T63KqZIKCp8Kd4pUSFLG0558yyeQWaDdVz-vUv35wStcem0qxNdEqlg
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfserve/ Frame 722A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=Ld4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fams3%2f0%2f068b33a8-dd5a-48b4-8c03-6e95cc7c0040%2f;js=1;adfxid=2x;6442;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ca8cccbb32fdf1f964093bba0b69bf1d405c23fb2e1a29c2fc7b60d12252d849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2613
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=2837557248102953&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&didk=2887917933&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697415665&lmt=1692690215&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=bbest1fgutxy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D1402397371ebf246%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.00%26hb_adid_amx%3D139bcb00db5a2d31%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D1381078fed30ce2f%26hb_bidder_sovrn%3Dsovrn%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D120d47cd54842038%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D1381078fed30ce2f%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=748357368&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb3cdf5c158000365fa62ff170928fdd22a3141c78817366bea4ed5592431fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9465
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ThirdParty
s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame ED85 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:16 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:35 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
9111c0d4065d0935e3883d8191f106ef4e723aaa5c08063c38b077b821b8eb06

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2513
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 3730 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22149f14785137c93f%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=2130053b-5014-43f1-a4d8-0c88223cb79f&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
74a21afee5c8eacd2b98550b49f796d4a70865f392ff4f448d7f6c3c2140b6a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=151b950f657f730e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250h_desktop&slots=1&rand=0.013267174599984388
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ad14f309038516b756b52c13b92d27bd06dfadb52919a199eaa33e5f7e54f34f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-7%22%2C%22callback_id%22%3A%2215342141e00cf5a2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250h_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697415687&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 3730 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		38 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e56a2645e4390a2d026215f24da8b6e869127efa686842d7892d209126a62a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTya6TZpCDbvD6RnkvwPahcK2HKtdU5x8unTBmymulX%2FKbx0ENC5K30t4vA9RyVum0aZFxphpxsSehuG4XeII5CILQO4DqZMOPn7xWDoRN2g6jsR1hs0Dc3p4elBgXlsJ4Qq3Tax"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c202a6458ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5867 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=162066837841&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5867 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=162066837841&version=m202307240101&ct=76&x=1&cor=14863457318148710000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5867 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUvFr7YE33WOMwxhtHYs0o99dtDICM430k0RU7mvLCnQDPDskaIyPIPTpDjYj7E1DaF2B-UR2ElJGhbVrA9v_k1NPyBw&cry=1&dbm_d=AKAmf-DXbI-TN2Bs1A3mCQ0recEDCZ8CbZsBZcEF6bXWg5JlWI-I47a0Ir2pfe8NXxcVb_3Cz9DdR7DPjTXI1sJonf99hJtzQP0bHsMUpadjLNgctcsBCHAqqM03jfDu1i0iN1AtYJsAGLnWKqYX8IEDM9bu78lRBi2lwbdroG4zD_7FrkyX6CcjeOCK88mNT1ZdWZ_0zLJVMNPVqm-xxBoMNOBGS7uF1OAAON0W4aKBqFeJlkJE4KpynlxrKUl7vBL3IAO77IhqvbkHH47xwgyZlvG5ftD_TYeTnuvqyqOBuPdJ5CIsUNB3fqfd3jJmAu9Ye5lDoSWSOMmRL69EGCTYz5t6P5dg8Qd93QjncbTiNSxnM_CZsPae6c0DykT70u2isbUhoONVwXw9oMF9ziqs_QKTFOJdZDCaLprGxr9novbqLfuvxsikueoEhh_cR7Y9Z5h3nyqaquW-HJVG2-mp3oHkLd-jxIA5-BGdMjhMPJpeoHgT9P82mTLVxpAM1OHE4LeOEQHuoqP1eJc3mYB7jSYqKMKCdqeRauVg8UAbWLxLtXhZf6_Mi05Ct2GFg1zVkRJWSY7H85FnKRLQR77vQYf02fbVEIhehLtwqn7ZoneDmJYhTFi0mNGiGKy2GmiurtpjndqwnHvNuEa6Wlcmyl5b8VHYZd3yVms5VLF1WwGWMYyGZR8aZ0AL8tRE_vZIcq950xO_RoxWqcsd9l6ZfmegPd4qJ0_rrracXOcQreE-Nx_MZyzURIkNmp51n_n_ffDnllnCuTVY65fgB2s8ibogpu322pN3Cgy1TxJIEtSYG4OGzHvm28MQU73jKepbuwZWKar4AlA7gWClIdCdHb9kIUpmWL-rR58jCQrRo7zCz2jRTn37Kfh-OIGY6pU-LsKUlfQjtDUrTleurLdMRFYAeGOJOb-f3R-pBWxdjMqOiaWwhsDNFHiV154Hu1mBeHPHrVbhS_ZB_6whFemJ0n39uH6QT5x1Sh59p4Kk38k9kzOQctTUoU5i3ToehEkbwPt9QF9x6wqL-mN_D6-TXytPkmZFiyrVfVPhNVByXwPn2Wg9VsuUztbj0t3nrVVXFU9ShOIJdWQDiJJXPBl3JrW6OPb1zElPmEAJJWyG4bq99OmIueujCjhfxggn5_XIN0DUKSAImHNrKy8Mi4QZr5gRlPDwwXKCTTh_3vO4QPyBzalz6tV2kBGEnno1PKkGB3EXDC5lfaksf8L5xgWXcStyThIYEkaaQpb6Ntqzpbrv_Y8T_RoJnvJAWq0BsKgci50DSNpwuYfE_e_OFWa5RfAm-Th3YCNWLChQM4ptCRlqJAvVN-Gufju1NpuZbSukFzWNKSxYmYhn6mUavvvCW2TQ7PV-7a73P9UVrqgiGIOdP5_isQng0haZdFTLSP2MXY_i_1Tr3mSalUInHIoRzbs0miSizF7_JYk6LaJ3vP83usDciaPAGkFjlP2hrkUoRFWa_YqNcvmc6hSVbFFHWSbc6xqRt6KEiKfXijU38MjROd3t4lL50A5UKcdyWyyet3XNOny5T9Se1BSPc-sTwGUSiZ_m20Y3HZhV7OGsYw8tQvNPFUSCQTPnbj0VJqWNEvwimWVzvBj2rGhyb-7OoM3KbeT6_cZHigvPiVjZlpqd9zFL6Bn-Xqh4wMnUR3__5n7VhAQAnRQeaRMScqt1dffyrLbf1rJDJUaNiIBTLBeI1CJH7RT_4zSDVEbzmrp7J6s9K27ug5tA_G7JQ1s3GxAVtcpaU85KmY2MvWxnovtlli1cqC8uiCE-zYcrxPpC77-OIjttSHAQ7ejBjadqZNHhOgv3vNXCRrQgpxJVlGBFUEDzzsbjfNwISCye1_Uh3jXWr8zhidkfF-55mRJ1ikMtRaoA4q9odJKp8pEjgZUEerIAPQup52U1xbjErWfO1TisZ6I-aruS6YoTwWxXEfRC2EJnwCfyOO7Mca9Ju3J1-bDdNCFKjA0YSsUE5f1FjZqudnQhVVUwJKvqZxsWsxjFUcuPOI-Yn602fy4xbS3KoJvuantI8WEyMwtrkMwXJdAH_6_WIBot-Vqnx2MZDrPCNGOoBH-HjD4wtp59KKCpFfSCa700CHTYT-PAOFVboHhjT0BJLzQ8jPj5bENHK4_E8R-IsPl1BZayfN-bO_SWQJQvqeGnXfJYVpLWL-5VXXbsgbugxH27vKIWt8ll2CuSO9NlycBQtGywKOt2PoTMkMTvHvpBYMZ654061kCZlYtW_InlxIv94ZqIGK50qAYSnoifom_my7wdATZldMwZvEdBA2BgpQQvJKh7fb0YCCSotFX6uiAuKUKZuZ1_srpQIqbOxKvSjcRhKgqkPR_6GGD3lQ1-xMSYZhttZMvKKhQulT_7Gyh2KQXA0ieCwK7-AzDXCbgjXJPPBKPEXTt5TxGTThzfYAMn5IfroIhQprqe_hgiK2xc0kbw9aybv7pwwSjjUpXXCFEZsu4RUcrI9ngqjw0BztHgQfJSOZwpDC9U6SI-d_Dit3KjfsbkIiRHUeaeQHHNro-98DcThk-Oekt8V34SYQ8eGGymg4ksYmsVRKNcruJRoks_MiwMOcDbOGT5uLSwqX6v5PdApBvjeu7LoGjmiGWAXhcN8aERxG_wSzL_O4Id4yxAaVR4ZZVCEPF5cwhAZdgccY1umWiTB9EUQPmzGDuEvkKE5KbgnXan9I9Pih7hCp-2HYwNwj49Bywv4FflydQDMjjjl_1dWgFVhOcolH4YNtlOwLAwSPJ44Nq-2Yla3pEejW7yzFDATEDlbBNAYNNVtgpee4TKGYbSsYF6V2sSdenbcreC97cxJKmWV5BhLqKmewqDfYb5dPCnCnwiRbm0Vby47dtQjvqwZPRzkmK2W4aKBdKpRivgOe5tvUU1Pa4MTEIIkeg4yiD8WXIHfOf4VN5u-SL2Ct0skIDtR6UxhgKA5Y8fjCFLKb6snsk2JYjH8rmjuwiPiVZ0-Wckbzg2koDSjiM-MRbyoTRnAzPvK-UXgq3DEAFdw_jk4rbB24nUi-6WD_E6A-99PX6Qs4R3NSV-J5-rNYQl-b-w2bA3Jc-6DPY7z09pL5bHBCWVrs1gYWQbMuQApH0AyROerxJpH2mVrRFRibIDnjBRkB3w_x-n0ePyg1wF4g-MzRKPnLryWh7slySVC7IyYXLdg0jGjZEY2zn7lr0okKVhE06K1uQlpdnAxRPB0AUmGzxaImDR7hS7s4GxIHPX8T6YyDZuP1xvjEwBXLUj_6-J5P-8aZV2UIy2haRAD7OHYznGWETrw2c-QxnYjRyKyL-iugmQLlyO07bT9k1HBtOCThdRTwmwvMd4ZkGwYt3-LIG84JI54I-h6aJ7KVxQMOSHrOgLvOV3mqDz66GECt6d6Jo5mDUDGzy18NtX9yeVPdmEoXZ3r0injyjeuBstYOt6PNPkduowXUTO8WwmfnQqrmEd1jw0LPeC_uC6oHVykDr8vWUEIB2TBZ_Bb09purqTR6x5OVyxKPocEtfDdggJ5WvYfyPScF-xE4p3VzVhwvC-5_bEgHfj39k8iNBh2P21313FuX-6nvjL-fZDKjdCF8imymK7WIrYeMDLNaW4iohC8ebWwbesO14BIdVLEA&cid=CAQSOwBpAlJWlw23R-Tq27EQDi3xAw2kOIzbHk8AFPeCEL1XbOJm3GgyCWNmmytP75tH0uQ09mdy5S2sPdAAGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=14863457318148710000&adk=3716481599&idt=146&cac=0&dtd=73
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9d6b53eba48ece4f829cb36086f27447016991159182791397e5c9464fdd2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36762
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=3861737914035594&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&didk=2887917922&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697415790&lmt=1692690215&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=8mu0oq8mjoke&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D143560356aafe623%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.01%26hb_adid_amx%3D16188862979fd0e2%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D1415cd180b6f8442%26hb_bidder_sovrn%3Dsovrn%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.01%26hb_adid_ix%3D1425fade6aa85856%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D1415cd180b6f8442%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=2511409325&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
637a07dfcae6b5f2a79814a4c031d3f692e021fcb70011310437377226f7c071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9388
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 722A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580388
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNGdtKuWOQ18tcNQEmSWS3lXUNStB86MGCb1zOMD0u6YP2vKykVzax45C%2Fl2ryo2F%2BzJpag1rv9lM9fUJig0cGtm%2FXHlx5hUkgjoG6znrciomKXMNaAA1DdfnK5n7pwTmRTjb9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7faa2c20df7218f1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
/
track.adform.net/csimpr/ Frame 722A 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38735235&csi=2nf3qjGr-y9DMtpZ9YcKfxs_gf-JDCvVqS0eH6U_iLMJDwKV3Zer3KSIP03OAaNs0cO_hLufTBO5jsL3wwaalmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/jsmetrics/ Frame 722A 		43 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?sid=276&rid=719&cid=82004&adfserve=140&asset=45&deviceType=Desktop
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 09 May 2023 09:46:55 GMT
server
nginx
etag
"645a168f-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
usync.html
eus.rubiconproject.com/ Frame BFAF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:35 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame ED85 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB-FnvZgB9a36uCQr9DRsf3ixV-lgCE9xx0856sOoZq3kjqXE-SDs7WQolXG3Zs3Y706g8ZhCwbvcNBibSyOv3x3ZI6If7NfkjVGSZ90l55oTnomViqZuRb31opcWUmw2yuUx-F0UQ1PL_NPZwDHLbPYjOxV6YB54-T4GsvOp6MZT9HbLAea7cW9BgQjaB0kYX8ZrJOX25IF4TCQ85PAjOwZ61b5451fTmg5z18kny7uhuEitRUJqbuzsCVlCOEuc2_juMtYA00CFMbGMcA12KCfWlsgY8L8CxCxaya-9ykiRfUNaKLHC1eURgEya378FieiV0P975cSAU0esanTFozXw&sai=AMfl-YRELGcfTe_IT9P7ccJ9WrvNZ1BViVZ25L_4aFgGZAqud_EtBZYrss1-iFEljTk13zT1d85aA8OueRYl9rT5qmsWWtPckW7Swa8Ez_HU-kuJvA3lcgL-tzuaR73d0w&sig=Cg0ArKJSzB6zfhgFYDzEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:35 GMT
truncated
/ Frame ED85 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4db8f5178ae4aab885bdec1ab51661bc25078e8573259ccbfc57de5dcf0ae1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:35 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1632a89e211155cb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250i_desktop&slots=1&rand=0.9016377638469515
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4b889539f97fcc7317531b3493137e3900e470596267b045793b69f2b6840387

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
7f70f45bfb78238cbf8aa2c6eb426591820a2d2155e5e804b6631aae0daf7491

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2517
trinity.json
apex.go.sonobi.com/ Frame 3730 		730 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221671ba8b0a36b01a%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=5a780295-b19f-4da2-b631-0fedde80a920&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
12b0b9c13e40e088e48ba26db1ff8ece300ac31ed56a7e4fe66a3b1f3febe5b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
444
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-8%22%2C%22callback_id%22%3A%22169bfc92e915f5eb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250i_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697415840&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11e1bbe35889e65234470a337517b20a01e786d601596cb9a1ec0cea237912c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RgwmdM0Lna0AwirSFzEZzVSZ%2B2RWFAqBdrRImMpG5sCXvprmLXsv1yLUoKowX0QbV77laV%2BlZVpc56A5DbC7J9Mj2i3hZPdOXqXgfuksOjWnwntHvS%2FnDtbggHLmJ%2BFa6jc32UW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c212c8458ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame 3730 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
bd536d6281d3e54924e066466f62e03149e0d601f36d9ab9207a413a73b33d93

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
133
content-length
3807
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frame.html
ad4m.at/ Frame 3702 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
385212
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7faa2c216ed73631-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:35 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2Fwj86rZxeaiPwtOtjGhAmfmTNReW1giGfGwyhibl091WkdjJfF2YmFCSAj1ZAfgtYs4p9KBy7AiSojoOjyfanCGiw3%2BA3Xa%2BTpWg3qySfx2wpFfGzHLLzWILX8%2BvbpctcQbV%2Fs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 4C5A 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465504
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jiTMIRZm5cP7yMu5WfDjxjaBhzQpVxZYqEgcm-Uf4WkltZjP8_rjHQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C5A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:35 GMT
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62E2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ThirdParty
s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 722A 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:17 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
usync.html
eus.rubiconproject.com/ Frame D678 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:36 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 722A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 722A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO5uttbY9Z3PNiQ92qnPQvWLPkB0Q6UiLLDveR6iS1ASvfEfpxrPLFSTiPUnIVgbYPIJij7BXp3kBGiyDNvkmiAW4lpHzvmfQ82qCbI61ReutWVwuyjWIXmO0ko5XrpAPuDcVXrkgGSAjK6tq68NaNn6RIIYzQ75CflDgZ_QIQzx5T7-tAlqdNpOlLi7ypu5r_Ll90a9TdM-nRrO5FDnqSvNiCBOcg5yJ8AJLWJpM1HSIK3DrP2fff9MTzvFzJHZEh2k_zGhyr6_4dnM5G-1YwDqFQLjCwIC0jG0AfdPCyDrEOJ3Z50wzMGi_OB3KCFCPpuXRajPgbMdEPtiK-0w_1Tdw9&sai=AMfl-YR3FCaF9Y7xDj8oa2c6Y-omaW--SFDoz-J1Gs9Vhlali6IoUiFquM2LevWhZWkNMYpFJK_JkVrugGjvhJNEHzOync1rlKq15JJONtp0Wz9O06xD06vxup6_Z_TjZQ&sig=Cg0ArKJSzFQFK18n5ic3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:36 GMT
truncated
/ Frame 722A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38fcc5eeba8ca7c037d8f8052539dcd7e4f72694869ad2354e1e2ee5ba08201a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame BFAF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10066
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 5867 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 5867 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5867 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPh6JlIrzYfBlYqri36wBlylhgPfJmLXBuK4cFoTymCr-mEquJ2D0pn-rMxBMxqxn80zBvUHTriNcIjAr95BX8sOVkW0fEiAi4H3dsaYuxdSrMSnTERnYZ8PJAkpxnRfpOj-okvaqkFnRPf_bOoZ6Xe3cF5KLf9w-XLMkZnqsTaxAmXK2L6NQaXBDhmuhNjX-liw-7034LxO4mrlplyMYpBOycAJyuWSzFVWl9pFfkUBAjUHBfMBzez2_t5yAcN8wbFHIfYHyp3V8iHONkvPhwQsYff1wyAlzvZxlQjSVtA4wWQ0gjJpzQ6SJiZ9peZBmUE0HdDbfzglAESXxC1gL0I8j8FWfQ9Wxq-BsQVGin5XRVKjqUOJhkfK2HnDRukXTU7jfND2FIehqNEfN3_uguI1y7avSBLrJ9UpeTMQ56G03GZRMW_Y1qJDgPnhcsnhs1xLL1SHCaHY0hSjMeIqN4MF2PdtZ3JmT1MYXXwV5K6p7ARN70I_WhHLW7H4CUgEqBaYQa85zbR3y3iV3uUQPuTlNGUHRtFrz_Ivhop-mk6mBtgXdIrpGiQx79FB0R-Suz6YJB9aAhR4xD9iETs0z_NV3aPweKyM2XWbDMtIlLyu2mIbtD8Xm37QANCz9EA1hHyCKY2SVBWZjTvFhft0fm03aJU5AziCi1ASkuSkb5Fo7bRKmfBjIW1y7gzz3mL1CEtxhOjjwXROJDXnfEQ8YqRclTvz5lugDBKzS89ErzHlxWyJ1GCkraeh6OgWWgIByZ4RXiJBSKckNT9Zbu9YjRAuBUKTpcMsOsDIMVEed8ft0t2QG5Xgtootfac0UOMRAWeD6wtFG0RR51LtnqYC8Ziu7mMr5kBAz3JoAw9lBaKnBbTbCjH9MLl_0LW-t4a1lMWwbEu93hgJzbylEk_xYZXacOo02386BgtKmix7jpRNoYvwCBStrBmcn1d0F9eefMTy4KT80lwd3pG4QiifGDHckNhXourTJ6-7BW0Ejp68epIcA0CQ0VgxVFvA-NMK1rffmdKa0AyN_7LI6gofXouikbldeLjqL777UDhK2Du4SO5IFzqxvN-axCSaMk8v6VQMSRK8OHu7vnxQ9rI63wsh7eYfjseRL16spCuv5SAKG3nFCaG1vUlCwx291uYqHN64cQa3RGvUUIe15vfwtWE3a3AxovI_IDahP0LzQCCXcj2tlLjXIa1U5mJZZywBx7D3S9oN4Yy3RRgzi7rQC-xyvC4aJeU4lMcwy3lC2T5-b4ms__06Kx-cr-&sai=AMfl-YQ2IYmC_tWjUiwlFefY1WefnuxG0tLQJEfa5Xd86RY7rERSnFk8iNWU6ka80FzuOLZlBvvelPdjtSQaKbaxj9rmWcHcZpoTHIoKv4L4IQCcbaNP5RC4uYwbvm0MSz5aU36JQWd5LZYTuQUhmEk63JLZFIxsJpeUb3E8NJ9Np6VX64tXaS4ZLsjQHJExrQvyvSdmOAzlD3GQsToN9Nn7YVEjT7T7o_1Hu47BdUrCd_LqLsWBeHHZZ4rzmxhsEvY1JSZz&sig=Cg0ArKJSzFmMeTDJvM8dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230817.85384&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5867 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
12719837213094237995
s0.2mdn.net/simgad/ Frame 5867 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719837213094237995
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:30:22 GMT
x-content-type-options
nosniff
age
263594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:30:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=2057407426677025&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&didk=2887917923&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697416069&lmt=1692690216&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=c6yfolmtcnlq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8%2CAOrYGsniq2Z29qxFh8OCHwxFddA-OL84N_6l8G-1s12flVzdDmTMiH3hL8aJUKKAh53P6ZBbXPs-jdTOL9hvq30&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D179286603a0f6db3%26hb_bidder_rubicon%3Drubicon%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D180b02c90559c605%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D180b02c90559c605%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=3791825238&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96432900b69d27f780601b2d0a7a0419ff81e5f8283fdf536daa78da21ad8b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11670
x-xss-protection
0
google-lineitem-id
6152679480
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693231
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
ad4m.at/ Frame 98DB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
385213
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7faa2c22a84c3631-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:36 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLoG5xy3AlK%2FYCusgUYbajYyPoczNUfJR0cCmxxMOZv0neexDwAYeqe3LSI%2BUpFyz%2F4pp2MYIiz%2BnMF7ueeNP3HR8hmSqsqhMvhR3Kt3hKer%2FA3OC4Uqk%2B0XASzrS3kzoIamjdI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 22 Aug 2023 09:43:36 GMT
bid
ap.lijit.com/rtb/ Frame 3730 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e685f0154d13ea1fe5c9d879386cd2c0b0bc65d6ce393ed4117d0dfcc5dcf2dd

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2509
prebid
ads.yieldmo.com/exchange/ Frame 3730 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-9%22%2C%22callback_id%22%3A%22186d536361c0e546%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250j_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&bust=1692697416094&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Personality%20Test%20Based%20on%20Jung%20and%20Briggs-Myers&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3730 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=188d0f5c92a2ef19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250j_desktop&slots=1&rand=0.8643440011267427
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
133b7a5335a8065c57b8d6de4d757c6ec6742f80b1be2d910a4194db10bac6b5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 3730 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 3730 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221927587a696a7ad3%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&s=87007719-e0b7-4905-9a4b-a2d05c293627&pv=2a831375-ce18-438f-9bd4-0144922f4e8d&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
21e4ff55e50a6a593b0cf711a2a8bd1d39e8f8a600b1d4ae2b35d2935d214007
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3730 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Tue, 22 Aug 2023 09:43:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 3730 		38 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fda6b2907b78f312f6109adb9c153ab966a82b702676a9b8d28a10b6b018c8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwxVu8Gt7e80XVS%2F8ya5SnOTYDmae%2FASNcacmHzU21Ysj4hgdo4SLo34rdZ61ya4r3uLWZqVsgEun10hKKbvL%2BfZlLJtQ7qXJiAhnx7VZXGpOAA1MRr8pFpgNWzDcKIRO6s67JcN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7faa2c22b82758ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame 3730 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6a815019d1490882eb7847a4400207f82ddebf2fea35ff20c043915634fbc54e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 09:43:35 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
186
content-length
3803
usync.js
eus.rubiconproject.com/ Frame D678 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10066
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 6EF9 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
54000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jcNjIvA6q3Twku2mCCh1c9nnIVKm5XeautXETPH9Oo8afxyqndDUuA==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 6EF9 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
U-pM0yJ1mfTUPRcbjj0a6Dz2dJmKG-ijXik5-h9wkLSKDKpbWqlAdg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AoQrzyqwjC-BC8UOntfvBMklurwiqIsdqwXqZRQEEJ53CzIudNSjx0nIVfYYct6OPJjkBerc3chRuyxG3dSFgth4d9YSLIf5ph5C3LuHHVkyMcC_I
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14758159677476303683&x=1&ct=76
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6EF9 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 6EF9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 6EF9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 6EF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0lzYChLrypHMw2XXL2iuqcIukSMjBkYEsiHNhGq5FaELDErNt1xjAjHTXnAh3k5n_7PxO
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EF9 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2671 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4C5A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQAQnTFpB_WbpPrHWGAr6tuMlQXgLoIzVEWjij2i6nIvXB5Ut1_dS3gFHo1xGIMRxXy7asZqetc3vL9CHkNR1VwkJpOpwEaSX7fG1hKRXwDLn8tkhFwDDdYcMAsYeqqxC-5agkgaFeCjN4Lnjd16f1b-ilCSXksPVI4fmbxwH5EtAVTlWbyoJ5eMCavxqBDMOy982f3UfpEvpK7u3yCt-2YWSK184Jay5NndmD7ky2xuGI5m8GmTJVLxSMQVH-iBlyMGRsb7ZyJpAjOlpyokwJwXCtwzSZrfya7D0P35S_DIJdBHE9lUXPXGbZLz6KUvOOQk-9LvNgiVCM1ZerxPB4Bw&sai=AMfl-YQZh4PmbfW-dVjVmtqUe4g-B_s_q8b8ObYymJAFM0x_xMqWZZvM-F0xnWMZ_SCOwJnqVymJrRG08DbYGA7rPi-d7wAOtt2SZtPA9kl6ngDr60ILKZjWqBdqUc7Mfw&sig=Cg0ArKJSzLs84NH5fqabEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 4C5A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=AmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/fra2/0/03ce0bf6-1c24-4b2a-a4e1-431362aa43f6/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
692d7839da1340b7e5dce69eb56235dd291bfeefc1baeb94cdae29ffbf4115c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
922
expires
-1
/
track.adform.net/rtb/billing/ Frame 4C5A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=38735235&rtbwp=0B180AA7CA362A19&rtbdata=AmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0&winparams=_vQXjO6OajpxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmY6meKuQd51cFOBNon7mYQNpCBKuUw0J-JTmKJ0v79DqHMVpgi-PhNVf62DxHGrK_4BRpr6fL2dJ5y-NmNvOIB2W3OkdmJVho0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
03ce0bf6-1c24-4b2a-a4e1-431362aa43f6
beacon-fra2.rubiconproject.com/beacon/d/ Frame 4C5A 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/03ce0bf6-1c24-4b2a-a4e1-431362aa43f6?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=15&e=6A1E40E384DA563B149BDE788D7231980437B4E97E544A20491A124334A3179FEC66A85E64B8F7E4FD48EDA738FC60EC50838776408D06995376E008A0001D08631D18855BF4778BC5E174E8FCB67C07E4943CF3E5BBA510F5997432FFCF8E395A34CE551E477DEC57AB92806F53E7465241A2202006B4711B09259E557519A218BEC1E23F446FC25B712B6AF4141FB124F5207A2458AD77620AE4E4CEE5A11424B76FCBE4C0C6DC6E66BB34CF82933EE670D807EAAD171CC7C0BD8148A6757DCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 4C5A 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LLM4C4HD-9-DAAH
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame 4C5A 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=idrlabs.com&pn=%2Ftest.php&pubid=Saambaa&v0=252623
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 22 Aug 2023 10:43:36 GMT
impression
vap2ams1.lijit.com/rtb/ Frame 4C5A 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/rtb/impression?i_data=1TZI84hyG_X2LuLJc-nCQsYZ40ZZkRw4Zhch_t4btfOvDo0Uocp3uiH13ZgfpLQ55-FQ2Kwk1Epg2FtlLtl0shvq6jq9fVJLo9ZdoVQLO6C9pXR9yQCb16Dr4yml-ZB32UfZAnMAajz4oZ6C7be9dPjaiul20wWMQ8rbDOdfXwhuTL_50Az0AbzEHrIAeBrLMcQNsdbbssdUS8hhtd24QzbgNO0iXX3jR4bF_PLazl_C9b5UQeRHBFC--4ulldsQQKYDk0bXT3UT_zCiHWcze6XXtUNeStEE33VFqft3vqWfpWQ0SmJdvMbk7UmwLqNHWtYbtlefoNlb6j_USxzqIwlwaEKsjB9UvHeCwIVrkG7TYP17H1A~&bannerid=219017&campaignid=3391&endpoint=PREBID&prebid=prebid_prebid_8.4.0&rtb_tid=8d804ce0-c8d0-4a34-b6de-15eb9943778b&rpid=83&seatid=2676:6896&zoneid=1063593&tid=a_1063593_d8238749a63d4731b8014cc66efb6b63
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
truncated
/ Frame 5867 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c22eef4876c572a09ea4f4e9f23fb733216921bc16d61da5fbea7e1e9c9798f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 62E2 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
54000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RJPBmeR6WS7AFhIB41cXJPSRY8vOyJe81YOf2nmxi8Hczd6VwfO-zg==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 62E2 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
iq-oMis4UElwNFAZ1w5_phjXWZ1jiG0dE4xkSi7zCjoihoVOC0XcZQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOzibk_YXC3pz-qpQbqg1Y93t0KjETbiVSbsqiJfrZ7yAmjV6fc59ixlnJdGNdT1ciFUAa-CfI9PZvp6_fmjS4nbeldeSjcTkfRdwXefqY3FomkJ8
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11887853665965441203&x=1&ct=76
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 62E2 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 62E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 62E2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 62E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW2CqDAQFR93fdFf7zCqUS3o0fKMM_POrxhe-AFCGTiIz9YUuGPGjOA3QViuD_5rn1tlbr
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62E2 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=978751195033894&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&didk=2887917920&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697416331&lmt=1692690216&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=5ts29j5llhp3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8%2CAOrYGsniq2Z29qxFh8OCHwxFddA-OL84N_6l8G-1s12flVzdDmTMiH3hL8aJUKKAh53P6ZBbXPs-jdTOL9hvq30&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D1812b9a29c299656%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.01%26hb_adid_amx%3D182a33eec2b23268%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D20003da000bb9063%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D20003da000bb9063%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=2678559298&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15f92fdc9fdd2a5c205fdb6bdb2a51f345410faf73b825c668f771ec25080533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9478
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5867 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPh6JlIrzYfBlYqri36wBlylhgPfJmLXBuK4cFoTymCr-mEquJ2D0pn-rMxBMxqxn80zBvUHTriNcIjAr95BX8sOVkW0fEiAi4H3dsaYuxdSrMSnTERnYZ8PJAkpxnRfpOj-okvaqkFnRPf_bOoZ6Xe3cF5KLf9w-XLMkZnqsTaxAmXK2L6NQaXBDhmuhNjX-liw-7034LxO4mrlplyMYpBOycAJyuWSzFVWl9pFfkUBAjUHBfMBzez2_t5yAcN8wbFHIfYHyp3V8iHONkvPhwQsYff1wyAlzvZxlQjSVtA4wWQ0gjJpzQ6SJiZ9peZBmUE0HdDbfzglAESXxC1gL0I8j8FWfQ9Wxq-BsQVGin5XRVKjqUOJhkfK2HnDRukXTU7jfND2FIehqNEfN3_uguI1y7avSBLrJ9UpeTMQ56G03GZRMW_Y1qJDgPnhcsnhs1xLL1SHCaHY0hSjMeIqN4MF2PdtZ3JmT1MYXXwV5K6p7ARN70I_WhHLW7H4CUgEqBaYQa85zbR3y3iV3uUQPuTlNGUHRtFrz_Ivhop-mk6mBtgXdIrpGiQx79FB0R-Suz6YJB9aAhR4xD9iETs0z_NV3aPweKyM2XWbDMtIlLyu2mIbtD8Xm37QANCz9EA1hHyCKY2SVBWZjTvFhft0fm03aJU5AziCi1ASkuSkb5Fo7bRKmfBjIW1y7gzz3mL1CEtxhOjjwXROJDXnfEQ8YqRclTvz5lugDBKzS89ErzHlxWyJ1GCkraeh6OgWWgIByZ4RXiJBSKckNT9Zbu9YjRAuBUKTpcMsOsDIMVEed8ft0t2QG5Xgtootfac0UOMRAWeD6wtFG0RR51LtnqYC8Ziu7mMr5kBAz3JoAw9lBaKnBbTbCjH9MLl_0LW-t4a1lMWwbEu93hgJzbylEk_xYZXacOo02386BgtKmix7jpRNoYvwCBStrBmcn1d0F9eefMTy4KT80lwd3pG4QiifGDHckNhXourTJ6-7BW0Ejp68epIcA0CQ0VgxVFvA-NMK1rffmdKa0AyN_7LI6gofXouikbldeLjqL777UDhK2Du4SO5IFzqxvN-axCSaMk8v6VQMSRK8OHu7vnxQ9rI63wsh7eYfjseRL16spCuv5SAKG3nFCaG1vUlCwx291uYqHN64cQa3RGvUUIe15vfwtWE3a3AxovI_IDahP0LzQCCXcj2tlLjXIa1U5mJZZywBx7D3S9oN4Yy3RRgzi7rQC-xyvC4aJeU4lMcwy3lC2T5-b4ms__06Kx-cr-&sai=AMfl-YQ2IYmC_tWjUiwlFefY1WefnuxG0tLQJEfa5Xd86RY7rERSnFk8iNWU6ka80FzuOLZlBvvelPdjtSQaKbaxj9rmWcHcZpoTHIoKv4L4IQCcbaNP5RC4uYwbvm0MSz5aU36JQWd5LZYTuQUhmEk63JLZFIxsJpeUb3E8NJ9Np6VX64tXaS4ZLsjQHJExrQvyvSdmOAzlD3GQsToN9Nn7YVEjT7T7o_1Hu47BdUrCd_LqLsWBeHHZZ4rzmxhsEvY1JSZz&sig=Cg0ArKJSzFmMeTDJvM8dEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=305&vt=11&dtpt=304&dett=2&cstd=0&cisv=r20230817.85384&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:36 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 8FD6 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hkiI-zp3ut8ZcO2DC_EQOLG7Htexs0yXVgXcJUPB0wGBwIyoGLBtIw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FD6 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3730 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480316725653984&correlator=3714225720456053&eid=31077257%2C44799390&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&didk=2887917921&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D734637c1f7c8c668%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg&gpic=UID%3D00000c8b5c202bb1%3AT%3D1692697410%3ART%3D1692697410%3AS%3DALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA&abxe=1&dt=1692697416496&lmt=1692690216&adxs=353&adys=1081&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=jduxpse7sowl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmj_jewa6bWFAOOAuO7gODiPWIG_7jV6ZJaeH2hfbrMETcDAPB-10-b9yNkErLuZ7OzQmShzeD0vYcGks0%2CAOrYGslYGHp64aExzb51rrWuo4xct3GZz8Uyw3QgyJQqYvjsfWY4P7zWhUjFpBBhYd732apsORAH6mCgexzqNx8%2CAOrYGsniq2Z29qxFh8OCHwxFddA-OL84N_6l8G-1s12flVzdDmTMiH3hL8aJUKKAh53P6ZBbXPs-jdTOL9hvq30%2CAOrYGsmUttKAfmZvmJT0I0ulchD1xpkTHv691_PfN8f6RvYH1DWUPUauOARExptRKxtnMSLEqLglJuycQ-_wcUo&ga_vid=1807107546.1692697411&ga_sid=1692697415&ga_hid=2095980156&ga_fc=true&dlt=1692697411757&idt=1396&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D20171a1c6648c24f%26hb_bidder_rubicon%3Drubicon%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x250%26hb_pb_amx%3D0.01%26hb_adid_amx%3D202676d9fce2be09%26hb_bidder_amx%3Damx%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.01%26hb_adid_sovrn%3D203313b364feec93%26hb_bidder_sovrn%3Dsovrn%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D203313b364feec93%26hb_bidder%3Dsovrn&cust_params=domain%3Didrlabs.com&adks=3518033837&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb0afe0526b3245ea645c83c5303e522413b98b0633acce4875c636eb8595dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11676
x-xss-protection
0
google-lineitem-id
6152679480
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693234
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 2671 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
54000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kjCa0aI6plGBgY0fHvnOLFsoDo-yhgS3Z89OUKDjphygSc0M5JHdMg==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 2671 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SdAed-ib86hchpHqPLIV1eTZoMyu3I0dsbkGOOoct_mzX9yawme4bw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2671 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9LMoRpZw8qkqaeGpt4pxbv-Xl_YYYrjxj9n6x7jmIYCoQ4H6t5zgvyQ7M4Avafwb_Y29_h-ZOSsa6uE1Nbiy6PcIPEOG6ULTcS0ptaAZRe0-2Y7I
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2671 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1454740938386217877&x=1&ct=76
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2671 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 2671 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 2671 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame 2671 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa3PXltLcRJm9mrnm07YMNTtOJ-8BgkMpdMcabfTnd6CZ5vOZqQeXszXteCb8dsXXstg4N
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2671 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:36 GMT
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame 4C5A 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:17 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame BFAF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame BFAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIk06TxJr5wQ7R32YQEGmiM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIk06TxJr5wQ7R32YQEGmiM&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIk06TxJr5wQ7R32YQEGmiM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZmNDc0MTEwYjRmZWFiMzUzODljN2M5NmUyYWFiNjYxOTRiYTcyZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZmNDc0MTEwYjRmZWFiMzUzODljN2M5NmUyYWFiNjYxOTRiYTcyZQ
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZmNDc0MTEwYjRmZWFiMzUzODljN2M5NmUyYWFiNjYxOTRiYTcyZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame BFAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExNNEMzWVotMy04NjZS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEXiyUIIPG42arHLGUCAK_0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExNNEMzWVotMy04NjZS&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExNNEMzWVotMy04NjZS&google_push=
Protocol
H3
Server
142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExNNEMzWVotMy04NjZS&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BFAF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nZ8zKyTuTGO12rCxz065Nw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nZ8zKyTuTGO12rCxz065Nw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nZ8zKyTuTGO12rCxz065Nw
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KC6JGMACP2NWT3WQQY4E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nZ8zKyTuTGO12rCxz065Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame BFAF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ynAekQFzS-y2YtGvuGT0AA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ynAekQFzS-y2YtGvuGT0AA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ynAekQFzS-y2YtGvuGT0AA
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CMDDB9HKQTRX58Q6DWJ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ynAekQFzS-y2YtGvuGT0AA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BFAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/29843kmjgwFh-LoVXZHfuA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p.u65NxE2oKADdILjwzdbbvLIJ3lt3YxM8ZPxw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p.u65NxE2oKADdILjwzdbbvLIJ3lt3YxM8ZPxw--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 22 Aug 2023 09:43:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p.u65NxE2oKADdILjwzdbbvLIJ3lt3YxM8ZPxw--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame BFAF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLM4C3YZ-3-866R
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLM4C3YZ-3-866R
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 59204320D93B4A7A85AE08522CA95542 Ref B: FRAEDGE1811 Ref C: 2023-08-22T09:43:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDf9REd1frR54db6K5LQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLM4C3YZ-3-866R
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
beacon
ce.lijit.com/ Frame D297 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
sodar
pagead2.googlesyndication.com/pagead/ Frame 3730 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=3480316725653984&bg=!BAelB0jNAAZGPLJIZjw7ADQBe5WfOIOfBYRaGNHB4f3AgeEOgXukUK3i7CD3yoXlBCG73NJK_N6bjomR9zNUWuaigTvNAgAAAedSAAAABWgBBwoATZjBzk0w5AH49F6sWzoLXDt_DFgVxvBfHObSUoZSLUS8ty7HN2JhnvwCD2igq7pNjRDf3NCQajX70O8QHYKts43scyrxDiqmLakri0x8mQLZBGebzv4NAOWnXVFB-7UV1YyAGCdu7F-T1SEAAEEbOVn1oYg_OVAhwo8Qm8yTkDzF5QZnD5dvQrh-Vd_lRCGk1iNt1jGlSOdU8yPCs-E_C8-1VSDWduHGrTb1KCjyf1T-5fTYrhOWxv7grlQDSVqpHHgMUXVwET4z_-WVA1zDUa3pSWNQIlQczn8lkLgSPWxUijUn0eG2IlL_2IyjjlY9pp6JtwHd74vMiJceVQCUa1W9fiejBCD-ImIJGoC4nU3tinJHF5n_0n0Bi4TXKC2n4FijSeSoQ7PwbpoinxldXWs4qiOahobH_MZFqf6XKqU8c8_X4tzTGiZGia5d97Flk80kaBWl_UkeLAXSGCtGdtLw8Ya0Lh9dxJEJLm2WhZCJp-Qeef4H6s0WylhA69ubqmg6-OBMh2AqsXVfPUKpkLVhl192toYNxFP0M5LFShN4mobf9bNvmAu9fL1zAC-cxe2TtUYN2YmBxFGrdcx3_sMUM8CNZcTga-8Mi19yNguVmUt2tZ0mzMFalznt5VQ-nBBhtvXTPYBbd6QKsiXGwiG7Id9iyzcmoNhVSDThHXRzYpNTTu8FPjrcF8klX7HjVixvFYLYppZhQabYGIULJa1jWs34_WOSYofmWA1D3cs7bS-2KAIfD0iH4No4W9Y2waIfRaHZZ73MqzBnKYBGjX0o_WdDnoyu9TI3KXIwSm70rhk5YmAMGIFnguE8P4hGv4WOfsLV-dh9M5UpFLMsCGnnBHaJBIHF5VVD40Pslp-Jt_571dXrDnIECmflZi9DLhooki2CQZVcywkEKNWYiJJoXgcMp9jhsdfRH4TNIGOLY3PBZd6YFyxQxtUDpT4zrg8R0vn5rJjfN8_YRSVadEG6GtuSOQqzop7vhZgfnimLjngXowwO-rWsdZwGbjrbpnStLRZ4mz77r_Aq4HAxaCcrrC75VedLz4tx54K4nPNwOvOqzFPbO6Bq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C44 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8FD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5_h54I3PZ0tOTVoLaMFxauTcKAyW0MrbbGaDs2G6_UaMFwrCOgZPH-43c38m6t7saJ6VyhnB_TrP8QkVleoA2Grsaav9bJgzOdaxr11q6Jw6ApfECPOTCcGzwjWqm2GWUhR2TULuvpvcDSxQ3fF6RHaR6QH7qN7uNaJYH2nAMQuURN6OUpwzL8BbBYlrV5DpChDUH7_Yi3wDp7UkOZYHsQiQNigIdCdqQzOUs610xfvCZZXRH-M3wgYxAQeI7QWFlPJd3oNTvgzpJGxqQ8hoBwiyY4FpKOsk34xgQLNjz00558Ah40CdUlT_n2u5iZOA9U1osLbuw2yXlJOP4Sq89vg&sai=AMfl-YQLgLS-xkCQYIKIzuSqCEA_b9OVdW0nDMLpEE8ZCedigl2xSKud91nls7QIDNlUwhIgAYOCw82Pjg3gFEUyPVM-nCCGMYAyIvj4pwanER8t2qPzcvE2cW3fSDwtRw&sig=Cg0ArKJSzLvvfQQjDdpGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 8FD6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=h2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/b0b0ba69-edd8-4736-b990-c5857693097e/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
afa59c5adadf064c645b472ec3436d411ef5ca209e0f5c49b8cda7d2e6290951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
918
expires
-1
/
track.adform.net/rtb/billing/ Frame 8FD6 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=38735235&rtbwp=0B180AA7CA362A19&rtbdata=h2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0&winparams=GJhXiSrha3dxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmY6meKuQd51cFOBNon7mYQNpCBKuUw0J-JTmKJ0v79DqHMVpgi-PhNVf62DxHGrK_4BRpr6fL2dJ5y-NmNvOIB2W3OkdmJVho0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
b0b0ba69-edd8-4736-b990-c5857693097e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 8FD6 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/b0b0ba69-edd8-4736-b990-c5857693097e?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=15&e=6A1E40E384DA563B7EC40665FBB4D8893337D84A9A5DC8C3AFA97DA9A021E81835420836FCF64F5EFBA86BA85B00CA7F954C2C6DA2645328D0DA9ECEF87CDCD9631D18855BF4778BC5E174E8FCB67C07E4943CF3E5BBA510F5997432FFCF8E395A34CE551E477DEC57AB92806F53E7465241A2202006B471FE778F33C707621E9E02D6FF3C6D74E049EFE27DDEA36CF124F5207A2458AD77AD126A9A98E4B4AF759DB69D7F08AF3A9D585F73F2A4AD54ACDBEAAF516C45296081CEF8B828720ACDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:35 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 8FD6 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LLM4C4YV-L-LQ77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame 8FD6 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=idrlabs.com&pn=%2Ftest.php&pubid=Saambaa&v0=252623
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:36 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 22 Aug 2023 10:43:36 GMT
impression
vap2ams1.lijit.com/rtb/ Frame 8FD6 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/rtb/impression?i_data=6E6JPdh_SEBpb8sNiH-CKf9QtmRAEdJwVTq_W2gU3J39YCQE-j5gcErgYEvqamFuHtz4gQjR0HjuDRH791kJO-BROH-Bk3GhGpwCt7-q7WQnPxn3vprPKc6zGVi4JJEk4ELr_1LEQKjQu8_aCWi-2pkZXs9Bw_oNv-qcjOXm3TEFHsMkwg2Ian10lXkS3LVpdqh_YyAkWmqzhpeu4qDuYcZTlEx1rzWiB47oJvN44ioWJJickXnIVOTwbOWajIMplZdT93t9TF_ersI4b--MFgan2Ddrx5mNnQoOs6CZWp-J5ZGweooHCAULzqRaL4z5GNu_L1z91NgwdpJNSSy-DPUG22VBAqgExLt2-FN5kKYULcJsuiNG4w~~&bannerid=209348&campaignid=3387&endpoint=PREBID&prebid=prebid_prebid_8.4.0&rtb_tid=d2aa7514-a569-4047-9e51-d3e3b7b3e63a&rpid=80&seatid=2676:6896&zoneid=1063593&tid=a_1063593_9d52d8f8184b439a9c98abe9cd90070a
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
container.html
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAA9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:34 GMT
expires
Wed, 21 Aug 2024 09:43:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C0D7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNVJR-PSdlf9rFeoljuYNEUEC2JVb-nVu8_t1madT5A7yUXebtAlOKTVy0aRqe-iiRfH1GJc-87u1UIT98m2HTRyUGfYMg
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8543303730125&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8543303730125&version=m202307240101&ct=76&x=1&cor=14758159677476303000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6EF9 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgaCERyXDke3vA5FFNJc3QHcioU8Ue4iekpE8QTTyhpaJLEEcHAoPrYLJOr0El1NhJyWFXP5I8W9ULl5STFN-p6x6Vgw&cry=1&dbm_d=AKAmf-D93UAclGvRS1P0dR_X1N93zXUu3p_raTneU3SPF-l4T323yCf68kSL9SrPErLNtJIrfs4w47aZvOllU792lF_dc-t00q55O3X513ymKBH5QW3tCiPnfRKZ0Ucfgm8CQRbOuv8SViBHtJZD6c0m1JtW-SN5ZGfomX4IjNcq7QZnuCtoaJvohZ1ikdYwFIeuvfDKjLizB_IERlBWyyDbKmNLqFzHH3kk5WdGqUESljpQ_VWbrwDaPRWvj_Ad7swqmzHWUHjdNib6TeBcHTJlzFVTi_ur7krCLj5XzuOGQwnfqs9x5hKpYXo5-pwcarSbfY607-ppqigAaGF61i_FwtON5jJndIwGFglYANYUHN1T3Ru-VxTqNkfReUV49oOw5JqczyI_DCIKYp11xGm2C9tETRPgYnwQSdCaQ4M0wXtwGw-HiywV3ngFdCrWtu7JBPIbO0iVLFxGLZwrgJOI3fLMHwkgDjoFPyigO9wm2ZJ9VlGNx2KUBi8b1N9-7r5sqArzIXimLdDLwjqJOB8PNPKqfXlwRiBsciy4lvImEdw0amm6vGfEQaKTM5SqIKLIrU6cTs6OnKlwMx4lp2ZuxQde398cAXmlgckFKuIBDjdZ8pn4kp47cfmCp3sSDoTUD3mmjKJnKMk8RRLUJJms1Me30dWi1t3TlPBj5sjX07_i63MxwfQdjIzoWuOZMIHfcdYkorPfzBfLrzHWzGRyI2yCog7tcGcfv7kh7E0gaPOmyxowg9BeLiTjQYzPTyOGTjKnmGzudJJ0dZiiNg6CecnOlMPuEqB-z1zb1pn5gqOSkL6Ke4jZ_fOOPhU--bnWfL4G9iMY6oirr4sxW-VVz0Lbxe4HlgYGTrXayqtfAAZDBWhPJQ7pb3Fu4al64pUrHVqQF9qsqheio6tutk-Ion9Dpg0dRN8HEAossqnUWhXcIGDd09g1b12fGiTqtiqtnVYRCkH94PJU_o_AJ_VVPGl3p5pvSvssH3edpUeR3GwzQM5ypfS9U1XS2dcKO66e5L4MrrY2xktN2R2tnO7o5_dqUh9RdpPFNd5GJUIiWa_tv3Cz2oA2GwwqMAmQ7infoSdKaltUQiA1Ow4P3yxWsUTRILyz-KN4i90KytVqjfai4zz4JL7nLPGCVIeBIj_sIOWqaWvGeW3cNRMGFIuPzrYlu0f_38LZcboDfFdfSzAcWQwHBW_-r0QIQgeddv4vBjT8YxX2QjDuFrF1ZG71ej_v0jCVbSuxdtPaLNZfycG1s9swCAQoIYaoXHpjAYw7hBu2DD7UuH5x8RzPHyDcpkuwT8BpF8ZyqCaYbmifzSLCS3WocUspOKplp2rD-V1t4Kqbmua1pEY3-Kp0tQViOyzqfgCdF8FnvILLC2-q9zb52--JkSGtTJoklsmnlJrZa2D41H-LgDp14DrAXM_6PmMP1In4tSG03O_59RiKAlVcHDLObGJucP6reYrlqTpdc48dXfvigoUkmi3gh0RUM2N882G-3fOc2b4WmBArwxVqRU1XpjIvXrJP2fDnP3QoaUk2lc5pEpm9F8AfNZJom2LBqg6JhlQpf4QMhJwLifLzv_ZjLBVNGP0utpI3JWcsVye8Z37Xf0h5IGq71JnQDy8tw8t0lRgXBJbQsWK7RLY4PB2FsTczLGHbjuM_uwInJ_VzBN_aMg5g06nrvt4UEctRmrq3fs9sHstswVOG64Hi7vL5QTlnvpsOqZj1tUZF9qKWR5eX55ATr2O-cc-4SubJzxqsyqLTsWuICap3JIB8a8jkl0a6Pke8MZ8CsUGP1fFJqeQK7kEJKrgPBePHZnR5v2ldCdZgpWbLjuk43Z6bEopnCxwxbyydu9cZgwdi-NeVVmeiGt-kQeY0wZu8kpcCoAOZ77XbuPvqba-sECfV26WNmf-6kZmBGWYCH2-vUw4aNBdjMz_-pSOX64KZDUpi2usvs_EN14ix_cl6LPxV-Px5Z1nuEIm4L_XTVQhbFb0hNK93JMnDdjkxti5x23fED8kJiXAooTnS-QBwMztLpKH9_idEJTz702-GDah3AUWYcawD46deRMyE4IVici__AuyYXokgFvDWIvVft40IrWwhCbZoO39nqpz4JBoJ2kRXnG_HnYI082V4N4TS8GZFvpWTpfKXCwsBxwzd23IT3HerNVJBboY2g-YMbOEz--hd6zeb_UunClWqnFcza8-zxRhWOQhw8skB4it82zC-IGsRbSwp5AQJFU6JGaUC_beE7VKljDKMz5gJmbcsEdWXvBl6hMfkTFrflS8oMfLboUXZfjT0YP1QOVF5UXT0dxC8E3WdD6JyJwGtawt_DKuBmu8Z2GbP3ti_0ALVBzLIWY63ILmzLz0ahTcfxFx0cdfn6-t5znPiUVJDrH7kKip4HD9DoFVB8o2ZM8ZwEDLeV94lmfQQg4WUf_fAKJoubq_9_9mAG9UAWq2dPiwcznFOsOI_S2y-cEU_YO76fBEqlcpi6oPwBmAJEo4obgsWRWGn38f1ppxV8I6slB_IHiqNiiKLtxy7SxVyIqf6x2mSXdEa1OBWsBWuFQQgYytaCCWxb0MubCqPAKkTTwOvSvsQ-3GcVFrbrNEgiIFO5BrtAwxnyWg6sRo3kMKc-l5DfNUqyJ61DxvNETNI62qLza9wFBZl-4I2Zz4HWV8eXCc-TXfkdURer70xs7hOWrYQ4ACYDksLwTiDWaHeggw-loQvt4roH-70oz0Oy5CujlBqyXLP6zCaskljfekTS0p7BYxtin6PfQqa2hQIaRfObDajPmpcIijgz2LKB8wZZ_Artp2ma-MwkdQ8xaGN3e8SzwJgRWIGIlfCBQRCmbKSFdpND4rGaW3yHwOsDNrri9Iw3EjB-ptkNOSqFXcPTWgllMsA9TUMODvp8WQq8mYiLzS7TBbGfh4k31D95nrFAvUmkuIUqA3zWWSN-VIcVEUp3kJ21B2U8eDw5TvOwG-HxS5Yjn2LZEFyToPFaR-TgqFbGmYa-weLLpt6fo3QZijlE0wT4AxR0l_yPX0LPnhlE7A81NwyVgHOykD-Q_nHbGzUN9oiK3YeTacFSb_g7t7pxqVnMWYdroeYilep7ETyU3Vya8gQ_99XfUMNKC3JpAI9-S8K3rYsXE3KsdjwdV-rsBSnAuAQuL7QY529DkFJRz0QEhbzMIACO_RnC8KExRCXGkxmGqnrnTptDDn2SnYrm46GQtDWFIUlq1548oaWJ_buXhYv3-qNomOrLpK3FQ13PIZfN4RVz6JJ77m0e_ioGm8mxFH7Y5a8YNBL3ev_JbbhswZfFnr9-DH7DfEJONamCZpwU-UrscOqB1PQK3zXij_pCzEWltZWDvaMcLg83dXQyyyvK5L6oWfVXgxcuXV46djckCn2T_lknIPDGihkaR7vo9LV1QRwHYN7OnXIf_wo5zEcmyEREwI56azE8PWc7olKdTVzoS8J2y8WhIaXpG6GOoN9kjbZqLODTfx6k0MmAYq89PmfxLIPSEEaVJKp883E46biAW2LMqaCoHSoMecsgxZDNwvOJKD63YUX7uOEy5W-aGgbkea6JvXcF0haAJInFZFyEMa1OL1iiETzEh8JO3OO3-IunLJmlr_fRHB20vAeeQ&cid=CAQSOwBpAlJW2KJ_m9UFyse3rRGfNU5WCtCS8WDnFzZHJkLARaTmTrYv7YIcDze8LCi37o-ET9iHQD1GzOSKGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=14758159677476303000&adk=3716481599&rc=1&idt=150&cac=0&dtd=63
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15c358f2e925b6f82780cf309cf404ddf268f79d7d4f0661572a8d7c02a74c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36819
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 8F2C 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cnNrZrpgPXjLAA31xxQIZlKBOH3ojxPfMKVennxR-xwM_ITgwP2zfw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F2C 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:37 GMT
beacon
ce.lijit.com/ Frame F6D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:37 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1828 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNUCMyh2v0oWiAwhm1MFn2mestqT2ufKgiFj-SydeYpAVnjN1JqXopU_MoiOjOhwWYv41e-9IxSbOG-aIJ59_ILFD80wug
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4993539687057&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4993539687057&version=m202307240101&ct=76&x=1&cor=11887853665965440000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 62E2 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0feK9geKelXBk4IMe_GPAfvMQSKOw63GXk164dpod44Cpu8yq0ugtOU2aBe-e14NkaStAXWlHkh24y-ZkrCztWHI3nQ&cry=1&dbm_d=AKAmf-BvRX183VIkjfDtF92gaXAA3Lx6eNqW25Ypr4vM4a1WUsWqDbvmZhkabeBlCdAhzfnzpWgHvy8nmJN6C5Flu4E8zwByMreCPTgXMb1bFf646p1OP_4TKc66_wUN9j-Xd7ZBBCOBpoeWS6PAM0FA8w0iRs64pz3HTcNC-56_KeMoDDlRFB3EenNjk4cZ3ph5cs43l3PUfWJaQwLrLUztDPdWzfY9xxurexnRMa7YdefVkKJ1JhBV8zxGt6XlR8MYNNWwfT-S5bcVx7Ap_IJzwj1MGFZoYj_D1Ds2WiMOhMkYue8gt7AoQCRsXN4hJLebpf6wLKsfgaYcf65e4gJ6h4emESvXZ-D4DV1jw44q1tPI6bkMXfyZ5izNBOYl3XfuQ_jXqb9l4_92IC8H3NKuVEMplTa8S-vasyoCyBotQsJaCmWzne9LZ8pl0hVOBp7gJd_f77UVv3jMCaks2TrG9mtYuLZ5n9Ha3Fbya6LMjXd8c7tl1w776_wLo3ZCZGRo7vONbiv_DISnoA_6S81KQXdAbKu6xjZveBCYhVfYP1QzsQcdzbzz_w-4UltD2ydSJAkkeRppCVpQVgfMAZWSVRHbvGm7VEyFfRg3cZcjmBhRMn6biheYmCJFl7DVI3SQxKysfy5hwpvWsoMfA_CEZYxqF4IggpIuuy9SUKyalLOP9wjgyaMDjb8QgDyY1ntU9m7t5mR5Jo0cgjtS9pmNklGglzaS1KQzPYqFou7EUtNyakuBABgBlQ83Bs7e3kJRtod5IK8Vma62y-t5YpjexcFj-YUGhh6ekGzw001zmJPfNwuRtX_l_ZyJ9dF2Oubm4QBfGCkhTEm2sTj39Wo9zfqwY6I5lFevfS_vrblrSX0_lRgvOYud9wDwgKIUxfuGXP4gQEghrnyPDvQYaKih9_eeTK4cEM-R1AXjK80ftmiDsrbPHTwCVzU0EgvaonXCpxKUjYFuDN7INsWUcDZNcPLVOOzTWICjVmz5Nq32h41uWKlIKmyf9V7jo-ZqobV2yzq63YFOQG54MK3njogu94op56OR4Pgm2dUdNKygtSCqqlKyxMHmkvDS-y32SwFZBI1tQoIUAksgRFyT2wLz6BshWF0v3GSLP2dz1COSGKUH_G9NbM-G1rgc_T3M-RchFvowcXniBaKAe3ugM8TGK_dut6ZLfSkYigyiy3KNina7ydXTchEFtRNrwY2t7T6-qrQIbj2OQMhAwVurLCf5Enp3w5BD-332zwTl37Q9ivXyAJ0lQpGrdFxFKzzgiLTRl8saraTpB_IqCGj51GkEzhvf41xzv5nz7d24ZLsL_xPUS9L-TqfjcXgIn412r8AIHfaZBHDAIw3GOJU8DJpoJZ7UeT2Pyj9m20BJICMkVaP-YgfP4wQpwSUtjxfiiK0BlXyoRySOoA3Ms_7IdEC3wzIwNlgJEspr6--uhcyoQ6y_ft-45mUoIdRL_bjvZVrbM-mPX9NkXIVrzfkqJBjZHWWgKYBNBhd7cTqxwchhFu5icdW8Z-6BVrpQO_KoIMpK2bZGqgsYpEdTbqmjePjwihTrieDsM6iDi14SICSoB8rD8NnSefZT4S9Vz8PlQkIKbublALLHlMF7HLdVrKh3Li2Mp-5q9sDbm8-ey6TLl0iqmNXwtYoDmUIRMP-u1mbNGHerUnbIaTlCKZH83Oy2y1-KcgtkKteNnMFYszBZniW-TLY2GGXXnH0v7vnQ0e5Vgu-qQDhN7YRscjxXlS2a8sj0Uy5xSTN7wSSLlizjE6ZUgKZ_CsUZzd6xQk23e55erpx7BjTJH8u80LPDsH0pOicEClWH1WcummPSapNUnAuQEATQb6fJRXwcEuDSSzYVL1mZL5pksDEHCZ-_PQQuc_PuHHuwBPyV11iESQyI0S9g5nQOv-9ycb5D8h8FmIX6Vo_HThwvHp_oOXVbZNSn10SZ1IvQuuy40Rv5WmaerqwtoKwTCycFDD7iIrmTXFDA3QiJLQ3BaeMSvcdBCn8wESLjqCZSaoJd6pLqIICg58u7nvmscHWtpXjyjDo9erHMheZwYUL3TBcelOvJTiaH_FSF-DXtAzdLunTJBex69ou0MAvqKeUxp5xloKkFnxGvGTv2FUhVyDdupP3A8qckl98861yr5yBrFdPvj1jxTuQxleKQ5gVDHuusZhamuflkJE-2J1QcK6F-TIFtGWJC29X_VZxIziDLQgoIuNgrRX9cKe19SxIcLrBMhyHNRMGsM_QxitA__gn4TSPWnG4uVK5b0RcSoeOfDe03GpaeQim571aBByt0EbRdDD4dLJvIvOqE9x65PeGMfW0I3-WJk-9NCCiEe6Xn7_rt4abT0HK15yLnfies-Da2UpU0COzWLPoYhtcptTydFkliIS8aDlUTL7Pp3oBXh57sBzcqJhNGlE_OMYHSm4bJCrEYsqrORNs_a84GQn-BC-RMXKa-Xt65awNYrRo8BR4xnFqAr4mNhZHmfG-Ng0xDBHwMnTcQQlqxnLt8bPKwN8w7eNiaTlf4DQzGimHnc5sUCvie9xOJaxPejVF8P0ig-KIClEs7hrOPKYLMF9c0BHyEBPRpBKuC-7J2Uh8DKQmpg-keWalSRjW_KtPPr3drgtUYddTJQ0LuQDW5AOmqq6WawkdND9MuhysFDReRGDObkjQwYlBOYURVNfHabmcq9QWq7pDLdZ5se7rKtlQAFbn51eArwGj2WLPgdY84tj65_QvXOWYbSpNFe9K3do3oySCzQssr0QpOQaJfJ75Lo0OlRiz7aZssAsx3qJGDZRgu2XwDTLoMyU6R6IUxB8oLJSd7CoMTfhjo-FFmJPyps6lvFvboI8ZUCs7ZZLhbRfpa1Kh7Vs8_1QeHLFRSVuN_sbrvFBsSzyvqi47Gc5oNmocM5x4o2nT0wWYacbKr1r2A--0e2fBs8suSSix1dsUyrSTluN_1COZPNeMJILw17X6d1CMXqBJiO4RHoGf9RYtNxP9qspTorWqff1oTkUadbmuxJGt2G8xTYXQAIQw6XJ2Hp2ySPpas9SCixTBp7KPAm93xf0lmAx3qsJ6Btuzby44wPGt9aT1RSE_-O-kXb5xcsQYTTsD8q9EiL8S5F-qmU3441L8gBxrrH8DTUYoF4FJLFEqIGbYMurA2uvvMcYTrjz3DfAGPJcAkWNGw6RDOeqICbX3y3G6R4Q-3vi8gi4Nnku38nDMrckdfuhoTTvcf_PftCf1eTxGItrxvG_kpufViNBXI6Us-dkQQr0koXhShpSerQhxjnGLfNJ6cmfgiUAUdhMZTP_SNsKYdbw7QDFGti7JldXgBZLG-M0RSivH3VUNU6j3Wp6LqgdIwYOi78PPdU2a2Ug8nQukqiCvBs-2I8XBuWoArk4FGI0NLLeDPRx-bZVhvuSEmRBvdJmsd_hO6Xj820bBg1aBNbYiyNdhZ9D6cKo9kUE3GW0ABwqFPG-xab7HV__mfPCihkwdQjYHLjSwV4DC-cuTe2ihHg2D-ctWXmufaKhISdUnJMvthpQY9ZOhB3fv_tJRReH8ZXrF41CZ4Ro9mxy3Tamb8gyEfejPnWDm977qhyTLl_gThBWQKAFgAYZMe2AwQ7kKmY-U-qph8GHsK1-5BgTlF4bwD5C4jrTZ0a-c&cid=CAQSOwBpAlJWRb6D1IqdRK60xtLcEa0nIIJqM1GKMYk-kR7tWRLzxZPieZ1WzcEbJ1bIBMWQLXNazy3oD5hpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=11887853665965440000&adk=3551309950&idt=182&cac=0&dtd=68
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d7724ef1ad84759048cc5a300e9fe711e26613f07923c91bd60217cbec9260f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 4C5A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=AmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2ffra2%2f0%2f03ce0bf6-1c24-4b2a-a4e1-431362aa43f6%2f;js=1;adfxid=3x;7846;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a4b54f5f4c252304774c06c5b884122c1cbb4f63840c1e104b82aed4f9bcd81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2613
expires
-1
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame 8FD6 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:18 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
bl-0211e21-ea2c051c.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame AAA9 		63 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-ea2c051c.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 18:43:37 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
zQdjXllpbTSnNPDfmCWx0Vcd4.8FXQFW
x-amz-cf-pop
MUC50-P4
age
54001
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27198
x-amz-meta-git_commit
0211e21
last-modified
Mon, 21 Aug 2023 18:16:42 GMT
server
AmazonS3
etag
"b0bd7978fb59e23ec46fa746ae447401"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
K2HvG71PA1rbTh9a_nNYke53ICS4L0HbM7c0QKqgAL1tNsDxrxqHZA==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame AAA9 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:05:12 GMT
content-encoding
gzip
via
1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
MUC50-P4
age
3465506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eIJLqE89Iz5lvKTxvS5YQ7hjEZvE2gcqpa8CzNTyaYaDrqNXr-AiTA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ae3WDCoHzLVXY5Y1nT00kf-tjFBEAZgESFXZS_XwaB-82x3HkzknTnfNc-arsCmHrkVnYYHcRuJiQ3N0fneAigPWNxG8Ybiqr_eVfA9gwMr1bcIMo
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1114469884195765375&x=1&ct=76
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AAA9 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame AAA9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 07:24:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
8376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 07:24:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame AAA9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
60852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:25 GMT
l
www.google.com/ads/measurement/ Frame AAA9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSd82W7wUxQtl65XZLd8Z2PNzdjY9W8peeUUi4nQQ6Y31wZ0DIgMApEow53wVBcI8sJkhsy
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AAA9 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D97E 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNW7xReZ1uIl7VBhchPH6xMYZkhAoSEJhwM95dTYWrs58KpRcaw_VrCi2k9SEhxS4aRQb9TNZADNrgbIixeN73cPEm-qTQ
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2671 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7432087977711&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2671 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7432087977711&version=m202307240101&ct=76&x=1&cor=1454740938386218000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2671 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnewrlF7H7Q3ryvQFoCHD03iTZnuC9VDvxc07cPxm7UnEGBeoorueNoNsYu3m0bJ0zI8xZapJc53RlBq22OLfYawoiiQ&cry=1&dbm_d=AKAmf-D1YcmT6-puYNBIATJC6a1qlgUD_ZBn3RVlxpumIjRNa-ha87T4S1AGaCQr93sGprLf2_m3cpDzpSb0GiQiNATMi6e19CVU5kPOCanu44nQZSq08I64iivgE0CFwMYmpjPXXxc4w1VVSgckCvjD2k6MzcqpY8DSsYPK-RiAtgJyuLxYCijFqxVVGXITmVGfT-wGI-L1-le7V8ile-XC_jGYOCwIgQVRuH49uOPnHFskGQCPfziaKIi1RioEmKJ5TdPOwxRenRRFssTAGq-NtJ0nvO1adQeieCnN5Whhy4H0Dq0Kb1ljGRQ9MrMxjuLDb_lRljkUa3Sk_ih7SlSIneaRLde9SVw8n3ObkygCtBu2xetxEeCoIJH6CUmK793v0nGbV9WbiF7tqXir-hLZrRMr7VEs7K9oI-peYjAfzGIUL5EYJ3aev1nJmG0eac_OrKShsSSYItvV7ay909snQUU_wMXxTv_KTFDaR5eR_MuVZQ0vf9HUghLRSiiaTDwkVyROAtzykxulY5osLkOAxydDufGWSMtLK_SMpZrx-71FrCUx-zNO8wk25vOzSz6Vo1aW1fyuZShcnptBWrQkO5KX90Wwbl5cJWaBKRbN5WbZSGInj7b-mhnOEpNcdo71Iz3LhJpicMq01NGgg4P3WdhNb8g5-yjWb8IqEBtBH3KcoMzsMzS1CFUwQM6FOpqIf3BtfaC1HtUooc3NnMIvjT-I2jWRpG9U2snbRPxKWBPGzdSTxb2T1tnce1Z4DV1N3Tl7gFYQ2mYjEjhqO-u4vbQgQCEPf1teD_bt7kkdizyU8oFHxq6d-6KGQwTUkOAsoWq7Lo1Mdj9nBoVs-Pac54YZIajY0TnRPOyyqarjDgRpYR3XV7JG2vid121BxV0Dg5XhUei31X6xGMTTzk8NXPBNMgWjpcALHNuVwfeQ73EsNeuCwPUmCeZIzWuTJ_Z34oOEL09qlbH-IW0mL6cgicnGupi3KvnUQpjrJjZyZEgXkwmfTderVakKXWeBOlRlaTP3HxEFybej2Eqr2nqN6GQKeayrtAOd1EuAgr0uPIbw2TecPglRlk1nw5CGDQy71H1fFnv4LEQIRryRYVobG-gQzYxHYv5wxqfGD1Bc-n397ovOfzd-fqDpogd3xNMmDa32g8tz4Vl0CiCtk2CwZXN4D6Bkc3fzvSMe7L0Q4Zgqi_6keZP9G_qOrteCqoGVBplnhIrFqTH26YQyW3-2VVqJd3adnYGqk21H6ndMnmAhA9BOnPSRoBCTfsedZToOftDxrsUhc9_eiqvkJ5uxEbZYBSkn_RqEk9e_6STcOKXVEO7RXUsJFSDxs4kZ_wM4NkPH8Z56ypYvfZpgsVSWcN2wSj4NaBQBXC0bT0CBOsGOCQ1MBx245Bz5SxZHGErJKfSoo8E9ZqVOt5cfO-eSsw7-TdTV6i0u-3wSJNA5YuJmkw_UzUFiC2V1J4EjsRwu-VO8upcdGqd_ISbJH7o3-SjeEkskMeCVoDfIT3-7elN-mba8HMrvmvqLkX9ON16pwyvpbYPsS95e8b8ilA9mteWt1n2hK2h4vVujmT2lG5arMVzS6iVF8XLVRBP1YcO9fLAnWuYGAIMir5qhhJ-cYcIm21Zf_50aT0b9VOKQ-YgKAVgDBDpoKs66LJzE9MUK7dOMJWkAFDrrJNMnXvRGw2SD-cMPDxjjKZx2MtzvIJLSED2P4xqb-eACZRe0tKqR25qp9dk1AKw14vmgtY-C8Lz7UL4jltgDesl8NeASe5uubeoHSqm5utea3JzoWdXNu_wCCh83FKiVCvnDNo6ZI_kLjbCn1rrxuS1Yqbf4SKAiYoUhB3mSAOhI9pvG8-NtvJP50-WFhXJVqqaGfm5yvDa1SNEykFp7tGcCZRm7LsCSi3BMoQUVk1P5TXL2XYvoqNzFNdHnUrho32XjsOV_mYkDKwPmxY13A0p1vohZxH_kKiH8E3YNsUAM0xvdB79Cp4VFcXqQe0qYL2z2qUAKFM5ZRTRedyHdVLLaRKP0Sqirjg0yj-ZDa0Azqsy-9Qhg8mIz5-FVIZSsBY4yczLPemXSGRUF68I_vRcwdM0wAU3Di8kJ3yn-i2ueVhvsnvQo6rxlC6C1dUKSFhzgTQkOuu-SUOeHhvdRdE9ufuxpd5setrEeQf3zx8C4CjIqx9PIYe94qkPfrWa-y37R9rcfWvziHKGCWkUgIMJ3MfWqaF8cO85Muz-fJVL3Wa285VjR0i12IH0TrsfKlGTzROtrls45scnh-TcV4EsOuU9OYe3nkyhBd6m00L7jPAQMrl3wyaUfs_mV8fBYO6hAjeXbxolTic5DVazdDC8RvidufaX4acZpKm8v_HbPARba59toRFCapn4533pM95Ym0waZYPsfHzo0tsT02Gy47rEtewIK2adQxAc3_wFf8P27g2stn8FKR0kFN1y7tTXR5GdJyY1ysjo8LsT1MGPZdccfj-pJ8JSx0Q6lBwKgwtx2_zElzGi5P6LWVEVuwiPZ60BqgXNt1RyuXhOlvjCAL6QOkseY0zd1mEziZfmLhDMiEL5DOdP8wgrofHyYWiCOR_gSbgHrZV8OGIXoXmZ6F96r1mpZGAvqe7xqVLxeaB1n5J6NPnK89HdMsUOVOxs9QTc82lO89dZbd38SinwH1wbN-9TQIiWPYTXzETPgUC7xCi-yWxIwNIs8KgMgHmAppbAfuurOsczev3obcFZwzmaL2-BPmJkK7g_qQl60WRMa5JJRPiso7szDyAh9lKEDuIdiM2ynEbKmFDo6bCW6ygJ_s3_YW9b5Eo0XZ7148jMy9r4wIR0wcMwmXYBbxLWZNsj5ovtqTFP4llPiAjyNWyokeOAIiKHjyeBwaIMSmIK6ZuEvsdwCmqvV3-3P3Al6ciKtQ2po2OvUkkcKQgsAhFnbk5blLkQdPPj9lGBowG0RsLblr-qjSfYwAjbOUYve-oqkYbd4ZyZjnlQWWHGXVZ9H50XWM7scAH6X0QzbN3K13pMjdJPfJkg9qJtbxzOqNzJrctMHJ5BZ95TI6YDPkXBuRDDELeuYMdw7n0tDzN26s1wnotA9cbAbSJbSoF7rMTok6IcL8Uvn4HTI1IG0P3FYr7WFQkSsH5sJ642P0eXcVIDbaXnf7ooyLlcGInlETYOdNF4zvCLxgnxyXESvQcyZBEhuka7rAnyMcozF8f-QFpihATGNtrIHbz5hJU3TkPAOnC3Iiuz2pjGEHnMJC-sAnzi41n6nSIaXmQxNtfr2H5rnIuilf7V3Cc99dzUcYnt8iyrf6x9XGWKJg1BkcqV34oCsxB_ToH8r7NbdKQM9XqaiKlhY7mT15hBEjhArO8xmMm79ZsviiU25cBp5rMW6cnHfihO0rtknTPTyega6GmoPfmW0OyQ1645EzqxUoMKbWbrn-vrqjorg_Fv2CJt94q-DM64y9VTEcklIE9KKDbeW24UR6G-uVDx7yATA-hYrghhJYQaD33vlxyiYzgHEwSCS4fjw2dX9wJKKQwPM8a2uUjGA5Ji3asQrHY6GudHt1N8wnIG6nhkBeSb_Mwn4RblceX6gA__DsNp1-AKZall3KqNyHtbL0MhCcwFnSTGV_fBdq3u7qg&cid=CAQSOwBpAlJW_xXt1BVEs4D9ynC0JLvK-B_GU0TDjQ-rcwqZlM7uKFsbI1JHsa2CJKN2zuz3SUCkb9Mi7VC4GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=1454740938386218000&adk=2688415457&idt=120&cac=0&dtd=84
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc6ad00073f3f69a05c76ce329bfa49ba450fbe99de5e2978841382dd3434cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36572
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstS4MDycg7srr20rw7b2Lz355EqESL-R-Wja9P9PXEMwRG4scBzlaD-0AJb36eoxziQ7eoUQ43ecLaHfwycQMqzHG3DcBkofvlSnY5EkBgjtp5iS8ShrmCnLjWjNB9_o0XZirA9R02NGguJDe076hIwW67DHIACOZBr6zzBMnRT6Io9tFgI1G96pCKaiskmsQZpryBo-tgZCvNMrTMjVP2TktGDv0sY6pCZn2fSaXNGhc_ZQW58v-QOD0AYLtuhExME7wgVUyIBMnBDuw1iON8eIbezYNHT1MXT3QlFNocV2_Oq_XKYpaaIls2mCm9ZaPVSDCY3r8vF2Sp8NW8VObZsaw&sai=AMfl-YTMCe5KGPerxRXkALJpCwjqU9mgNdIybHDfhBxfuVv4BG9fYftiKperpty672CNcMQVUbwx3EfsrfT_2ebEYsjO-JdbT7KzfOqTBWzqnAU-vCcSSqyZkucdtjK4Wg&sig=Cg0ArKJSzMxSLxXQWtblEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
track.adform.net/adfscript/ Frame 8F2C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=sX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/fra2/0/646bbb6c-7d3b-45a2-9f4b-169f35a74547/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
442ec6835a8638594d838ee1d856fcdce0d80f64f95b2a4e6f2faa8d505e8bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
924
expires
-1
/
track.adform.net/rtb/billing/ Frame 8F2C 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=38735235&rtbwp=0B180AA7CA362A19&rtbdata=sX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0&winparams=bT1iuicSh8xxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmY6meKuQd51cFOBNon7mYQNpCBKuUw0J-JTmKJ0v79DqHMVpgi-PhNVf62DxHGrK_4BRpr6fL2dJ5y-NmNvOIB2W3OkdmJVho0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
646bbb6c-7d3b-45a2-9f4b-169f35a74547
beacon-fra2.rubiconproject.com/beacon/d/ Frame 8F2C 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/646bbb6c-7d3b-45a2-9f4b-169f35a74547?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=15&e=6A1E40E384DA563BE0D5EA1C7FB6E8C098DE6CB8B541CC2C1A345531BBA79E70FCC1A40623EE707DEC1C7CFE297181A30D9E9F60BF0677849A4E658F6896A70FBCE8FD282B9D6D78C5E174E8FCB67C07E4943CF3E5BBA510F5997432FFCF8E395A34CE551E477DEC57AB92806F53E7465241A2202006B471B67BEC1872A174172634B8EE21E21C84C906E3D99347F00CFC3BE8685EBA97EB2DE5800631E6F7AE016A11BED8C5E02406CFA97C3B357D9BDBB3957F78765D1E17F634C19DE9BA2CC3F1DDB58417B78D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 8F2C 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LLM4C5AN-1D-ICZ6
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame 8F2C 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=idrlabs.com&pn=%2Ftest.php&pubid=Saambaa&v0=252623
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:37 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 22 Aug 2023 10:43:37 GMT
impression
vap2ams1.lijit.com/rtb/ Frame 8F2C 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/rtb/impression?i_data=asVFfsG16C4SV43_rcxEZhj-Q4npU5ADUdmoZmBHNIi14uL0DyesUbJT4Ag_mbM60OQBtNCP6qvhS8W2qM-ZDlcJqL93Yi9oBxwfevoulQaRTCYZowCzEGuh3F3a3yMN-o2xe7Qhbw8TYU6cDDEWatsHjM8aMY95HMjjR33yAYJmkWVmR4TpPybCcaud3Qcdz1TFLCvjAliHgbxpgbVRX-bf8OjMdOTPRQBMmQNJGPA3Ah-HhJ5nFj6Hbz5tZOS-VQL7G_eMEZsQ2VTF6mer3dTQYVdGvH2xGTzWGS2vUZoWnJf7kAX098cjO6Ob8MNBwlc9LYEuHvDL-raK7OsOBocJmcFmYGtXiQP5ySMDhs0R4a3OYI4~&bannerid=219017&campaignid=3391&endpoint=PREBID&prebid=prebid_prebid_8.4.0&rtb_tid=34314344-5bd5-4d8e-8d2a-7933f2dcad5f&rpid=83&seatid=2676:6896&zoneid=1063593&tid=a_1063593_402c3b345d7f44589ed633ce3d5814d0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 0C44 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faa2c2cd8c02bf2-FRA
content-length
24
content-type
text/plain
date
Tue, 22 Aug 2023 09:43:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tM0gi82wCVl0BaT7FdeXWH9AgS%2BA%2FTtSkv0sWQTP42gTjQJHid%2FA7XJw4VOC%2Ffo%2BFmbwIZRIXpTdOaHY%2BC38793F4R4NQPe7k6cNSmBVAOLGlLsh9nw8KesduIFu%2FwxpxrYcU%2B0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-hnzw
rs
ad4m.at/ Frame ED85 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b3affd7094235002305916af49e15949fdd573641ff28449391ef661838c3ae

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQbY1JVzBazM2yqYk9MbYoxUSogyBal1OpHG8sZ%2BABKMlEUrXEN%2B7u%2BnB1uEHAqlxkwKtFvwDo67%2BOP9TWxVodyM4gKrHQBr43O8jPlA8VG6BvJiwddDkAwpJKTGxbpqJIr2wqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
cf-ray
7faa2c2d29232bf2-FRA
x-backend-server
aa-reachservice-group-europe-west1-hnzw
alt-svc
h3=":443"; ma=86400
metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/16251597516964128356/fonts/ Frame 3369 		60 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/fonts/metrichpe_701_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 10:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342855
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26441
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Aug 2024 10:29:22 GMT
css
fonts.googleapis.com/ Frame 3369 		725 B
374 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16251597516964128356/c8048154be43edfd0b4fcdc3fb22db5c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ef4cbeeeeb11bf689c56bf1a96f0d51bd084aee65c3c247e099b85f088aa9d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 08:30:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 09:43:37 GMT
1730852a9bfcc0792be039d9c5a788cc.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/1730852a9bfcc0792be039d9c5a788cc.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 01:36:30 GMT
x-content-type-options
nosniff
age
202027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22905
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Aug 2024 01:36:30 GMT
c28ee83047461d8b4054c01d9cad59dd.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/c28ee83047461d8b4054c01d9cad59dd.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bfeeac72b1bd9df793a7d5755964b7498759a0d484aa2b666039b1a5dc45082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 07:05:02 GMT
x-content-type-options
nosniff
age
268715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 07:05:02 GMT
a9bf8375d717f56ce1522864d15c6e20.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/a9bf8375d717f56ce1522864d15c6e20.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
382181a721111ae0492e9a7a5efbab5d8332a12b421ab5168f43831a94677752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 07:05:02 GMT
x-content-type-options
nosniff
age
268715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2644
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 07:05:02 GMT
409f667579a3c0ab7819a840cd41bc58.svg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		258 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/409f667579a3c0ab7819a840cd41bc58.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 07:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
223
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 07:05:02 GMT
bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 03:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282384
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 03:17:13 GMT
usync.html
eus.rubiconproject.com/ Frame 7A65 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:37 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B030 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:37 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 434C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132427
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 09:43:37 GMT
expires
Wed, 23 Aug 2023 22:30:44 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 37A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.164.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-164-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame EBA1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
785
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7faa2c2e98446997-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
Tue, 22 Aug 2023 13:43:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 2258 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 22 Aug 2023 09:43:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
us.gif
sync.go.sonobi.com/ Frame 3730
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ATvH2487B9VD0zDhsAr4&pi=sonobi&tc=1
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ATvH2487B9VD0zDhsAr4&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=ATvH2487B9VD0zDhsAr4&pi=sonobi&tc=1
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT, Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3730
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88&google_hm=ZGFiYTNkNTgtOTY3Ni00OTZjLTkxNjgtY2Y5Zjc0Y2FhZTg4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIdtoDpOJmWtABybmpTVDrw&google_cver=1&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIdtoDpOJmWtABybmpTVDrw&google_cver=1&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88
Protocol
H2
Server
18.159.228.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-228-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIdtoDpOJmWtABybmpTVDrw&google_cver=1&ssp=sonobi&bsw_param=daba3d58-9676-496c-9168-cf9f74caae88
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 3730
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926800046777
49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926800046777
Protocol
H2
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-144
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5140084926800046777
Date
Tue, 22 Aug 2023 09:43:38 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rtset
bh.contextweb.com/bh/ Frame 3730
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2c0384d6-ae3c-438e-a794-0d3f58b43148&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NFVqQ1FKYlVkQTRiOUJUdG5IamR1Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHyXoselGVKpElqcmguclCM&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHyXoselGVKpElqcmguclCM&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-gzdsl
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEHyXoselGVKpElqcmguclCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3730 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 6EF9 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 6EF9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6EF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhR8_hd3TJGYqXcooJQJYJQwsqN62LoXeFtJ2gWf8z7g5UoMm2O02I-Vj5TFhnn3xCnb_5NSibXRGQBwbt7enyeLHiuxL1VZJ0y_xbSrkr0Ipk4qJjMWZIQGlt6ON-TourZbnQ2X87PSAahOqR532RojARlAKc0bXEfI0Blj971K9ixDXCCB2MRKAsjiDkvKq0JCraEtio07Sef03nrB2PsQJ5tnNHtHMOfBZw9ox77w0XyIgWmImnWs1V4KDUQrVe2f7UQJK8gBJK7Ojrbepw74mX1LwsUN2cp1wDMf-Fo4HYFy03Y1h-VOwVxxHvoktIC6LaQjl_6KRfAI6dZwRCBMgx_UN3zH0mU361GrFYxeB5CRATqveRMvPeCaQp78BLFGMtvF0evgEykZyvmF-6nzUBvw4v0scSEk3L4hZWr9vjNK8c3PZ03Sq_SIb5RhVF_8h3MDfmg7rN-n_UM8OYldXe_H1uL-pjCp7o-x24PgKx6pF_eiKuBvpDVmI6JeIthnFcxD9GYinoyQk50u_RQZ9KFnNfSbedUN01FobDUYKKhzJj_fyveeYixobz5ItmA3tje1sNhbS0v_6y_rTe9HkxOquO4tvZAVvvvX9LozLyRLeahvviYgo2t110g6teiIZ4i72XspeMI4Gk_nrHRMyYsSwkwdf1MGJfJqVABXugeRsq5PZ5EZZEytcDfPD7aTK1SNaG6HYrtYVIBPSOl9ntlRp6yn0a76BqGJ7kNjyLtfxUK4PcxmtAeEG_wvvE4M-zhVDJhO1nTn1BR3zUMN0xw7VrlFPREJ85on39nu4NiIJOwnVQ0il6Rfdg0ws8H4vdAAYgJhnq5OzHbYU3n0-HnlxmuwfhnYM4W4q4VE7bY1eIAEEbTDZklkO9YEWfxxTXk3ySHQJ6YWNSWmZG-ExNMggosVyUm3A0jXeK6TJoVPyjY-Aga7pDdVyW0_Rr9bDY8L8HUFMoEYwH9kFhcIpbUtHz4O1UwIPqNKFKqtRJuR9aHFtRPnp1Bu_C24bh64aZYLBWNlD-2CYv0dU8v9HSSq5BMwCoqBI2t-qQPlgVZgMF2pDOUQeV4zx3Gv8BIAEf58Op-bt5kqZQxLCaIV6a5fa03_Y7QvKpoaAPteAOBL3NM3UsK9h0SgzzQ4hFzetNVTibAWJvdVdhWnCgTAfhAwI-_9Gwek_GjKWSNAaKoA74q2-7kIvL3Phq_6jI-sT4t6jrhdm3e-N0z5lapa2c3pTdKu7UZGSdGquioRY6sfpmisQvbvnw&sai=AMfl-YT2fVHMQDPFcK4B9K6Q170rc8SOYYbUzkaMboQJHgM-gieSkWzyY7KdaIldvd3fG_JlrvWiy7cnDW7LtYlXlg6ma6TZzVJhNvYDgCHTboErM0thLHrJu5Txnf4v0RjKv-OxWJlERsWi-O4jKvFqMH7rw4aXkSobkIjvyZ8rDZEQUOGHBaotEScfYHo-4WRFRJDnEqV6riZrjiyscCxqF_nlO3k9YG00CyB57FQfbEdhpx6Pl75jX2nAHnyN-gUUk-Jw&sig=Cg0ArKJSzMYo-rYpyz-oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230817.34953&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6EF9 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
12719837213094237995
s0.2mdn.net/simgad/ Frame 6EF9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719837213094237995
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:30:22 GMT
x-content-type-options
nosniff
age
263595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:30:22 GMT
r62eglto.js
ad4m.at/ Frame 4C5A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580390
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KllFKvHyYnxbkLcPtLClU61DdieZPmO8brn9fBJ19M70I9SkNsipIlWtv9oXJqGGt3sLnBlsY79sR8y5WsKL5psXcKWJNdEiNXIwuNPZLLRNr%2BV4%2FCk75o8WKZYWNltb40pg3yw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7faa2c2d4d453631-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
/
track.adform.net/csimpr/ Frame 4C5A 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38735235&csi=O0PJJne0pdprNYicQfHujJA65hi-A9YcqS0eH6U_iLMJDwKV3Zer3KSIP03OAaNsccMiLeCD9207csbOy1xDF2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12719837213094237995
s0.2mdn.net/simgad/ Frame 62E2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719837213094237995
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:30:22 GMT
x-content-type-options
nosniff
age
263595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:30:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 62E2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 62E2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 62E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvb6w_T-Tb3COloxRCdkJM0CKXEUPIE08RKPZPlobJHMOsdUW3x_yAndGoGWo2Ms_1LN-AKVyb47XIyM8Hd_VhtksxH3snVYcvmVCUo94VoJzUgem9Ct3KCeR7h6-QD7Ojsu_gXSgZt4RsuBeFfReoDK-06W_E3909JRy7dY5eZQi0v8hiPCX7obe5heEqejfxVe7-S_2Ywv1HQIi1kw9i7nEb968r_-JK4gPS5bSGuOW6RxNdOvlnaJBINHiAMVmwHirAsxOPw7fxESEcX-RbiHx5EzmJw4rSzconofiTeWgzreVxDgnOtFe7lqJMS6n5pTBDWmGIKTEIIJQCluEesfO6SS8MQhQDkpfA0KE34EwSm5qtgac-CamdxJfizltrK8Y7TQvpYMdlW8XVOS4ODubfo-RyPh8wP1k3qI09R2DwaQbvetmqRi76eg_IqHatZLqT3zKnqSKXSi5luy94bVIujRTm9pFK3hB9PVgYl9S8TiN4kjfxhRcFFMm9WPqua3Vyn17UsBO6E821YWoIJ-DHgoobh3L9ox0sehkyJNjP9nmJLdNyooDSOWPkFqd7cH54dkV7KStLBFDxPdmNvhIrrAqCuxew-nEW_kSEFl5-wEvtnefmZM1j9ZK3CD6X095oHjlzQkc-X4bnY6qk1BRY0HDx5pxnuMknAFL0MtqUsD-lwJWJWqi-Fk73b6ch0IruX5rtOKecyVR6sqBUXWUm7p_G0KCKVieTO4PVKSJT9VyHnk4CIbHh8LsRaNdQSvF5oc-nQ5eHW7RYGCDQShZMH-tm8aAqBYHYEDoW1zz82DESFrMN93tn-iY2vXIhImQ0LH70TucfudSmxVxp4KFoUFjfdK4M1GTuW-Q1_8y38Sj1KFilg6tnwRRRTLEMMbDRzYwNCyVzxzoOLtzyWETLta8E12B6kNrzlTyL84zBoyBHi4wj0crSNIRizLMWED1G8CxVoxLdOjhW7wFHxyhIpkArih9iNZn297hz9eozxE1s8KLsR6FQ3GHJYLSTKFNNZ0FpCQcxOgDNPeFy2m5T-M_odIH0MFLw6FkBntEfrJ0qA-a0lm7SAZY2_QbrfRMY72FCDJr4VBh-KeV6Qm9wxeJSULRMgohCva-oOMIGxF34OpZO5i6sjKEPGaYNJy8fvT0vdVxebYYptNw9aYFzXyh1rWKf3no9GHCjC2hZAF5mJgVVefDHGMyNBgwa31Hpi2M6DegGsG47vwmiQl3JdCaZdZws6hPT8YhzE3-_kg5Z5sCLdmGx8a7aLFg&sai=AMfl-YSKeMnbhdWeA-iHSyV9kZBXATpIgyxwzFnAqfwi_2Ou5fG56oaGQtkXOkDsslY-6Lga4eVoFZfGUAUx7c2-KOr_bp0-VXmMwX9XW_v8YNKx_iOrNnBGq2VIBdl5u-bjcoGtpKN87aN28_GF_m54y1wtzYZMiMD2uBMhXGQ--CHSilXDPhgj7i9Q8aamjo-J1TSSCEnkr-jp0iS2cM_schHwbCCNVkfI_AmTP31buRDxcmo21LF9KNAtOuQDBCRQTYmZ&sig=Cg0ArKJSzGhgu3mnTB21EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230817.78314&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:37 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 62E2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
/
track.adform.net/adfserve/ Frame 8FD6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=h2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fams3%2f0%2fb0b0ba69-edd8-4736-b990-c5857693097e%2f;js=1;adfxid=4x;2969;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a341949c452c3e0c1237fe60036263b2819d8f95d1b543f50b929367e3d66475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2615
expires
-1
rar
as.ad4m.at/ad/ Frame 51AA 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bdb17a92f6ebd29112668afc661dba4737a6a5b79fb8ec5d2825d9a67bfafb8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7faa2c2eafae18f1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
truncated
/ Frame 62E2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc4448fa6329500d426ffe9a4cad3b62a52ec212be46a7ea6a34546876bfe196

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6EF9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b2a70e70a6557e78cf64930016b6715ff12f7302f869a502a378c5dba8954ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
ThirdParty
s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 4C5A 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
rs
ad4m.at/ Frame 722A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be5cb97339ed3bd5cbab02c942836a98aca77059a6abc366fbac624409d8e12

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJMz3s0Cp7BK9Lkl6odOn28WWX%2B6BzIP2VM%2FhqckbXGFKupW9WXR21U3UB%2FOvAYQJTtk4ASLmkBdopl7s5TYb1vm3aPbU%2BKvLSxTadTogGY6zwijrrVrWZ6KEYA6MFIkGt4%2BUvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
cf-ray
7faa2c2eebb22bf2-FRA
x-backend-server
aa-reachservice-group-europe-west1-hnzw
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faa2c2eab522bf2-FRA
content-length
24
content-type
text/plain
date
Tue, 22 Aug 2023 09:43:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96U5t8BMXIAl04KyPBktxbdqUHIKV49QbCEuQfT%2BYjrsXD38qU1jhYMh1VZIPdeGGzHQ8Exj2j35jkK2knOhOqsxppzfBPnmGR5eT48wMCPds%2FL2S8JP7lY%2BwIj9AMyubG%2FSk1Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4jr5
bootstrap.js
s1.adform.net/stoat/629/s1.adform.net/ Frame 8F2C 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6EF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhR8_hd3TJGYqXcooJQJYJQwsqN62LoXeFtJ2gWf8z7g5UoMm2O02I-Vj5TFhnn3xCnb_5NSibXRGQBwbt7enyeLHiuxL1VZJ0y_xbSrkr0Ipk4qJjMWZIQGlt6ON-TourZbnQ2X87PSAahOqR532RojARlAKc0bXEfI0Blj971K9ixDXCCB2MRKAsjiDkvKq0JCraEtio07Sef03nrB2PsQJ5tnNHtHMOfBZw9ox77w0XyIgWmImnWs1V4KDUQrVe2f7UQJK8gBJK7Ojrbepw74mX1LwsUN2cp1wDMf-Fo4HYFy03Y1h-VOwVxxHvoktIC6LaQjl_6KRfAI6dZwRCBMgx_UN3zH0mU361GrFYxeB5CRATqveRMvPeCaQp78BLFGMtvF0evgEykZyvmF-6nzUBvw4v0scSEk3L4hZWr9vjNK8c3PZ03Sq_SIb5RhVF_8h3MDfmg7rN-n_UM8OYldXe_H1uL-pjCp7o-x24PgKx6pF_eiKuBvpDVmI6JeIthnFcxD9GYinoyQk50u_RQZ9KFnNfSbedUN01FobDUYKKhzJj_fyveeYixobz5ItmA3tje1sNhbS0v_6y_rTe9HkxOquO4tvZAVvvvX9LozLyRLeahvviYgo2t110g6teiIZ4i72XspeMI4Gk_nrHRMyYsSwkwdf1MGJfJqVABXugeRsq5PZ5EZZEytcDfPD7aTK1SNaG6HYrtYVIBPSOl9ntlRp6yn0a76BqGJ7kNjyLtfxUK4PcxmtAeEG_wvvE4M-zhVDJhO1nTn1BR3zUMN0xw7VrlFPREJ85on39nu4NiIJOwnVQ0il6Rfdg0ws8H4vdAAYgJhnq5OzHbYU3n0-HnlxmuwfhnYM4W4q4VE7bY1eIAEEbTDZklkO9YEWfxxTXk3ySHQJ6YWNSWmZG-ExNMggosVyUm3A0jXeK6TJoVPyjY-Aga7pDdVyW0_Rr9bDY8L8HUFMoEYwH9kFhcIpbUtHz4O1UwIPqNKFKqtRJuR9aHFtRPnp1Bu_C24bh64aZYLBWNlD-2CYv0dU8v9HSSq5BMwCoqBI2t-qQPlgVZgMF2pDOUQeV4zx3Gv8BIAEf58Op-bt5kqZQxLCaIV6a5fa03_Y7QvKpoaAPteAOBL3NM3UsK9h0SgzzQ4hFzetNVTibAWJvdVdhWnCgTAfhAwI-_9Gwek_GjKWSNAaKoA74q2-7kIvL3Phq_6jI-sT4t6jrhdm3e-N0z5lapa2c3pTdKu7UZGSdGquioRY6sfpmisQvbvnw&sai=AMfl-YT2fVHMQDPFcK4B9K6Q170rc8SOYYbUzkaMboQJHgM-gieSkWzyY7KdaIldvd3fG_JlrvWiy7cnDW7LtYlXlg6ma6TZzVJhNvYDgCHTboErM0thLHrJu5Txnf4v0RjKv-OxWJlERsWi-O4jKvFqMH7rw4aXkSobkIjvyZ8rDZEQUOGHBaotEScfYHo-4WRFRJDnEqV6riZrjiyscCxqF_nlO3k9YG00CyB57FQfbEdhpx6Pl75jX2nAHnyN-gUUk-Jw&sig=Cg0ArKJSzMYo-rYpyz-oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=379&vt=11&dtpt=377&dett=2&cstd=0&cisv=r20230817.34953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8440 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi9-r7cATAB&v=APEucNW9Y56-EB-0bt70jTb2ZNoPOgdpWsmpPgUB0ogO7phNGu8nNR8wTk0hyXBIkAfB8mn7KTkQX_9YkWTsi1SzQ6O3t9RX6w
Requested by
Host: 9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
URL: https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3481695307871&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3481695307871&version=m202307240101&ct=76&x=1&cor=1114469884195765400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AAA9 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgkbAQCpEkDC3dYs-AiwvcwkEpTS-mYfMpHZxop6Wry7h51rzWdPoz0742HHTtAC2LizAMl0g6jKjijW_jVRf8nmP8-g&cry=1&dbm_d=AKAmf-A_B2I94pvw8Ot2TBm-FCDCMi9F1m1_jW39lxmaqt-GwIyvNOB0qQOIZqCxCWNLYd8pnp5LmDSg5jQKSuL2q3x_xHJbnxn0EVdzfyT8g72748XJ2Ub-B0f4JTYJ5yw2oVzygN19egssgjIqhGaXR_4yWa5V9PQaBRyDNVQ4UK-CQWbzf2tqdltGf2WZb-aVLGP8ZcBKJnT7QF31zcNu4K5Dr0OZNdeEhmwcKKx82W_i2YpgZ53LuTZlR19FWQmSUEwbNC6aN3DQ_LpGQMgE2Oj482CghZF5EeNq_Et-P_QCgNYRZkUnbb1wtq1_qQ9676FP-f78Doo7y9nCg8oa2sQ_thbhzZ3eK7Cx4yZPwByOoXQVPlq85w61Ak_HrqrTKkFWe5IVrPONKTui8HmQOScZeT5Po6QlBifJLG6U3PdZLbo-Xu0qQiJ6ZBHXyET3ZtnoFZEYy-8xEECVA1G9Tdpm25fxr6WjcMA_Hnbha6g6mmkfmdEmLhy707yD41atkT3Yux380wr56iX3mRJ1lBYa6Gwci5brQU3rjtFbUWXYjBck7XAQIJC6C-lJ7DAVYPPC_bnUV9VOGgfYDmk5CA53Gs7Pzyr-vFsSbJVBUxmVILEi2KSamfJCS3zaukYImgv9ScFYLWY8NUdK7rnSPub1y4MQSaJeQiFPyGaQAqUSpvg4B4WHJLZfIIQTBturaQIjOzEdqa_X5pEGEAwxFSYayiPI58I79ct56nW-J6P-lY2_ubdONGvhK3Zdll_QpA7gQT2fgM3XHyBOl2vDvD6NgnmTPE8TyU3MW_2wttQ-9KO5cA9QrcSmfm2_C_k_t8XbTYVivV9eTNwzsDUXThWe9Y5d0IrKqU1fEXviLiAk0pgcAVd8baEdd09qU0zBeckUPpyoJPninwU6qzFLWq5zGOcEwHu22NxBvsSQrRUwMITndnv18E5PwC3jJjR3MdqHISpL1zOCYJ1PsAwReTTZNBjTjlu_OYr4aHaM32-gd7RNHa4Qc0N3UhkmVcL2GduHOx2EKz_YglxGDzU9dxXbwT6t-H61JkepvBMIeaqY9WbVcuTy4GyKPmC-z3o9aydoyOfl_zD3Sr-gAUJZSlRQnyO66MCtQV15Yz9TDlsvCOcOgqQjnAWKM9ti7hfGMHXSoOpsL1p6YPbN3bt3kVwoXW6kylMcdwLNuqoBbOHtWKFH_tGKzV9LtUyfVPHm3OQ8waSBIeVnejC1-VLWBLpjZ6CtTAJM95r7ub96KS30lwIvPtYXiAISn6zPdjEfpKjfP89RADCCjILsKVTqvJ-1SGWU62BVBJt9hbCtILX0pmR-4fxDKOXD7rusb37lZeAbpZarYIgzmG-Jvk45U6a2CBEXups8DIyvlvGD5josnI6An2RT5CS4L4LBZ_QAje2ENTIM95HZgM8aqI_TsG-I2rM9d14uQvGQT-F-2xyJquwA5IVw2X0af_83OSJ9xXzi9yxpyg4pVwNrmkufMq6kw79qbfUZCXrTk99KjMfxKN7Oeqz6nxPdFfEOfIXZEZ_o4oS1mFkCxM78G2B75PQFjADSSzcA1214EPPmmDKFxqfiI6ZMsgZ6aw8dX4wO9DesWEhud9j28epfykNgwLu6nW579kMCU7sDfz2zzhiwPQKnUE5RGCNzfeJxprfD3SiUZPd7neYeIxIbDUR7iW4JB2GYECLGr5ythVcW0hFtmzu0R2_s-jps9hnFHdiF4EgDd0OKl80pZLAsgb2Eokm8kQQQ16u8Vcsft6uRpcTpN3NKOp_OCMlabaZUoiPzFpiYEiJwyVadkpqVl4nqHyHbXUzHTqxiNqwaDjWxRgJZa3RSm_vqERlR-Jpkni87mJtUGB6qn1INOZ7DFiZfYa8klibMajUWn08GY3QPLn6Wy1EK32YXxf_PpFDaAdgqmrrrkPdssDs2TCTR6q5mCsYu1Y72k9jBdD09RuwzfN2P1BSMfVSZVep19SyoBEJr5ImK974Srt_jkre_-Tc9wKu6VAawnXI9PrNqduDc5EgIBFl905f1BUFZdPJHMo0uUOmGxiz2v8oAA4PcKP-E_k0Omm_Ln-evYx_UctH-UTj2Io4oqd5URv6t4skOXEJpUv685Z64yHKZxpUs4FNl3OOfE0S2VZHzC2C88bZnsTR5YnZlswNGrkG93yf2yoil65YV3ZtTQOqyW9nie6oLdMLSvn2TRWBiMhdreSPYzvi4XFNg63xyy6LYlCDe2ea4p8ArfGhYV3H8XaCXKci2gY7uDpH5GJzhHWv0OlP8D4OHIPfZt6il6wDal2FncP3LwoD2HOo1SRPsi0alGIrEDLtWI1tBdDkzd33aGqmSFuoWkWFR1jmLmm8uzcOGehsYZYuCgNpnWJ_xorSNr87kUM3bKWtHZzFbt7MYHyoQ_YoMGJgO8sHoBCKYr7hkmGsdHizLV9KRXLpvI2XPFgxmbSB4NIpjtudcx8edhBpR1igYX6bJyw-J1XtdojOSVTk4Hgnl8MXLXgHB1aNNyj4Y_jYaLwvooKST6DoWRlH2KLrDzWQaW7u3smzBNlKLv-pjNLSa0OFIpMl7_QHxZv0u7v1Dz72GiDuQ14ifDKJ2GRPUpQF3a4SDGFfXRrswEla6iK7YHqPQU8KAyOFlb2J7I1vwaCyfE8E6pkom5ZHXrMXCHLaPjLTxaXCkxVUl3HG704Fsa2xkkDYsOpvDwuWsUQ8-UP0IjlOZoko34lhpdFbLeru6rXYBTLfPF_cWxZ3bZI3UHzu9YmN47emC82Dpv1Kco3O-34RTgSywZbnd4D5uxNeOetFLE82de6lI0XjESEn9spwdk5rmXKAV8yNxfnUFcvykDa0RP_IMzHxv4rcAFMswPzadGn8Wt4vjeONnhmqTm3ZWsT49LFVKFDjcZ3kQDpQJ_NMbpuleFKErQ8zyZOrdeVcO3fY6CeGLDKV2Jyo9JOiMh8yDSjbJd6CZhDqBGDuc7xRren6xdRuZcxB-dW04ecCDi4uUkiqktTdQGJI3aXXfeWfEOXPFh6EfvBFyph9dBWHT49UfJs1c2M56RYfQ1Bg7ENJsc6dj3BNeo6DRc4w-uZVdpeBGDR58yqzbH89cYdz1V7FxhCsa84UxdsaQhxaISOGvF-iwDhj-zvy4H6i9C6iWvDrBB1OKzzZerA-lwSsRiaR_jILyp_aAJoJqNsC2eA59iTIev27xmDrvbq2JCCmkcroZAyY7D0bCH0AZQpXpZ4Gf_NRWxFdrCAPcS4IXdi4Y5neFjJNAQH8nv466_V1DZ34mfPWNyx3Oo4xdI_7jTBJABTmwUrWHhKZf8a2qsWpI9nERAXFE_tUrshk0znnoM1zz2WiiSVIekB65BMO1oKCcGfxasweqBAOC5MZbBqCWBanpa1nJ5x-utPtbZ2zZ4qD9kyy8tkhQ6hXJtezTvxe74BlaqULMb4N7Hkl1S091MHlAJYMhBPidZJy4ztBF33GWoBiTcdagZGjoJyCWWoBsaGHWskc1qJY-XWygH9YIN7zeHLKL2Y9wChHJRhW3boHb48c6q19I4mBOyEvaWes8IxoarhSPJtzwuHqyVzgx1Mi6yU37qTRzHnwQPjK2Ha-i4pu8ti0PWf9qfjidYJVPjmP8XaaCdY1_mnA&cid=CAQSOwBpAlJWxPpOri1OlNrj6yvbFbBhAF_PJx4YwG18l8Xfm0SerbpbuDsaY38l7dk6l7p_wq4owIMZKva_GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=1114469884195765400&adk=3735135789&idt=104&cac=0&dtd=70
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ef1ab7d75770fdeb0d622ced58ab59f4e037bc664005922c0d022f0f096bde9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36631
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 62E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvb6w_T-Tb3COloxRCdkJM0CKXEUPIE08RKPZPlobJHMOsdUW3x_yAndGoGWo2Ms_1LN-AKVyb47XIyM8Hd_VhtksxH3snVYcvmVCUo94VoJzUgem9Ct3KCeR7h6-QD7Ojsu_gXSgZt4RsuBeFfReoDK-06W_E3909JRy7dY5eZQi0v8hiPCX7obe5heEqejfxVe7-S_2Ywv1HQIi1kw9i7nEb968r_-JK4gPS5bSGuOW6RxNdOvlnaJBINHiAMVmwHirAsxOPw7fxESEcX-RbiHx5EzmJw4rSzconofiTeWgzreVxDgnOtFe7lqJMS6n5pTBDWmGIKTEIIJQCluEesfO6SS8MQhQDkpfA0KE34EwSm5qtgac-CamdxJfizltrK8Y7TQvpYMdlW8XVOS4ODubfo-RyPh8wP1k3qI09R2DwaQbvetmqRi76eg_IqHatZLqT3zKnqSKXSi5luy94bVIujRTm9pFK3hB9PVgYl9S8TiN4kjfxhRcFFMm9WPqua3Vyn17UsBO6E821YWoIJ-DHgoobh3L9ox0sehkyJNjP9nmJLdNyooDSOWPkFqd7cH54dkV7KStLBFDxPdmNvhIrrAqCuxew-nEW_kSEFl5-wEvtnefmZM1j9ZK3CD6X095oHjlzQkc-X4bnY6qk1BRY0HDx5pxnuMknAFL0MtqUsD-lwJWJWqi-Fk73b6ch0IruX5rtOKecyVR6sqBUXWUm7p_G0KCKVieTO4PVKSJT9VyHnk4CIbHh8LsRaNdQSvF5oc-nQ5eHW7RYGCDQShZMH-tm8aAqBYHYEDoW1zz82DESFrMN93tn-iY2vXIhImQ0LH70TucfudSmxVxp4KFoUFjfdK4M1GTuW-Q1_8y38Sj1KFilg6tnwRRRTLEMMbDRzYwNCyVzxzoOLtzyWETLta8E12B6kNrzlTyL84zBoyBHi4wj0crSNIRizLMWED1G8CxVoxLdOjhW7wFHxyhIpkArih9iNZn297hz9eozxE1s8KLsR6FQ3GHJYLSTKFNNZ0FpCQcxOgDNPeFy2m5T-M_odIH0MFLw6FkBntEfrJ0qA-a0lm7SAZY2_QbrfRMY72FCDJr4VBh-KeV6Qm9wxeJSULRMgohCva-oOMIGxF34OpZO5i6sjKEPGaYNJy8fvT0vdVxebYYptNw9aYFzXyh1rWKf3no9GHCjC2hZAF5mJgVVefDHGMyNBgwa31Hpi2M6DegGsG47vwmiQl3JdCaZdZws6hPT8YhzE3-_kg5Z5sCLdmGx8a7aLFg&sai=AMfl-YSKeMnbhdWeA-iHSyV9kZBXATpIgyxwzFnAqfwi_2Ou5fG56oaGQtkXOkDsslY-6Lga4eVoFZfGUAUx7c2-KOr_bp0-VXmMwX9XW_v8YNKx_iOrNnBGq2VIBdl5u-bjcoGtpKN87aN28_GF_m54y1wtzYZMiMD2uBMhXGQ--CHSilXDPhgj7i9Q8aamjo-J1TSSCEnkr-jp0iS2cM_schHwbCCNVkfI_AmTP31buRDxcmo21LF9KNAtOuQDBCRQTYmZ&sig=Cg0ArKJSzGhgu3mnTB21EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=384&vt=11&dtpt=381&dett=2&cstd=0&cisv=r20230817.78314&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
usync.js
eus.rubiconproject.com/ Frame 7A65 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10064
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
12719837213094237995
s0.2mdn.net/simgad/ Frame 2671 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719837213094237995
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:30:22 GMT
x-content-type-options
nosniff
age
263596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:30:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 2671 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 2671 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2671 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGbqrxDX9Q5RfM1xijwRs9jrXUJsUprVIpoNjL-UMzwpFfMJJs1EpMIIIq7E1Q2CTanNgvcyeTTgY9jX1FgoiviZsOEyqJ0pNaShACz0QQ_0QqFo826LzGfCEOA14yXrcYECsrWohAuFe2rYZFZQaqENOsxPAILi_6cc2GKF_y0AUmAGRKmL88rX1gClKQfOpUoyjzUx7bEZI5Bnfn_zm2DrdRcCNH6iZoYxnV4KPs79wVo7OK23vEi6EdsyHWrva2Homci0Wy3UyHhN1KAbf4TlxcgfiA53t6D8AWzYuct2YD_BRxKEWjWVzn4qkySPDN_cghUkvAl_0MJvN10maVMV9dMcrwdCaDgXuObI8S8AX6Ohr4RpxcElteu69VK9uodzN5pm8VWpMMXkTkv22ugZD-d1izZcXVzZnP5HINDqEdw0Py3y6E95ByV7RdcLl1ipVng6asoihILNCBE4YCfIWGY9Bso6tSywo1-GRtgZ9gO9rP6FzczrJ3XW9xlcmYzhyhJhGc5lYkGVbikM4OdzQrxni7OZLbVd9N73UoIRlztZIEquPO2kyGxtAlKpxiMdo3tDFzgtArPuSZ9W6c1JaRWUOtgAWxjifHQknHRYePpNui1eCvdf408Eu38WiqZOdB82nrZjwW5z04ml08KWYtb4pJ4B_l_3CPrVvJZeG8NgGBZ2LNFaBxptq9ioYw3iYW0lCkspKrdwp_fUXW_Un-3ouxeWOrnERg_GCkpOd6-LPvwzoMz-F2n8gDmKR1Ycc7z9sALU5sRDsUoEpiD3X4tsxTTabsX_0DItMhUZIWCo4ibZKrli_V9gwiTDxUh8o2XYGk-bgucElvCHrzAI8_NCpvAqZpmbmotCLonnBhoGQA6WIfp7zhQbI74umZWFSmNlhiYryRzEaZxK33b80yDv28U_xftXu_z_v1MhgsdVH4Y-aDRZVJ3DKBZLudV91rgJ22xe6QDv7qROMFyayQ7LeUUBaZcCjwhj1lPtVaQwYDjBxm7NS9RewdiNN6jfdpBkES6ZSQP-V-qgiVc06ULdqggpY_pQhg1TW2dwFQoTTwEhCc7WQ4D_7-El-gbsvsfLuawTTLflxVwjtB6RTxyUq0HmPsUVrg3Don_kckEOO2xKCzfWyo9i5HFY3iXA0WmeUMSZFNr24xB3HcQABNTMh3ih3wHk3-upLOVUE24bZVdNKsfU2OromiBeUH2A5YbEAZWBHo441ncVCOgZV_-7WFiJ48KOxznUDUS4nz9Fm6x2FOWvFi&sai=AMfl-YSqis7Oo2yg5vsKFd34Ev2MJqRR01KTfgARJhMNHuoxcxy-NIZjVs635AFNNvjD4YdWUWSgLgXCB63JW1UfGYByKPhjxenRNl8dP4IPkuyNN0KVlcGp94tDkVoamBZXDYm415FRkHinicjg3x-OcXixO45DmRewivQEBLf3CEe_GmRzaX69dimbbmxjFJiUdVHt9lZ4PnQ-Nyab4QvQfyPAGNd96N7HbPJTNtqhr5EwkoY6HVhIv05IjpCeEl8wy7XJ&sig=Cg0ArKJSzBBTob9z98uyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230817.85716&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2671 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 51AA 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1117829
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeXjrf3V3SyFGXqarA0lMTK1bQVoEEgf4okhl6a9rKcJpu6yGhwaXVOWu6p8e8L0cyQ%2BHjMo4hBM4barli2wpYCoFEldG4lgOCcPCBb8IKaCGtfrCrrUsErmlzLY9%2FONYfcEqYLsRr0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7faa2c30e9443631-FRA
expires
Tue, 22 Aug 2023 10:43:38 GMT
1BCD30A9EA509B69FDC539265464D9A05E3B65A3FB4B8EA6C2578227CE3FEBE28A1A8D5C0FED4DCD15EE4CB5CE6BB83F079398859C57B2C4B104F0B3E4617AE9
assets.ad4m.at/logo/ Frame 51AA 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1BCD30A9EA509B69FDC539265464D9A05E3B65A3FB4B8EA6C2578227CE3FEBE28A1A8D5C0FED4DCD15EE4CB5CE6BB83F079398859C57B2C4B104F0B3E4617AE9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878f4c83911cea3135c79e317a8ec849b4a1cfcf0f007395f7ca9e8da8b4f711

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1267499
cf-polished
origFmt=png, origSize=1841
alt-svc
h3=":443"; ma=86400
content-length
1468
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jul 2023 09:36:08 GMT
server
cloudflare
etag
"f766e78c383fb9a815f61314d4d9a47e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m11Wt1qx0ZtkwXAnTHE6wcnvsrDa9EQdLSf5ZAgShRAVdhU2iclxqnOvL4kRbm4yMbfYsG9KrAkdv4wRiv4zFhuEFEYtrpVVZ4bxMsxaTPG7AdmbYVEmmZDPcwqFikcF7SCjmsesFK%2FkOwpT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c310a5018f1-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
55B024EEAD0F40B989EB033CBA1601CAC7CDD4B99E1A6ED3031F81A67C9FD791A496F122A60D4CD0C6BD136640031CB07C08D5086700D7315F5E5B02A542CF4E
assets.ad4m.at/ Frame 51AA 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/55B024EEAD0F40B989EB033CBA1601CAC7CDD4B99E1A6ED3031F81A67C9FD791A496F122A60D4CD0C6BD136640031CB07C08D5086700D7315F5E5B02A542CF4E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddafda7d2c9a2e3b1b55849a475470762c9fb58f123b7d59290e8932b87cf6f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1807935
cf-polished
origFmt=png, origSize=656657
alt-svc
h3=":443"; ma=86400
content-length
392340
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 12:38:47 GMT
server
cloudflare
etag
"403736560661f19f35a06f9330304886"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTgerDmvpUrL1zyCUdMHkH0D6mlj5MhT%2FmAgIpdlvblKbyCayN%2BmCdiishKWqFway97A1t8MSBsOB06yI%2FzdQ%2BIsHOARpGk30AR1VIeL3DciUS3QZAKYfKu4NjnKj2DtV4acf8hoyigme60I"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c318a733631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
view
t.adcell.com/p/ Frame 51AA 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=348098&slotId=46690&pv=1&subId=oneide7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
C6175272EB2CEEF2AF099E27B7BD5B43DC542A264BE91B67DF890F8D5EB440DFBF2CBA878EA713FEC0D7520AB453B1FD9AAD4C9C0C6D59512C602BEAB791627D
assets.ad4m.at/logo/ Frame 51AA 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C6175272EB2CEEF2AF099E27B7BD5B43DC542A264BE91B67DF890F8D5EB440DFBF2CBA878EA713FEC0D7520AB453B1FD9AAD4C9C0C6D59512C602BEAB791627D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cde7d722752c14319f4afbe04ade3a51ac6642367549bb5c111b4c8bb62dda1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1273180
cf-polished
origFmt=png, origSize=24638
alt-svc
h3=":443"; ma=86400
content-length
11678
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 14:22:18 GMT
server
cloudflare
etag
"4aaf3ebec6bb4112975f2b0360471458"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heFCZnpUryLsTtGylaZGbguXAmYoPNAgaXefzcO2ob4X1TV3PFOv43rZjuwYxVte%2BW8Xn5Sgc1LFIk%2FF%2BVCPZ0AkW9x2xd%2B2%2FZ0N1359HSTJ6ESmPakD7S2UVlmJz8X%2BAsx5zwIM3E5MSmnF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c318a753631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
D9BCF01066932C061A10AA95B1D0FF4E14C3CFAEFEC9561EE3ACB60A3986E1AE85AE8610D2A7CDD6FEBD72D63BE53D6B3AA9C674BC267D528AB2F32B9EAD27EA
assets.ad4m.at/ Frame 51AA 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/D9BCF01066932C061A10AA95B1D0FF4E14C3CFAEFEC9561EE3ACB60A3986E1AE85AE8610D2A7CDD6FEBD72D63BE53D6B3AA9C674BC267D528AB2F32B9EAD27EA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e6a367150ab3e16dc31b9c7cba050d5881bffe4e5dfbe4f4afcb14dd0128f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1098200
cf-polished
origFmt=png, origSize=412409
alt-svc
h3=":443"; ma=86400
content-length
276410
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 14:26:23 GMT
server
cloudflare
etag
"74f12436a7cd0ff7972294f1ac844856"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1sTYu6iQyMSVPKrPCRHYHein1CgD6HUB6A2x8zbEHeJAkPmZ5N2aW3e4il5jVGRdn8Zhovo%2F1BuXgVmTUUkqNEiPLH8S2TPwj3jEYhLVkvjzQReZS8oj3hhxh7vdVWhg5l0jPQY2RDGwwq1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c318a763631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
view
t.adcell.com/p/ Frame 51AA 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=347134&slotId=46690&pv=1&subId=oneidk5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFRoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
ED2B400F13B68F8B0A409A5081515E21A753AD5F39946CF8FE2B2261E8F6815306936B0F0747CC185E673B2656E92102C7E4B9A4348FE5E7D7CAB3D3477BF53B
assets.ad4m.at/logo/ Frame 51AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/ED2B400F13B68F8B0A409A5081515E21A753AD5F39946CF8FE2B2261E8F6815306936B0F0747CC185E673B2656E92102C7E4B9A4348FE5E7D7CAB3D3477BF53B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8ccd910168373109c4ebb9e2d64542bbbfa6fee139f14772621680f1228e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2410631
cf-polished
origFmt=png, origSize=11188
alt-svc
h3=":443"; ma=86400
content-length
2926
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Oct 2022 16:38:54 GMT
server
cloudflare
etag
"1e73fc81ea184d3397c1b76e29fc5fea"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSzGW797r%2F9%2BGLu%2F1lFh5gLoj5tPfieNN5Lfnu1JNOtRfGJbQHEyL2eX8D3pz16MIc6GOUaPqDNbtZEu4PNQPcIyWmLrTp8hOOnCAOfUWaTd%2FQ3z%2BTxbVcWJUIHERjlFHSNk1njt7VPuNSaV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c318a773631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
165D0A6CB0BCF73FB83D2FF505650435832E41B3FA6CB4DE55362D473E6AC39414688ABB8F8088A258CB8CA0917EA0010BC7ADF696CE3B2753183D00EFF89602
assets.ad4m.at/ Frame 51AA 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/165D0A6CB0BCF73FB83D2FF505650435832E41B3FA6CB4DE55362D473E6AC39414688ABB8F8088A258CB8CA0917EA0010BC7ADF696CE3B2753183D00EFF89602
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2564920c395c0dc4b4f63c5e0aae7b764be4c29522c83e987998483ccffb62c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2410631
cf-polished
origFmt=png, origSize=577478
alt-svc
h3=":443"; ma=86400
content-length
310472
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 09:45:24 GMT
server
cloudflare
etag
"e35f4cc1c938f87cc24878e71c5c0f3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiKu19WPJsYpUTF3ZDk4xlJ9Kp8l%2FgqJDWF9HK2wgzscTb3hKyRi0%2FBSg4zUe4n3SZ79PuyOSA81jDLzPbBNyMKIwdyfZ%2BeRikQQRRfsiC2pEcq7TRVJyrjVaL3L4lcugFQtt0SUvt0giR1R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c318a793631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
htlp.php
www.zaun-idee.de/php/ Frame 51AA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3010213&v=25533&q=423119&r=412871&pv=1&pref3=oneidEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zaun-idee.de/php/htlp.php?utm_source=AWIN
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zaun-idee.de/php/htlp.php?utm_source=AWIN
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Server
2001:8d8:100f:f000::21b , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zaun-idee.de/php/htlp.php?utm_source=AWIN
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
rar
as.ad4m.at/ad/ Frame 13D8 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b2fab1228cc0d0dc4b9f0a1fa32dca550e1cc10d3de987dd48780833e76c95f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7faa2c31097a3631-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame 434C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16131752&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
695fa7e3bb5742f7e4e3f291d9571473258cddad68a2f894967d1c0a3bcddccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 09:43:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame A1C3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
d170323e7ba83ad978d670a60e34b068e2b6a0328bf40ff8b760847ac1416cc5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1715
Content-Type
text/html
Date
Tue, 22 Aug 2023 09:43:38 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
truncated
/ Frame 2671 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a8153583e110c677acb7490370ca429d077b150404ac374b605c321317f0cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfserve/ Frame 8F2C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=38735235;rtbwp=0B180AA7CA362A19;rtbdata=sX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2ffra2%2f0%2f646bbb6c-7d3b-45a2-9f4b-169f35a74547%2f;js=1;adfxid=5x;10859;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.idrlabs.com%2Ftest.php
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
aa9c2c77d1ea49e034ba5c8b3d14c8949e3836a7170f7608ecc4db744945b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2619
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5867 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=162066837841&version=m202307240101&ct=76&x=1&cor=14863457318148710000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 6282 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 4C5A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4C5A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRqZtJ0kvdldYli5CzKkFo-OCpdX6GHlY1zGPB57q87ICSuhf0nYkvJlSKzS2s2hTeGGrolZ4xP-QfPjqbVFj47q9FO3Xp_0Qexnusr1Yz9JgL-ObrrboRdMQ4CuBgizEUkytsV6egESG8C1cwea2XasRwrkoXYWIf6S_80IPp05VI-RbLI3XZ74ku0COmDNFoMBzbZkNmAWet-XQEu52uiFeglb7zlj7G_2Ap-UPXp3dJurwjCIvfbeta33p6-mtPX9keI3Uyqixb7ksHkhPr5dR1LrVKuaF2LAvpLf_oeuJZHrze-CJgHe4zs5k1LrQAo1lLSTudA7Jv6c3fKFPI60sQ&sai=AMfl-YRd6n0SxO-WHV2Bpl5XLQXCY9DbtHDZTNmmBEqzWfV03jmzWS-fMcm1uqWE4QJ5XYm4xrj3lJ3HXOn5ii7xhc41puSe8MUBzxgsAVNqOxzEoeFQMeIxFWpcDoeFKQ&sig=Cg0ArKJSzHASbsqYTXpMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
truncated
/ Frame 4C5A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fca39b23f7c82c1ed1589067d9286142d9b8a56de299bc2f00b42e0f9e2a352

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
r62eglto.js
ad4m.at/ Frame 8FD6 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580391
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYQ49K3lI9SNt1T4KBoFjrlGCbDkyL55%2Bz%2BNL48XQK8oB3XyZsrtIyy8V22cdzX0BuAjvVdydIdT75pLixKTxA0MdM6ad2ZE9Da5zzwiJB%2BxvF%2BRTNo90D5zjtaIqRvu6ppMWZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7faa2c31eaea3631-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
/
track.adform.net/csimpr/ Frame 8FD6 		35 B
583 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38735235&csi=sueSJOr_zwVnFAKD-w5jm-DnjTP70zexqS0eH6U_iLMJDwKV3Zer3KSIP03OAaNsnYpW0vU4p_e5ty1z6PFiIGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 13D8 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1117829
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGbZznPOUh%2Bh8gdSxVClibNvMrZoMCPQz9K8f5e%2FEj%2B9NYvq1F4zrUm2jjywqTVM5c%2FBXT0VYwBDVRqhlAEYclsKN%2FJouCYvcSCzV0sL%2BGZCC7xUC9nV8nhDZ%2Fci%2BO6LS3YgXW6R2dk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7faa2c31fafa3631-FRA
expires
Tue, 22 Aug 2023 10:43:38 GMT
06F1C66127CD278C108FA6C34582107C5EE1D35608D26600252EF951EDC6F0AD80EE477208E2707007C62D9A1B6C330CE15330804E12D3874487FFA97E947FAA
assets.ad4m.at/logo/ Frame 13D8 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/06F1C66127CD278C108FA6C34582107C5EE1D35608D26600252EF951EDC6F0AD80EE477208E2707007C62D9A1B6C330CE15330804E12D3874487FFA97E947FAA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c520363e2cc69084b2d170bcab4641999c83a5e68a4b5d9939047aefa148214c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
495635
cf-polished
origFmt=png, origSize=37548
alt-svc
h3=":443"; ma=86400
content-length
12270
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 14:57:02 GMT
server
cloudflare
etag
"84d88f96a302f5b8c4d294a8edf5ea71"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxVTJ3fDDfMJaX%2B0zpKVx6yZxgi1sbt67%2BzGGtkOrij6vXrI7YccVxBwzX9hVzTnEyoxnDkJK72WNEh7SXD1WAgp4Axk%2BCQMuIWp2oXZkK5VcFle%2BwVDsFr6c1sU7046sYGyxGtsi%2FcaRDZF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c31fafc3631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
6DCE35E70088D61A6B9A4C8E7709B02EDDEB423EFCC8E1B300EA871A40DC6C024D2FD400BC65855FF601F9D58B0A165952AC7C626CDD1563D5D2F299FA4446B2
assets.ad4m.at/ Frame 13D8 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/6DCE35E70088D61A6B9A4C8E7709B02EDDEB423EFCC8E1B300EA871A40DC6C024D2FD400BC65855FF601F9D58B0A165952AC7C626CDD1563D5D2F299FA4446B2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc63cc46d41a4dedbe7f2156eb749199433314eef172867a20757f9aeccb77bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
486094
cf-polished
origFmt=png, origSize=475161
alt-svc
h3=":443"; ma=86400
content-length
301940
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 15:33:36 GMT
server
cloudflare
etag
"bef4c38025e69c602e3cd9c2aff8d7b8"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYaghRCDTfVWcT2fFrZxZEY%2BJTDLBxcBSBMW9ZViqaRVy62cLJpmO%2FeLkpXldZElsW5Yu0Q9MQG5EvjQBjnV7kp2LFcWf5v69ZrAHlODGa661L04XISoFLyXwsiwUW64FvAPAOg46pNS3rl5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c328b963631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
view
t.adcell.com/p/ Frame 13D8 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=345360&slotId=46690&pv=1&subId=oneidjpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
810D4C0806EF126644ADB8E8871DA54509D983BDE9A3C9B02C4AAB7F3E17E6D8DAC90B35B446C823DD752EECBCE3C43A5F9D6A76EB76F5AED802FA02A7CA6808
assets.ad4m.at/logo/ Frame 13D8 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/810D4C0806EF126644ADB8E8871DA54509D983BDE9A3C9B02C4AAB7F3E17E6D8DAC90B35B446C823DD752EECBCE3C43A5F9D6A76EB76F5AED802FA02A7CA6808
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cdf3db1fb8c36938ea016a8b6b0573efafc54ad1c1f644d68e3256ed79d04cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588125
cf-polished
origFmt=png, origSize=26399
alt-svc
h3=":443"; ma=86400
content-length
8380
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:37:29 GMT
server
cloudflare
etag
"2a9e10fb3fa17ff53861618c9faad245"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB3J%2FwKVpJNjbEJDqpKtponeAoO2NqWVV7%2BbSd7MK0Ka6ip5mgckr7Jfl1I5ouibQTfhS7B%2FesPFD0k0OjUCERGvOKgPzqwPNn%2Bzlk6y69VlqZLyz4lexwY2fH8LCnvvB2xWFUHKehqTcBZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c328b973631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
61AD38746AC3E2F8A6DE59BD37E22FF303557536AECE89A7BC9AB7EACF5A32CFF0DEA7263899185328971B42B1CEE0E83A47248813DC37A87EEC0DF3EB4E5664
assets.ad4m.at/ Frame 13D8 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/61AD38746AC3E2F8A6DE59BD37E22FF303557536AECE89A7BC9AB7EACF5A32CFF0DEA7263899185328971B42B1CEE0E83A47248813DC37A87EEC0DF3EB4E5664
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4a14522da03928e2d36f023e44a24b78aaacd8efdb2f1b388fec7c14f8b5dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588125
cf-polished
origFmt=png, origSize=492511
alt-svc
h3=":443"; ma=86400
content-length
324916
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 14:11:46 GMT
server
cloudflare
etag
"2971536719eaa3964b1e5af52ca6ae3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZbDdtsx0s8gXJrEaRIup9EyE5pnAGMz04w4c2l54CVYIf8uNWZQg56u%2FUowM6mucOE7tZtcwmKs6F%2BQ%2FOz9jiSJM%2FQPiomPvhsHUU349DAX%2Bfm57fnGtz5ijbBzuUNIRSNgJ3slZ7VD0%2B5M"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c328b9a3631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
view
t.adcell.com/p/ Frame 13D8 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=341798&slotId=46690&pv=1&subId=oneidPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFponeid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
assets.ad4m.at/logo/ Frame 13D8 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770e3d597a50bb5294424568ed6fc0a1f9e0e28d30de7e09678f2f6eabccea8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588178
cf-polished
origFmt=png, origSize=46305
alt-svc
h3=":443"; ma=86400
content-length
24400
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:25:43 GMT
server
cloudflare
etag
"360b616d0a31149c2e9ccbe732beb6ea"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA1ztV8avHZ5tQesMrcMN5Us7MH5%2B%2FWiEQKigEv1%2BbX%2B08M4qeHc8RsW9e%2Bxs4z2tRnOHoqXF5926h1aAlItGYaKnhLY1DYgGE9Z8ryDnLYA%2FIBgYOV99%2B4RMzgKGSABIvte3UNhqb20pN0d"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c328b9c3631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
assets.ad4m.at/ Frame 13D8 		478 KB
479 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a33b6cb46421bb6a281b8575a3c54d675919e4cd7667ff826fa1949f8dbbb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587668
cf-polished
origFmt=png, origSize=917763
alt-svc
h3=":443"; ma=86400
content-length
489762
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:30:55 GMT
server
cloudflare
etag
"c42f02b161311a95e0c22a7c122bd7a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXzZSE7uzhz59%2B%2FxNqDpprQ800yszLGcO1xlK1dewJ0DVRacChU%2FDihDt%2Bin3CX5%2FLjLtwx%2BQxHiSv8Xw4eW8eekvWS01Y%2FEbepoO%2BjkMukXV588F%2FJmtQ76TJeoIp%2FT7DhXfp5QXf%2BveUV7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c328b9d3631-FRA
expires
Wed, 23 Aug 2023 09:43:38 GMT
view
t.adcell.com/p/ Frame 13D8 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=345074&slotId=46690&pv=1&subId=oneid9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFdoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:39 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 84C7 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13992577357167395121/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:40:07 GMT
x-content-type-options
nosniff
age
211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 09:55:07 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 84C7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 14:26:44 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame 84C7 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13992577357167395121/index.html?e=69&leftOffset=0&topOffset=0&c=PKSbUxYrCt&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 14:26:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2671 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGbqrxDX9Q5RfM1xijwRs9jrXUJsUprVIpoNjL-UMzwpFfMJJs1EpMIIIq7E1Q2CTanNgvcyeTTgY9jX1FgoiviZsOEyqJ0pNaShACz0QQ_0QqFo826LzGfCEOA14yXrcYECsrWohAuFe2rYZFZQaqENOsxPAILi_6cc2GKF_y0AUmAGRKmL88rX1gClKQfOpUoyjzUx7bEZI5Bnfn_zm2DrdRcCNH6iZoYxnV4KPs79wVo7OK23vEi6EdsyHWrva2Homci0Wy3UyHhN1KAbf4TlxcgfiA53t6D8AWzYuct2YD_BRxKEWjWVzn4qkySPDN_cghUkvAl_0MJvN10maVMV9dMcrwdCaDgXuObI8S8AX6Ohr4RpxcElteu69VK9uodzN5pm8VWpMMXkTkv22ugZD-d1izZcXVzZnP5HINDqEdw0Py3y6E95ByV7RdcLl1ipVng6asoihILNCBE4YCfIWGY9Bso6tSywo1-GRtgZ9gO9rP6FzczrJ3XW9xlcmYzhyhJhGc5lYkGVbikM4OdzQrxni7OZLbVd9N73UoIRlztZIEquPO2kyGxtAlKpxiMdo3tDFzgtArPuSZ9W6c1JaRWUOtgAWxjifHQknHRYePpNui1eCvdf408Eu38WiqZOdB82nrZjwW5z04ml08KWYtb4pJ4B_l_3CPrVvJZeG8NgGBZ2LNFaBxptq9ioYw3iYW0lCkspKrdwp_fUXW_Un-3ouxeWOrnERg_GCkpOd6-LPvwzoMz-F2n8gDmKR1Ycc7z9sALU5sRDsUoEpiD3X4tsxTTabsX_0DItMhUZIWCo4ibZKrli_V9gwiTDxUh8o2XYGk-bgucElvCHrzAI8_NCpvAqZpmbmotCLonnBhoGQA6WIfp7zhQbI74umZWFSmNlhiYryRzEaZxK33b80yDv28U_xftXu_z_v1MhgsdVH4Y-aDRZVJ3DKBZLudV91rgJ22xe6QDv7qROMFyayQ7LeUUBaZcCjwhj1lPtVaQwYDjBxm7NS9RewdiNN6jfdpBkES6ZSQP-V-qgiVc06ULdqggpY_pQhg1TW2dwFQoTTwEhCc7WQ4D_7-El-gbsvsfLuawTTLflxVwjtB6RTxyUq0HmPsUVrg3Don_kckEOO2xKCzfWyo9i5HFY3iXA0WmeUMSZFNr24xB3HcQABNTMh3ih3wHk3-upLOVUE24bZVdNKsfU2OromiBeUH2A5YbEAZWBHo441ncVCOgZV_-7WFiJ48KOxznUDUS4nz9Fm6x2FOWvFi&sai=AMfl-YSqis7Oo2yg5vsKFd34Ev2MJqRR01KTfgARJhMNHuoxcxy-NIZjVs635AFNNvjD4YdWUWSgLgXCB63JW1UfGYByKPhjxenRNl8dP4IPkuyNN0KVlcGp94tDkVoamBZXDYm415FRkHinicjg3x-OcXixO45DmRewivQEBLf3CEe_GmRzaX69dimbbmxjFJiUdVHt9lZ4PnQ-Nyab4QvQfyPAGNd96N7HbPJTNtqhr5EwkoY6HVhIv05IjpCeEl8wy7XJ&sig=Cg0ArKJSzBBTob9z98uyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&vt=11&dtpt=221&dett=2&cstd=0&cisv=r20230817.85716&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
frame.html
ad4m.at/ Frame 4CCD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
385215
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7faa2c326b6f3631-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdxA5mRbjp6TWe%2BAUjglBDPFooC3n93v6MO%2FdiGZQJJQdlbxasOkpqv9PSYjDkGKPY8IKmMALVk7MXUZnMPv%2FlGLf3GS%2BLSqsjxHBcOmDssFKTN8zZYSwucMcIJTOOiKPV1Z9yg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame A1C3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOSDRANvG_mhC3oCYkpiZwAADKkAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K4X73CXDH5PG008B067G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A1C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame A1C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOSDRANvG_mhC3oCYkpiZwAADKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK36EXMnLTQxmk4yxHruhZE&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK36EXMnLTQxmk4yxHruhZE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK36EXMnLTQxmk4yxHruhZE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8725322781652957803
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8725322781652957803
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
an-x-request-uuid
a28b0788-1cc2-4120-a18e-0ca7d8ca899e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8725322781652957803
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6136022691595043624&expiration=1693907018
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6136022691595043624&expiration=1693907018
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6136022691595043624&expiration=1693907018
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ups.analytics.yahoo.com/ups/55940/ Frame A1C3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZOSDRANvG_mhC3oCYkpiZwAADKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame A1C3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692783818
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692783818
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7OcFdl5kEO4ZfJuQ%2BpWIKuPZPlmpimlk2xXcTD5jHudrWxFEocY0%2F6oEpZVn2yUEnNvSE9WgP5cpbUsQHDjgDWfTA9CNDXjK%2FbqsLo13oaspUwiqWTip5Lu%2B347OPepkzjA3T8u"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7faa2c34e9564541-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1692783818
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame A1C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 22 Aug 2023 09:43:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame A1C3 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZOSDRANvG-mhC3oCYkpiZwAA%263241
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
23319
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c339ac22675-TXL
content-length
43
expires
Wed, 23 Aug 2023 09:43:38 GMT
dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;stragg=1;&timestamp=1692697418632;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 40E0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;stragg=1;&timestamp=1692697418632;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6282 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10064
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
12719837213094237995
s0.2mdn.net/simgad/ Frame AAA9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12719837213094237995
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 08:30:22 GMT
x-content-type-options
nosniff
age
263596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13220
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 08:30:22 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame AAA9 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame AAA9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:56:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AAA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDq4zx-MQ8HLh_iI_wvSvpiJv0Fi6HeW3xzZmh_TVbVlFdGGbPY4sMb-ic7ktScUydXM5yItlfXML6zDaoZCPYfzHwX-138gFLmQXNy7rItnUBuD47Vw6fDkxzg8x-8ZH69xb2-w-uyhCqdcN7d59pXY4P10Gv3WKLkrSOVtq7bVtJy20fzAAg9x1T8uiuNw7L9kmHGuuidKm7O2zIhJZqwXnwGJFlIJEDHTIm-jPawcRjV_H-_2HmwwZmdWTMi1v_82hdbgtrK9ogEziyxER50i7q3suzKT1SW84GUDXZ1ji30FI-LFYRtejSPdYjSRM4jFiXroHUk4Ed8BegrHKhLg-P2f6XSD3H990yAC_D2WRvDLctfIQypFWlp4yyw_knTycMdjzbUx_jD9KApo8ZK6wwVA8qoK5KUI9QZHgihINl9gjNNSFZpavVjQa23o-TDXA_1p5snalFufug6Uf-8_bLc8MW2mSDUuznwhIaSluzEjFRNScaOJp5XnnARpFkpPsOOFpwZDzZmUV0v6dMj7dcLvY5Lw5J46KyIA-51Jgqq_BB_sUy2vHrglsh42Kmtm_3SOKt6a4KS8EARzA3WIlMk-lOOOlq27Nd4ZyYyCxw309yWqefc9Du5pciWo8xI3a6aBMbCEdloBd4uTkkrt4cc4xWfhDW5RUTkkDej39P0H9WsF0ctb4G-73Yd9YQL4_7ObqV40Q1lJNWcHes9LJdd9-LI9itkV_RuvYFIEz4pK_jFSrUEXaaiZWr35UUoufVTJwvN-HW2kdT6ZOOE1eVSdg6mdETG_kyNwFVwM7wghQY-vSesSRoKPKIoX9qyr_5bIdj-0SxTcDGP6RKNW2K4bQTeYaoWtyEDThV2GGdJDt4E-oGkhRYR8LR1tZ5xUmsL1h_ZuAtAkasKNn2yzO6zxADLvTRVOpbYUTCWA8unDPn_a5-9-_NQca3xRdztKofT0xUwDJ6mUtv2a4TCSR-LLDWIh5I_liN_3SEzEzeyMsKtCp3baO6yaHk4SbzexWDfWVQCfQ1Q3d-0iLy5G-oYYdEFy7nwIh6fjgtgzt8bKYH6rUz9GIbSHOtsEnGfpPBTC7PB4RFEofItYLDq7kZR5Twe8QKxg9-zEYKWAoUIDQeVVxQ39xpnFeyt_dATFUqmA1nJe1kzUUL-4XetNyd1iRKy0bjY8fYi9HRKr_sDTEFS7T9opLWqzBcRJMGusC01LXMI0S_KamliNcdAl7fqOSodq1pGow28boyo4eiYxscTsdVPCRh38YGXw&sai=AMfl-YSP1-4TWWfQh2c8rw9y_MphGyhMU09uVGaIvT_-ljSjuxCvNTToKa1LhL2LYVmuRHaAZ9-EA1PiTgHuub87gRiO1IpHROONJmE_zd2fxjJkoSE5LvOS8XxSMnp8ukddyEUqrPpYdhidqv2xujr6GnjgXPY8BJbu-tNjExSPhMxh5vpqvDY2I8NQ24GHeA0C3FM4rcxeLFEaDqIDYeccgusUmaEwXAAde45drB5WJVU8bKAQKC24zDXOWY0gEYkodl-y&sig=Cg0ArKJSzFyJz2euFOSYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230817.70889&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 09:43:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AAA9 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 03:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
195664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Aug 2024 03:22:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9B36 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A761 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
r62eglto.js
ad4m.at/ Frame 8F2C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580391
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Kmhzv5XFyvEiHJUr5SRn1MlbHepWQ54Vn%2F%2FoqIyxV8LF%2FyPOzgYq5LAUiazAxy%2Bf0hl%2B34htFArpsz%2BTeOnaeW8JTbtdmVgq0ewsaOi1rvA4g1EnBScsZXlQ0AKEMtHnRyUlcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7faa2c330c413631-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 15 Aug 2023 16:30:17 GMT
/
track.adform.net/csimpr/ Frame 8F2C 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=38735235&csi=7BYKI8qZ4OQMWDstbo-7FZbYIpLteB-AqS0eH6U_iLMJDwKV3Zer3KSIP03OAaNsrCh-Xk-xhwxIM_5ekZQzlWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 8FD6 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:20 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1810 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame CF6B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 8FD6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8FD6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss83SL6OXcXLB8nUGpUDThVAzEt-s6SGHuosgRQgPJzdQKGwEWKfK61jh56wGIuSE9fldeHMznhmRIjLQ6Oevl9t3UVnrTJ1-agqfpAVLfo3nNoQr3OSShrjvQij91xZ9RKd9JZglN5qPlzoMb6v3zVffd8qt8HKKmzk0ga-T_vZE9Y2-FnkZBQ07FmMJN0BssldAxGhwq_97G4G4JjDljzQh2VQLDAFmnH1epAQZj5IqKOK_WdUGNYH4SEU3Px6tiK3RDP0o2SBRsCBRkNGqAGesGoxbqP5L7D4bJ0X972UV7dtH87g-GasiXYB7Ps00c9qn8TVbxfSAX_FOnl09NM1ANg&sai=AMfl-YQnP4Z6NvuY3vNgQ9BgVkfpDZS5FnHoGBfJu842HY9TdeESz4V940H5x3WLi6VnlICSomFFLxaYEqliF4tgONhnbZIwOUlUlfsCbPf-pzfxbeaKYAsvVtSXPwP8yw&sig=Cg0ArKJSzNz5fkqR3_6eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
truncated
/ Frame 8FD6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd7896ebb9f3ae789ba5d7102d9ffe678863ebb715a458c3eb8a7f61674d98b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usersync.aspx
dis.criteo.com/dis/ Frame 59C9 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
Tue, 22 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230311
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9BEE 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 09:43:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RH4AQVJAPB37PSEV5M4M
Pug
image2.pubmatic.com/AdServer/ Frame 6919
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
42 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 434C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XL_HlRsTQ26t1W0rcv4YxQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132426
accept-ranges
bytes
content-length
5606
expires
Wed, 23 Aug 2023 22:30:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 434C 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.97.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.180
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 434C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3488708791
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 09:43:39 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
date
Tue, 22 Aug 2023 09:43:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 434C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2xmcVVxVldDcThSRHlqc0E2djlBY2ltdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6136022691595043624&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Server
54.144.103.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-103-147.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 22 Aug 2023 09:43:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUNCRkM3OTUtMUIxMy00MzZFLUFERDUtNkQyQjcyRkUxOEM1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvN-KyzXVBC3Zp0R4vIVQM&google_cver=1
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvN-KyzXVBC3Zp0R4vIVQM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvN-KyzXVBC3Zp0R4vIVQM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 434C 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 21 Aug 2023 09:43:38 GMT
generic
match.adsrvr.org/track/cmf/ Frame 434C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6136022691595043624
42 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6136022691595043624
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6136022691595043624
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 434C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/5CBFC795-1B13-436E-ADD5-6D2B72FE18C5?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:bd5b:64ca:999b:f400 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 434C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame AAA9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
064baacca20665004b1ad4cf8fa6916e35594aa0612ea76007471941864fd413

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame AAA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDq4zx-MQ8HLh_iI_wvSvpiJv0Fi6HeW3xzZmh_TVbVlFdGGbPY4sMb-ic7ktScUydXM5yItlfXML6zDaoZCPYfzHwX-138gFLmQXNy7rItnUBuD47Vw6fDkxzg8x-8ZH69xb2-w-uyhCqdcN7d59pXY4P10Gv3WKLkrSOVtq7bVtJy20fzAAg9x1T8uiuNw7L9kmHGuuidKm7O2zIhJZqwXnwGJFlIJEDHTIm-jPawcRjV_H-_2HmwwZmdWTMi1v_82hdbgtrK9ogEziyxER50i7q3suzKT1SW84GUDXZ1ji30FI-LFYRtejSPdYjSRM4jFiXroHUk4Ed8BegrHKhLg-P2f6XSD3H990yAC_D2WRvDLctfIQypFWlp4yyw_knTycMdjzbUx_jD9KApo8ZK6wwVA8qoK5KUI9QZHgihINl9gjNNSFZpavVjQa23o-TDXA_1p5snalFufug6Uf-8_bLc8MW2mSDUuznwhIaSluzEjFRNScaOJp5XnnARpFkpPsOOFpwZDzZmUV0v6dMj7dcLvY5Lw5J46KyIA-51Jgqq_BB_sUy2vHrglsh42Kmtm_3SOKt6a4KS8EARzA3WIlMk-lOOOlq27Nd4ZyYyCxw309yWqefc9Du5pciWo8xI3a6aBMbCEdloBd4uTkkrt4cc4xWfhDW5RUTkkDej39P0H9WsF0ctb4G-73Yd9YQL4_7ObqV40Q1lJNWcHes9LJdd9-LI9itkV_RuvYFIEz4pK_jFSrUEXaaiZWr35UUoufVTJwvN-HW2kdT6ZOOE1eVSdg6mdETG_kyNwFVwM7wghQY-vSesSRoKPKIoX9qyr_5bIdj-0SxTcDGP6RKNW2K4bQTeYaoWtyEDThV2GGdJDt4E-oGkhRYR8LR1tZ5xUmsL1h_ZuAtAkasKNn2yzO6zxADLvTRVOpbYUTCWA8unDPn_a5-9-_NQca3xRdztKofT0xUwDJ6mUtv2a4TCSR-LLDWIh5I_liN_3SEzEzeyMsKtCp3baO6yaHk4SbzexWDfWVQCfQ1Q3d-0iLy5G-oYYdEFy7nwIh6fjgtgzt8bKYH6rUz9GIbSHOtsEnGfpPBTC7PB4RFEofItYLDq7kZR5Twe8QKxg9-zEYKWAoUIDQeVVxQ39xpnFeyt_dATFUqmA1nJe1kzUUL-4XetNyd1iRKy0bjY8fYi9HRKr_sDTEFS7T9opLWqzBcRJMGusC01LXMI0S_KamliNcdAl7fqOSodq1pGow28boyo4eiYxscTsdVPCRh38YGXw&sai=AMfl-YSP1-4TWWfQh2c8rw9y_MphGyhMU09uVGaIvT_-ljSjuxCvNTToKa1LhL2LYVmuRHaAZ9-EA1PiTgHuub87gRiO1IpHROONJmE_zd2fxjJkoSE5LvOS8XxSMnp8ukddyEUqrPpYdhidqv2xujr6GnjgXPY8BJbu-tNjExSPhMxh5vpqvDY2I8NQ24GHeA0C3FM4rcxeLFEaDqIDYeccgusUmaEwXAAde45drB5WJVU8bKAQKC24zDXOWY0gEYkodl-y&sig=Cg0ArKJSzFyJz2euFOSYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&vt=11&dtpt=213&dett=2&cstd=0&cisv=r20230817.70889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:38 GMT
frame.html
ad4m.at/ Frame 83C0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
385215
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7faa2c346dad3631-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:38 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIC1rA6h88Cijfq%2FV68d0nrkecdUOWd%2B6WA%2BGjD4g3LEEc35Z6x71IhMyaKLjXSPShNjWAjGdqkHgEc5TtE1HzAcnOparlZFD99COUE3cIrG15%2BjBTV7GDva3E2jpz9d794pWzA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ThirdParty
s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 8F2C 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/629/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:20 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 20 Jul 2023 17:05:44 GMT
usync.js
eus.rubiconproject.com/ Frame CF6B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10064
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
usync.html
eus.rubiconproject.com/ Frame 7212 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 09:43:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 8F2C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 22 Aug 2023 10:43:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F2C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYi7o_QofHA8HxKMfTZXJyupy7NazY-b6ERETWlU9KbRAPHK7VH1MvnGz77ekbXt7iFysaPwm7uSQQWio5GxryI9T_2Yde6hoj59vXkt3zeo6FseeewctcYVzyn1ultZkMUkARE0-8bllUNtqvz5_8MXk3eXQqIEXS7gEEZ1cfEBBOxnoEhbBssn6BuPeKNWrsBtzYi_LUiD_R1D5gRN9XHXlsYopScj9t5S6BKUH3VQnDik1d8v3jICSJy6JydI5oNX01dxjWO89s_Us57hX4JG0pkWtBQ48anBtwYMjNij7H-fkeRemHpCzBFe5rX5WNu9bxN6l2LX91pBo8jlzQrV58&sai=AMfl-YSD338uOF-JLq0bcR8hTKgIZ6lE_ObcpHF0yKFUunspNYVI5A8h742T2d6zsaNHpMooX-cCp1OSR4t_AJx55n46A2qTo_9i5IfEE1qVj2g38YOw5aYPOTk4TZCz_w&sig=Cg0ArKJSzGqRvjMGJJV8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 09:43:39 GMT
truncated
/ Frame 8F2C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f434cb2cd17117f923980abe51099fd8dbb157109fd2a01c1d383e842c20f577

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame A5D2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
385216
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7faa2c34ee693631-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:39 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0vn5Gz2CdAv53LPOOUaAPx%2Fipkv5lqI8wYbRg8F22jGNa23b51VF1mxlJE5MYppH9e1dfbCDs6%2Bo4hnVE80hYU%2Fq5FTrHPrqjPPbP1wQa6bETHR08xV4%2BP22RCros%2B1Xx9Fh8c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7212 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 09:43:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Aug 2023 12:31:14 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10063
Connection
keep-alive
Content-Length
10115
Expires
Tue, 22 Aug 2023 12:31:22 GMT
beacon
ce.lijit.com/ Frame 534C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 9B36 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame A761 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0EDF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
316074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 17:55:45 GMT
expires
Sat, 17 Aug 2024 17:55:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 1810 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C44 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA1paR4PkZKPNMJ-wx_AP4qi0uAEAAAAAOAHgBAI&bg=!rq2lreLNAAZGPLJIZjw7ADQBe5WfOBg9yTnSDognkfkGHBGQkB-WKWZ66TxHYto40a1Dwb4QV9w1AtC2Dv7yeqBrvSHIAgAAAy1SAAAABWgBB5kDKcFzczB1_7de173fB9DUyPDCVbOMjhmg06Zp8eqRVOSIYbOC58Qeyj6iYha4d1F4rfPnT0oSX3Z5xCgTT2FbGFKm5gflmE6-qT3Ts6_fOf3u2tYNRgTkWVSDYA8ex3JOw8QTrnM4qi9ndYVMps2YsI_l_GuqotZcZRIn8wxb3sXNWLRTMbZfZgXL6ErRYetJND_3pKzjnWOsZ17Jw4HVQ_GtsKcEP3XWzxb2z3e32HiHEfiBWLlPsED64AIB2E5LuUN_gOZwwLnp3x5jl3gyjILjXRlpxzibKnAF0etjE9CeG1_P07daDnS2Xe1TDdRC7_qCOp1DsI1PiUkTDtvP-Oku9QZytK1DbOkjD--qWRKHH-Y2aYsfs7ldR64pkJJpuEG8UfgGfoBKsv_DXlO8wdbHvIzpOd1DNc9vnqjqe0Gjau8fpPoC-zv4iAU7ZUEp5m7VNZoY3x-gWn4wmIJ8IA3B43fy-3fgQ8lJBj8KTqT3WgH-IkEsaCbNLqyYfFMOFYjfYvJxOQ17AeCeJGKACfUS6Nc5RHsRIKmRospTtgtqYri_eufRju_gy1X06zUsxckca4MyzIZzny2T2trEI6PvpCfpjCjQUA-fuplWHWpBEawAWXIKBwMz8rHHcmx6XVEc3FKV9bnMSsgUH9Jyt79I97x5dh_MuEPj4cVvTvWIy7DmYvqsjLg59yLfEvN6UaKvc8YCe4soHlrBa5cimdWtaCr7Q2iBDpZVEoL-LzZXtcHWyAR-nKlp17ox1d7AaAwHY-2Syb-LFMBnWc9rZ01IHbRn06Ws7hrOj8VM-O30kaUec1pjD0fSdKUROF9Gxpc04DSzwjUtipfsn57MIgOIFbqzta31n-3Y1C6xI9s7Dp2VG_S1xd2VhbR3ADJSUfeWlBNz0FasQ-LTSUqlU-bR7ihHRN4fi2dbKq9MrnbBdICLyO56ifKnQEixDitps7uTuuL3wU-tPhzCD1Lju93v7XRt2rOzQmimtZKvrTMRlsI62_b8c8G6UV4LM72RSMku02UXqQbOzsOhh0ICheNsvWemUIT7XRfCBZHJfQ1UbMgnzIBDNZ5U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 0EDF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 06:15:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
98889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 20 Aug 2024 06:15:30 GMT
beacon
ce.lijit.com/ Frame D7A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
beacon
ce.lijit.com/ Frame 204D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 22 Aug 2023 09:43:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
rs
ad4m.at/ Frame 4C5A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce6a6a3045c083e7a6698cdaa9e6bc12f724268e8cd03f3abad80826fcdc655

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EilrtXXP7r%2Fvhvfxoi%2FBcNXExS1bL5zCLTe1ADFKVNeMmfm37dxAA0%2Bl4NWMdk8OtA5HxRcU%2BggScPh0U5ZbjPqfmkU4ClEiGyLDmkeOsKOxL3rpjES5YICTu6entB%2BKlZLGqcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
cf-ray
7faa2c36ae0c2bf2-FRA
x-backend-server
aa-reachservice-group-europe-west1-4jr5
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faa2c365d9b2bf2-FRA
content-length
24
content-type
text/plain
date
Tue, 22 Aug 2023 09:43:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csBBHQ0kQMUzKDIqMXelj6O16wPMvQM6nE1Ro072RGADfsg%2FOvpM5uui%2B7A8Dm7msmes64xBgGhgObJICtvqxt7RMsSRWv1TXGyuqVIYnwepCsSGSPk9mzcHT2H0c%2BXCVTcNQlE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-hnzw
rs
ad4m.at/ Frame 8FD6 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ecf633f13d9c28e4297ac73a726a8cbc13a0b6d5a2f853fb6dd4d39142a1d1

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyjTD%2FkSl8b45%2F0HEa1ZKY4XLBMUmeuCJoS49f%2BQAlCph6PndIrcfmbdQGyZmc0F7NYo%2FxLQ2YthpC%2BxGpKT08k9ac4nHE%2BuyIL5vujwlAITKxBmmHnAdq%2B%2B4njnTxfMkbkS2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
cf-ray
7faa2c36de5a2bf2-FRA
x-backend-server
aa-reachservice-group-europe-west1-hnzw
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faa2c369dff2bf2-FRA
content-length
24
content-type
text/plain
date
Tue, 22 Aug 2023 09:43:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km8hyhYkAoTllMcL3RvFKBga9AWnkXVy%2BoTQEcbO%2Bn0lPmMuNE7k7DfzFbOvZzYgJeWfTJ2tcW09SKPnrxm8lau6Zms86dt8CxiRQRfSvJSOMDq1nnPrmHo%2BHaEqUwM6wkBNVv4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-4jr5
rs
ad4m.at/ Frame 8F2C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e524e0ea33b808b9b649b5dd4bdff818b5af74d3da172aeb6ba819b12af836

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX2KTlVnyko333h%2FbYyyjo4lQQY2dKSbfFrVK20t9DjPomA0uIDi9s7QLZ9lVe2%2F15MqeDJE1ShaPFshFZgVL9psqSDm3fDud%2BF2%2BDrL41QqsM73yU%2B%2FVedHDAuBG2gINbG5%2BYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
cf-ray
7faa2c370e8f2bf2-FRA
x-backend-server
aa-reachservice-group-europe-west1-4jr5
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faa2c36ce2d2bf2-FRA
content-length
24
content-type
text/plain
date
Tue, 22 Aug 2023 09:43:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Bq6C2V1TFj2m9wu9TORB442XFL%2Bk3NiiU72L6FDYC9DToqkH7nYlZp2vWZo8Vh71%2B25XfenKgNia4D1ap49bcGgRi9RHoRvmCW01h3oF7o1773k06jsaH2LETOgKEdIgrwJq94%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-sxhc
rar
as.ad4m.at/ad/ Frame 2F81 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ff3715f657630f4af33db327c39280a35032d7ffaccb82fb55bcc324596505
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7faa2c3708fc3631-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame B1B9 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b804c28e215aadfefd8e3fb7b3eee5ea8c12b223cdd8463b538267ad2a989f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7faa2c37594c3631-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 3903 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d02a6108318fbab4e25136d011d2c591fef5c4a5e904cdb696cb8566edf3ab4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7faa2c3799a63631-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 09:43:39 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 2F81 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1117830
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsFsEDxUb7FCqLhxzWAAeMf1QIfRy6V3iQnxD9ca6u6DRuj1bIjgvRuIw9q6gF8jaXP7meKH5YexlAXjK3o1MmVH2sEKYRPZXvE00z1p8UvkWJX6cR5YHObilOurvMUnan4RVzkhbLo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7faa2c37a9ba3631-FRA
expires
Tue, 22 Aug 2023 10:43:39 GMT
810D4C0806EF126644ADB8E8871DA54509D983BDE9A3C9B02C4AAB7F3E17E6D8DAC90B35B446C823DD752EECBCE3C43A5F9D6A76EB76F5AED802FA02A7CA6808
assets.ad4m.at/logo/ Frame 2F81 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/810D4C0806EF126644ADB8E8871DA54509D983BDE9A3C9B02C4AAB7F3E17E6D8DAC90B35B446C823DD752EECBCE3C43A5F9D6A76EB76F5AED802FA02A7CA6808
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cdf3db1fb8c36938ea016a8b6b0573efafc54ad1c1f644d68e3256ed79d04cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588126
cf-polished
origFmt=png, origSize=26399
alt-svc
h3=":443"; ma=86400
content-length
8380
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:37:29 GMT
server
cloudflare
etag
"2a9e10fb3fa17ff53861618c9faad245"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnHsPTzcY4ZMe%2FuyR89Bjos3R%2FvB3n%2Bz%2FbNRA6WSpbZScLmJ5Yr8Rtm5UA%2B22K7UhQuNrcPxJOdJefUAZm3FPqj9E70X9BsYMGmzQSRy3L2zO4Agv6jQD31TyK7flYSbN7yLBTx6fpocJJne"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37a9bb3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
61AD38746AC3E2F8A6DE59BD37E22FF303557536AECE89A7BC9AB7EACF5A32CFF0DEA7263899185328971B42B1CEE0E83A47248813DC37A87EEC0DF3EB4E5664
assets.ad4m.at/ Frame 2F81 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/61AD38746AC3E2F8A6DE59BD37E22FF303557536AECE89A7BC9AB7EACF5A32CFF0DEA7263899185328971B42B1CEE0E83A47248813DC37A87EEC0DF3EB4E5664
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4a14522da03928e2d36f023e44a24b78aaacd8efdb2f1b388fec7c14f8b5dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588126
cf-polished
origFmt=png, origSize=492511
alt-svc
h3=":443"; ma=86400
content-length
324916
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 14:11:46 GMT
server
cloudflare
etag
"2971536719eaa3964b1e5af52ca6ae3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cZD9xWVlRit9FnyIi14qHaSEvizrOEmSJtuLLas9l82f5C9vOnNrsExgKbzjy2NhbxzL8fd%2B%2BcsRIy3DUgIAV0ha2jK0x4NyZi223H%2BVeV6Rfxg9S2pRji10A29PoGJdrJmEn7G3FiEIqPf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37e9f43631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 2F81 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=341798&slotId=46690&pv=1&subId=oneidPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFponeid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
assets.ad4m.at/logo/ Frame 2F81 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770e3d597a50bb5294424568ed6fc0a1f9e0e28d30de7e09678f2f6eabccea8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588179
cf-polished
origFmt=png, origSize=46305
alt-svc
h3=":443"; ma=86400
content-length
24400
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:25:43 GMT
server
cloudflare
etag
"360b616d0a31149c2e9ccbe732beb6ea"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRqnQolpo8X17invRyXJUTS8mJ1wQAPy0tL0mtjdKp0MSSTShMxFpPum8clAg2fmQljNQY3vWZ2IAV3hC4SEKV02Yz4L8EU6GLCLugxV%2BdLaHAA8aE%2B92%2FHjXmIrJcqci6WKmiNP42fMnSYE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37e9f93631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
assets.ad4m.at/ Frame 2F81 		478 KB
479 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a33b6cb46421bb6a281b8575a3c54d675919e4cd7667ff826fa1949f8dbbb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587669
cf-polished
origFmt=png, origSize=917763
alt-svc
h3=":443"; ma=86400
content-length
489762
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:30:55 GMT
server
cloudflare
etag
"c42f02b161311a95e0c22a7c122bd7a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsR9oESxyBF6XCsEXN53mrvN3Sdv0L2G7mhxvdx2aL3mqq%2BvV1EfC2okeZDKdo9CdV59rQB5lnCftx8E4ac2zGBeCAYInstfdVlnGDIw4VQrE76nW3n3DIziPpfvnieeyR7Hzm9tRgEzAAK8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37e9fd3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 2F81 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=345074&slotId=46690&pv=1&subId=oneid9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFdoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
B513AF79396073DEC88815D266AFB7B36BA301F2F8A61779A072A310E9BEBE2D21CF2CDB60B4C89C093E22E6FB6D885B0D21C56527AF0BD50EC47F8373A947DE
assets.ad4m.at/logo/ Frame 2F81 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B513AF79396073DEC88815D266AFB7B36BA301F2F8A61779A072A310E9BEBE2D21CF2CDB60B4C89C093E22E6FB6D885B0D21C56527AF0BD50EC47F8373A947DE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e16709a3f2bf798602773fd83f5d6af3d20cd6e46996867c20b353f41563ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597844
cf-polished
origFmt=png, origSize=14487
alt-svc
h3=":443"; ma=86400
content-length
7486
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:10:51 GMT
server
cloudflare
etag
"0f8a5511d5fca1ac5a5ce2e01a80e84d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUYdOGundeLuP3%2BU5QJNuc1rGl85VBfUy%2BRj1oLjv5OJ%2FoUqqsu%2BWzSmoJhqhDV5nPaJY07juVtNUTQq92ZWG7xAngfHd4%2FozklYJCYGiFXf98cfKo9hVegbpSshXrNY1OC1e0mjDv0GTnK4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37e9ff3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
4F0128BAA6BCFEB99F91AF4940D1DBE0E7F7A5C90A3B159A6E1DCF707E0C853DC381FE89CFCA62884ECF03E8DBC79011699983070BBB46BD3239ED91A19987BD
assets.ad4m.at/ Frame 2F81 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/4F0128BAA6BCFEB99F91AF4940D1DBE0E7F7A5C90A3B159A6E1DCF707E0C853DC381FE89CFCA62884ECF03E8DBC79011699983070BBB46BD3239ED91A19987BD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded16d684fbe2fad23aabf3c0c97d2c51bb428ecaef9247e8d1f75a9c0441e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597844
cf-polished
origFmt=png, origSize=111690
alt-svc
h3=":443"; ma=86400
content-length
71560
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:15:30 GMT
server
cloudflare
etag
"b69a9ed7fa4ace099b17191e0c20d1cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RPsnx7mzsAvK08R1wY0oMJ5PvDa3VaawANQ9MW5PL29eel9xJRHzyRoglPobW%2FJUGHZvmhG%2Fru1lRGccHniCUh%2Bx1BNWYjkH3Nh3IkQlUMyFdzxmzd5u4e3LEN5Y1Ioxs%2Bno51UHkHFlFLx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37ea013631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 2F81 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=339158&slotId=46690&pv=1&subId=oneidWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B1B9 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1117830
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53K0WpN%2BEDukDZyCOi63973E1j2j%2B3WjSWia%2BNVK%2FGJg5w1fqODawz52zoEsbdofT6MgZPk6XPERrZvFQubD%2Fbk%2BWPiSisvGh9ftICmg%2FHx1a8DvYcf7k%2F%2FDSZXAQQo2XJrtmr9HU5w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7faa2c37d9ec3631-FRA
expires
Tue, 22 Aug 2023 10:43:39 GMT
B68CEE88A13C9DE5660E452DC6524AB24B080B2CDCEF7537BA69A693AA8CC1B2E56005426F790B203979AECFB723163D21FAC2FC08A9CBC6848DD448F6132117
assets.ad4m.at/logo/ Frame B1B9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B68CEE88A13C9DE5660E452DC6524AB24B080B2CDCEF7537BA69A693AA8CC1B2E56005426F790B203979AECFB723163D21FAC2FC08A9CBC6848DD448F6132117
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e66f9bb69cc890fad076700aa449a9ac18b091c8ecbe8fbb38a1956a10e6845

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1846784
cf-polished
origFmt=png, origSize=52451
alt-svc
h3=":443"; ma=86400
content-length
28524
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 10:45:03 GMT
server
cloudflare
etag
"fb628f35460095404113de8ca8c72b83"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrRSDo%2BtDe98qfe3BE4QDA8iDTJuZfazXVaxhVgOXIf6HnvhGe8zz9m%2FaxTOyaX3dW8WHsulPcu7W8SMZ4NxWXNxcSnxHtQTn7%2BPCeeaKLU0vFiCVLt4yWkw%2B73gsVllRxw6YIiXdCt0wABQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37d9ed3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
E95A1585B5B9DF1312A1BFDDAEFC1222586E8ED66660DA2F9A0CE6B6EDA4A11C4A3B7DF305DB38E4DF81D62AA52E42BE292AD1015EB2AB1E3D7995A6501B876A
assets.ad4m.at/ Frame B1B9 		439 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/E95A1585B5B9DF1312A1BFDDAEFC1222586E8ED66660DA2F9A0CE6B6EDA4A11C4A3B7DF305DB38E4DF81D62AA52E42BE292AD1015EB2AB1E3D7995A6501B876A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1f538d31fd67569a9212ae662a35aa088e8df2a224e7298bf8ab023a49c49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1269080
cf-polished
origFmt=png, origSize=727631
alt-svc
h3=":443"; ma=86400
content-length
449060
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 10:51:43 GMT
server
cloudflare
etag
"57a4a88b24a130a59146c466a33c3ee1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmwDRaJpo5Uj80MxlFINOr7o8v0KIJTE%2FUDPir2hx%2BZtYTILIFxL%2BiXNs30zAqN0Hbd%2Fba9VZaMpk1zdl9YlX5YudwkrAk8ZU0NcyIx0d7aolh5KO1UZsjW9eOXtK7GaJZ1Mw9myfk1UMfVL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37fa143631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame B1B9 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=347982&slotId=46690&pv=1&subId=oneidXxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
83A92E38F31743E24A89A2DC06666F91769B80B32CDA6903D231741F0D1AA72B200A159E96A2D883994EE1178BE580C4E0D5CFEB40DE6D39293D019B02B3F118
assets.ad4m.at/logo/ Frame B1B9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/83A92E38F31743E24A89A2DC06666F91769B80B32CDA6903D231741F0D1AA72B200A159E96A2D883994EE1178BE580C4E0D5CFEB40DE6D39293D019B02B3F118
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f908c24d190f852f95bd323283ea2565090784c630a2c5c39a206c42f440f20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2143067
cf-polished
origFmt=png, origSize=42940
alt-svc
h3=":443"; ma=86400
content-length
26176
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:02:10 GMT
server
cloudflare
etag
"665a8e23f64425424076e1d1c616eee3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezuj3ySkwaGnAc95dQaqaw9LcJ64btfHyeBWSKAyDLwYbCA9SqDPdcUkKUY4KymswDOnAvlpVvkdD3C0PT%2Fo2fATMGDh1T1HqsVtoIPwj7RGUTkbdMTUkp%2BmN6HR890%2F%2B%2FzhA6HBnGoNwCN7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37fa173631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
26B058FE8CD1D0078EBFB004006C5E4B81058F3BF38A5F13380BB1E9F624525FED1C35376F869C198472733C088EE81E3EA2A0DD3871473551F24138E93CF91B
assets.ad4m.at/ Frame B1B9 		326 KB
326 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/26B058FE8CD1D0078EBFB004006C5E4B81058F3BF38A5F13380BB1E9F624525FED1C35376F869C198472733C088EE81E3EA2A0DD3871473551F24138E93CF91B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e661126e9de5d523bd39aecabfe41c5e183f2ea038316fe2d15495e18cbbad14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2138203
cf-polished
origFmt=png, origSize=524625
alt-svc
h3=":443"; ma=86400
content-length
333652
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 12:12:40 GMT
server
cloudflare
etag
"12f3a10abb48ded1b9bc7624165c89fb"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ndJZ1X1K9eOVcDwUlkFAD20xlDCXTJnHma5w0%2FNCM%2BQ5ddNP0QjPuc0nVT%2BZyATGQOtjdJ2cWeNMV0C4L%2BskXfZNI%2FALxPkPFXnJ1peWbd7PUKZ8pZKeCmEW4%2B4hsrtiEBm1tdEVHhL1KjO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37fa183631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame B1B9 		42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=348101&slotId=46690&pv=1&subId=oneidjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
1BCD30A9EA509B69FDC539265464D9A05E3B65A3FB4B8EA6C2578227CE3FEBE28A1A8D5C0FED4DCD15EE4CB5CE6BB83F079398859C57B2C4B104F0B3E4617AE9
assets.ad4m.at/logo/ Frame B1B9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1BCD30A9EA509B69FDC539265464D9A05E3B65A3FB4B8EA6C2578227CE3FEBE28A1A8D5C0FED4DCD15EE4CB5CE6BB83F079398859C57B2C4B104F0B3E4617AE9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
878f4c83911cea3135c79e317a8ec849b4a1cfcf0f007395f7ca9e8da8b4f711

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1267500
cf-polished
origFmt=png, origSize=1841
alt-svc
h3=":443"; ma=86400
content-length
1468
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jul 2023 09:36:08 GMT
server
cloudflare
etag
"f766e78c383fb9a815f61314d4d9a47e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KZwegLzk1Lb%2BjeZP1oAYsnvGiJepTE%2F0jqO9eTFRwrYMWj9THqfzOEW%2F7UUVYPANXFU41iErAkyXhuEI5Bn%2BFNQK5A9xYnFJuxi5z%2FG1hik7scbn6eZm0%2B5P6r2xtiSVrl0pWVOumNTkk7y"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37fa193631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
55B024EEAD0F40B989EB033CBA1601CAC7CDD4B99E1A6ED3031F81A67C9FD791A496F122A60D4CD0C6BD136640031CB07C08D5086700D7315F5E5B02A542CF4E
assets.ad4m.at/ Frame B1B9 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/55B024EEAD0F40B989EB033CBA1601CAC7CDD4B99E1A6ED3031F81A67C9FD791A496F122A60D4CD0C6BD136640031CB07C08D5086700D7315F5E5B02A542CF4E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddafda7d2c9a2e3b1b55849a475470762c9fb58f123b7d59290e8932b87cf6f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1807936
cf-polished
origFmt=png, origSize=656657
alt-svc
h3=":443"; ma=86400
content-length
392340
cf-bgj
imgq:85,h2pri
last-modified
Thu, 27 Jul 2023 12:38:47 GMT
server
cloudflare
etag
"403736560661f19f35a06f9330304886"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UctvIfpqAhNjvNJmTUXJP%2BlH6hBQA%2B6%2FBv5gCxtSdvqlqYEEFUN853WofB7Z6GvuwnTtaoVVgyRf%2FF9G%2FOa5raXSmOW2iJxjKvVfhzKM%2FOt21dcE3%2BLlQRQEny%2FLIrHgZoKIl31yuZ5FUtdN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c37fa1a3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame B1B9 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=348098&slotId=46690&pv=1&subId=oneide7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 3903 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1117830
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVTxo0Qe8Fx15wFYEXMOgLmYdaQUibkeVru0zKYhm%2F0otVJM7wF1G9dL%2FaM%2FyYHpFjxmmGaLhGaxIFAbWAv9boEj9i6r3%2BSlJPk2Xd%2F4LaAm9w1NI%2BQMtOqIC40u4aU%2Fkn2MnVGOpzA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7faa2c383a5a3631-FRA
expires
Tue, 22 Aug 2023 10:43:39 GMT
919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
assets.ad4m.at/logo/ Frame 3903 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/919F33DC4F8FCEDAD51B4CB97E9CF4ACFB91142881610C093D8A04C29C2AA963428219F87D44D360734EB1D3197C09E01950DA10CD89768E98EB33E135B88DFA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770e3d597a50bb5294424568ed6fc0a1f9e0e28d30de7e09678f2f6eabccea8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588179
cf-polished
origFmt=png, origSize=46305
alt-svc
h3=":443"; ma=86400
content-length
24400
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:25:43 GMT
server
cloudflare
etag
"360b616d0a31149c2e9ccbe732beb6ea"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23043UgWHhgmxUcLr6y49sQgtPLNV7fZTIsd4KfNMhciUoPAH61BiTAy9iMEx9kWTNrSM9%2FtmPzBCtEYfVeKpEsV%2B5LSbbPb4skZi9xrHsWlzKdJSfwBT6CPhHm44REieRXej55iL7fVc%2FdC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c383a5f3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
assets.ad4m.at/ Frame 3903 		478 KB
479 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C73BFFCD0EC30CE51718223CFF19997B7464C860CD2F22126BCDEDAF5C8FD3B1EAF29540CD27C1547E1FCF01C7FC659727692E002AC0E7C24CCB5A2C5AC65FCB
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a33b6cb46421bb6a281b8575a3c54d675919e4cd7667ff826fa1949f8dbbb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587669
cf-polished
origFmt=png, origSize=917763
alt-svc
h3=":443"; ma=86400
content-length
489762
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:30:55 GMT
server
cloudflare
etag
"c42f02b161311a95e0c22a7c122bd7a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BJAzUZAbqj4poTqltpOmeQ3orsBjGBaNtYkcdxRkLZqxcZ8C2zJRuJWzqqmc44ypZ%2BLgMy%2BGZS57oQg1uCUybqfg0wYM%2FKRR5t6TIljAVcZKz8LQcPFYYVF9UAwSbKBCJFxw0A0iDgIqirH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c386aac3631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 3903 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=345074&slotId=46690&pv=1&subId=oneid9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFdoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
B513AF79396073DEC88815D266AFB7B36BA301F2F8A61779A072A310E9BEBE2D21CF2CDB60B4C89C093E22E6FB6D885B0D21C56527AF0BD50EC47F8373A947DE
assets.ad4m.at/logo/ Frame 3903 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B513AF79396073DEC88815D266AFB7B36BA301F2F8A61779A072A310E9BEBE2D21CF2CDB60B4C89C093E22E6FB6D885B0D21C56527AF0BD50EC47F8373A947DE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e16709a3f2bf798602773fd83f5d6af3d20cd6e46996867c20b353f41563ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597844
cf-polished
origFmt=png, origSize=14487
alt-svc
h3=":443"; ma=86400
content-length
7486
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:10:51 GMT
server
cloudflare
etag
"0f8a5511d5fca1ac5a5ce2e01a80e84d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNptkAFUzlZp6W9YynI%2BM4elljnOcb6JPbgZReIyr%2BQeIh%2FRAoZa%2Big1XAv0V47kIaESV80V8hcMPb%2BqurMyamyP7HckCOGZu%2Fb057nkIRXYFGQGlWhxVBcDuFtCZnmKt3RFPgU770dqXAhn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c386ab03631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
4F0128BAA6BCFEB99F91AF4940D1DBE0E7F7A5C90A3B159A6E1DCF707E0C853DC381FE89CFCA62884ECF03E8DBC79011699983070BBB46BD3239ED91A19987BD
assets.ad4m.at/ Frame 3903 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/4F0128BAA6BCFEB99F91AF4940D1DBE0E7F7A5C90A3B159A6E1DCF707E0C853DC381FE89CFCA62884ECF03E8DBC79011699983070BBB46BD3239ED91A19987BD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded16d684fbe2fad23aabf3c0c97d2c51bb428ecaef9247e8d1f75a9c0441e8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597844
cf-polished
origFmt=png, origSize=111690
alt-svc
h3=":443"; ma=86400
content-length
71560
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 13:15:30 GMT
server
cloudflare
etag
"b69a9ed7fa4ace099b17191e0c20d1cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSukdttAT0ZQB4xaqy0D7ZWJRIrK1J7n3ON%2Fu2wd%2BED2j2PNDmQhbyDbZy6JcHyl4Y31lY8P3qtijMtYUNxjd01niZQyOrdUgvlXmMoXnPSccnWcoUxgdbo5FGMDN%2FaeS1h%2BS4Z5p8eGoRml"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c386ab23631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 3903 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=339158&slotId=46690&pv=1&subId=oneidWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2oneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
90CB3EC9075C1FC28CDDEBF77C5F682ECD9D76D16BABCBBF3E8EB8E5444F21E79B1F49D52558CA9BFA97AD3FA90C3B6E6270CE904F1412011F39EC29EC22125B
assets.ad4m.at/logo/ Frame 3903 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90CB3EC9075C1FC28CDDEBF77C5F682ECD9D76D16BABCBBF3E8EB8E5444F21E79B1F49D52558CA9BFA97AD3FA90C3B6E6270CE904F1412011F39EC29EC22125B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06acb56efe8c1c54e3c34672d06cff760b820ba8c617d2d95ef9242343e80e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588179
cf-polished
origFmt=png, origSize=67057
alt-svc
h3=":443"; ma=86400
content-length
28530
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 12:44:22 GMT
server
cloudflare
etag
"ae33bd988b5d246de48a488cc2bd9327"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M72m%2FhpKjwVMpStx%2FYSUTll4ePr1HG4RavBIIYeGj8ZfK4a%2Bk6frJoHuS7uXVofESaoV%2B8uCJKaP1ctlitmFp83b2krcZSssXlNypGP7CT2i1mpVVx%2BiR9geaYCcGf739ETsr4b1%2BmKY24ar"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c386ab43631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
50B0CA8B4CEB9877F8509A761A91762C764C4EBC9690448020DE63B3CDACC31CD262574F8F7596EF51FC29198047FCD23E4EEAD64B68A4FAE290E7B9FC39DFF8
assets.ad4m.at/ Frame 3903 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/50B0CA8B4CEB9877F8509A761A91762C764C4EBC9690448020DE63B3CDACC31CD262574F8F7596EF51FC29198047FCD23E4EEAD64B68A4FAE290E7B9FC39DFF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c35f8a89812113ef32cc0f127e17f6a75f61170415ac7f4cadd8f7101dcaf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
588179
cf-polished
origFmt=png, origSize=384185
alt-svc
h3=":443"; ma=86400
content-length
246782
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Aug 2023 12:56:26 GMT
server
cloudflare
etag
"911e3488e5a08c386ac2f448d0ead7cc"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK46uQz%2BcH3aWPZr6Lp5UNm6ZAglLTtF3ehwfRsD7Z8UnEBu9sTwezHr6wSawPP7GaAzFGAYnOt8GgS1xb%2FtAdPK7BWpS%2BszynuiRRpjPz699wXTJ4%2BMTjMO6a4o7GtR%2F5Hb1F4mQOWjT16t"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7faa2c386ab63631-FRA
expires
Wed, 23 Aug 2023 09:43:39 GMT
view
t.adcell.com/p/ Frame 3903 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=341918&slotId=46690&pv=1&subId=oneid7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FMoneid__adf_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:42:40 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1810 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B39GgSYPkZKHkINKPjuwPru2p4AoAAAAAOAHgBAI&bg=!jo2ljcLNAAZGPLJIZjw7ADQBe5WfOG41WhKYpt-Tmy5VHq49ENG3kwJeg4F2mnHmxWbv1d3a6gelOnDwyTcoVVx0FqDZAgAAAQZSAAAABmgBBwoAUAyUfpmlWG4Qckk9siXfB0Gueme8OHMwXH_AAl_jLinjmDUUrXx5psIplt3Q4KHj0Cd3WBWwQumyV0WwoVW9tqUITETra71qtweU2ttbpbW3mQMryHE_lvF-4z7EygDe7vpvPoIyMV_TNGqztY5L1j9tDFArrNS2_a2uY8WC3qcDGa5IZA1CqpqsC4yYDpQ9G6YAToxqwyak4J2_cRJa7L4oZ1h4VYwTXZVKplwfPif-av5jNZO-jVaDlOjnrnjg425dETb0vfuKuzwQRBYokN0HF8i5nqi1_adiuQHfRTWTv16UHwB2OAtdEhMustpHsrJVf7Gw1-g03hI2vLNK1hcOtICj6JoqCqUOeeABG72husTyc0U5LgOoKpHGro07jin-CVb-wWpAWdddLpVx-DIdWwRZ6pkkS5MZoG9w2fF6FjozebTr7NCT37Ed-ux34rAffqePlzhRnK4ATzqmGHGWTa1rhcJQjElNJHkdMLCGau_5KLaALOJQfzTzOdEyDTWaPx1zzBEw7KhzFCeuKfe6p8cv8-GfOu1BdRQZ5xCfF4P5CezuBmNeAuuhYR0FTKQ-8ewtHFS4rilxxmGsfjjAyy_oDK9E_tY-Dzp7KvA7R0Orx6bcngSS0T7CYyD1Lsv_ygS4XwVqiXWINhDKXWc4CWLtnzzT3IvAKpvAkEwvrFdg0k8xovgBNiNhql4cK0wimIGt0uEAKVu7NVn-CDFVZ_hNmstJWXpT89z1idCANk7wGY6PYf3KdGK9XGPWfBMl630t5mBgWT_P7z7mJeZiuIfqEdjLuk6CnnDtnymBEC-UIBhYuj_rRcOeSWLU8BFXFmJXYeQCWxYkggoE3KPKAGzF9-1vBDI4K8RvGsZHdluy_l43S-JbpV2ClWjskcISRBgJ23ZAkq5_W8Xl1P6PtZ1e8vnTD8V_aYsleizOS4OBJcv5JXgrhVadUMFMe6RKMMV78XHyeMSl7rUydG-9Yzbrfrs9JGkQ3iNkg9Aw53bBtYHUwwrraLTQAtv8dDT9VP_8znBoiff9_AZoGj9gfsfXBNFl4Mm7XtoTUIRN03d8-Rz8U-0H2U-3zGqRvVmrudyarC_OGIoWRodTE9zYgZzjsmqMsLDfhG6ifE8Ns-2GFgtcXnI-bbqTW4GATtavUCtRzmDxq-KnngsANTT9zX8LljWJnftJn-sW0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A761 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2hf9SYPkZMOuD6vmx_APlZiMiA4AAAAAOAHgBAI&bg=!cnGlcT7NAAZGPLJIZjw7ADQBe5WfOIb0H7yL_lfGdmgTgddZBNdXoWGJlVbnPJrTZv4mm00MOPZV1AhivZL-TzUTe9sYAgAAAT1SAAAABWgBB5kDJ9yDWSdKQc8OMY75RqfqW2ojN9aLUP5hAO5mzSMZcv33_VGmoKasahMMbEGhaIAma0blNPTy31LsiLIfP8jex3UBLWoNvLiMQAlq-e2L3_ycvnSv-3L7axdEnomebb0TaxF6lFnMwlpq3hBi2-np2AH3mEGXwrBpCIC_Hpu5mJ9hYGCNSmCgqIUsUOBsrp5yxCCsfZcTefxiKf_aCzT_sh-trEQJTK-PWuObA7rtLln-h-9QWXWZOTGr6gj105ot2pWWU_yUNy5qBnoQQUmDtgZZA7tBf84Z7x-8JIcwgTH7x-TX6H_96CPPGqv9ENHdaDx75riy3t4UcfUQ5KHbFxfL87RuGbhniWkRAamaBdxy6YgoRrnuo-V4uFoUvpok5OFH0xFahAAbByDE6PvnmX81byT63vJFuf0NTzZ_M-E0GP-xl2GFkI-9LCIyAQW8ph9FbKNx7FTaBWbmWtc3HPQtPKkqHxtj35vKjmWW61z7aChtfu2ztWnpjk_zkBG4R_X1EQLs04A7JIGFO_4py8dFZy-Ssrcn6PLzRtPCARY0HWXeKf2kFolXxDI3jnZJCeGCpL2jHivFXgwv_m_8i8QyMvWPzVGV6GAxdJI7ddst5ZZ8SfEFa3rdGJRPpJIi3nmULnhzCv3WYfLt03m5pq59oy5aPiPL52dwX8dW8quG3PQnWWp_rFZ1j2v17scZ1LgfWXgAFMuwkzordK-P8po4rfqL_CRTbd3IfGP6ZcA6RxyrHp3rpRwCr8qHedk8v0sgVEO_HLgdDeGivMz_rFd6JDkiKvzgtiCcquSlZAzr9fTpzV2Vo8PeARsLr7XxmW9nZFUtpsdMcf3gkeBknUrs6157ymWNZRzKK1vKKB1YogrBPWCKOrE6Y5a8FNEW44tzVepLr_bB_jSPlW-ezQck6ud-FI-DsSYyIRhJ6X2eApGXQxlg2nteRZOXoxjloZU3ELf3xNwC5X-Dtr7DIhrk7CDrfFVv20bJCyXvI-JMmXudyflyPQKu3bXuYi8S_1ARoD68Jq65yRNIAJZbQjTP23zi6CiJzlgwSi78hKBTevF6I8eWlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B36 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC2YaSIPkZMyOO4Oxx_AP1vOg-AkAAAAAOAHgBAI&bg=!sLOls_zNAAZGPLJIZjw7ADQBe5WfON9qj_81HbmfVz1HKMdk92Yxi1HPty4OScq7KH0VBjzioaYIpq8oicGJQnCNL31tAgAAAVdSAAAAB2gBB5kDG-SnIBeZ0fKsroqBgS073dr0ighYZGluJYdajQ_U0lByQ17Fc4AWBftkc3HhAUWw7f1N50KD1yKtsH9cN9LxN3BvA47Qd7WmJpftJbf9CLF2mfe6lAQfdp6WdXvVUkUmZOAVMWbq6ajS-c_8Ui0zrhb7WNDqaDV7atb_otNstp6XVWROsy7LQPxDvxnZZr7rlDpN-ZozNxj2HfTMrtOeemBdS81UaFZmyu9kG3XsHkrOmUUWouIz0Hwo9jRR1hCBTyw0xODB7O4ewSujjKwHvH5u6CyAQwV4i3d7XWVzsyaMD-rbo75sFnOgJI8gOsxsbIOA4j363Ca4uHhmhUIJU1KXSTd1414DPJFYoguung82a8dnelDSNg4b5T5AkvJrclGjtLzB9orHRvnWSMWVn3SrEqseramOGqot8REpG2pN6q2tJIJJrszDgxX0omPaaaWY7TPTfzq_UgkqItd7pS_mHk7t5q5Zff490efP340FAn3H0UOngRLZpHd0NOugZc9L1RYJvhaS0SsrjPB4kzMwlJXyVzZ0-VsVhdJEjT_1qDAro_hNbTY1KMFZ7fUFoAvGxVXLjYf-ZXo9faFzOI8HQfPPZ-lCjgOZ27lhzjZ1Ogk793oZIJXHl1gWoPbT5WqdzN92GRhwI6xlc4mjaGXO2PHueOzbTZ5gD0BPn5dKQNUN2CxEwndvYq1I3YQncPv0KTWdPaKxS_bGZ5e3A-tfb1glIMpwPbcDVFwsnkyvarWzTJpMfhf0JQfa9hZ1wDUWaqjVaq814yQphThpFtGaliFl_L9z_4wiLSfRGO872d_RvzZtTWK-PCp45-Goc81asM655TbHHTtbTHqSk7jPdJHDpv9gOGEXA8ZttMGaJJtbqSu4_QJX4ad9OQecCVy-DsLOY7g2vyWsSc_3bB76qIW71_73wrKcByBcGSxoeS5nJDBzNLoR4aPXIld8UjVGMeP_l8YQ1pYk21OqkDlHfvWsAEKlDa_BhVSlPjyT6Wc-MUzznerb8hi5q5AmFXEHh9IMPx5MT3a5pZ1HukSQmuQiH2kWdoMBwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EDF 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdKp4SoPkZKmCEcmY-gaZhpmACgAAAAA4AeAEAg&bg=!39yl3JPNAAZGPLJIZjw7ADQBe5WfOIxC0892lq6fK6KJDJ5eanKp0VFY2Kg7DBTJkZ4hhzuqh6p34FvLy65nrYTBh7PjAgAAAUZSAAAABWgBB5kDI8JGSHj8EFUAVWYeJtbSqoNfOsSU2PLDp6O7jQmexSbeM6x-mK06hrkmCr5diO5tKbY7oGXxlObOoLijw3vwOZdErCqMsiin9G-LoNXXc2pVMKNb_Dq2u2TNA4UKYQO1ObA5Zk_8pqjCyiG3L3u4TD7puKcDXWydAfbdx84BegzIMb7dFg8mK0YF-rsn8IPPp5JWpz_Lu2PpSnFMwuUOooCPO4AEj8wqYiGk9xA8m7XQIwI55TnN00Dw7bkmkAYR29eiuzFx0su5P5P5oiTzdQDPkhHuiPXS_1_OAFfLGILJE608PaL7V1z_2vjawNLenGTltPR0jdbUyHkrQb3ue1Orx2BrjPZF_VSmcfMNsThNZQNZhQNCbtKL_oDgo4-nmMsqM0Z4HczT8go_g7GP2uLHCW5MOWq4xsgB3ovyiukun8_CHWYqlH9sjsUE1N-pRJfpNe8WTXEt5WNl4ajjmbjh5ZDfTIxVg678GhXOYfTbP2G9JafLiGsGCtGyAOm0ckv7yT_w23_khqnRM-4MyET8-_z_iQYULCrtW60wnenlCFxMAmhldz8_ZUdMbQ4IgMm4wNl-E0jDzeNk5e2EfmEp-Ym_VRcERnflXHtLS0x7GavIfj2fDyEtdSOd927H_J_DZPWd0XwvoQ7DverHzN2Du04zO5ip29E3jD2GQOdBYoj4pTSDp7Z3S6V2qpUJCRcwMSR2ovPwQZJm-i7HJmyUSMI2K2oUHSzlbaPdtEsScEdSjtQCr5zl7kPpnF88_ZSfc8LzfQTd3GWYZxA-W4LwSGueUsZYINFHqpd_NbxRvD4yRwl2EmwmM6EspgbJRx8T2DTtqXdp-T3KrGlcJCn28Ukd8V8s40eqi5n9TeBAgmKw8iky8ZRHPpTLcTp-Hiz7h-ourHkjt3umjarneRLL7_9qrfv9zZpb7VYknsRVqI8jTOgoCVb-gFnYDQc6KYP8e_6iBeeI7kVg6S6JuxgEyY4XoEwMzsDQLoUcBSfRSxCVAtI17-cOCJTgO4sKU2CPEGd-B6vOLB_VDyJmHzZZP2WB4VFwAMjIOrwWBa2Gc9m3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EF9 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8543303730125&version=m202307240101&ct=76&x=1&cor=14758159677476303000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62E2 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4993539687057&version=m202307240101&ct=76&x=1&cor=11887853665965440000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2671 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7432087977711&version=m202307240101&ct=76&x=1&cor=1454740938386218000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA9 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3481695307871&version=m202307240101&ct=76&x=1&cor=1114469884195765400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 434C 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame ED85 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6136022691595043624@@38735235,3565860840326312578,48|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRdX7EYoWZQhUQ_HBYpXrFKTg6vfaJlf66_0M8UITFSPVRhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 722A 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6136022691595043624@@38735235,2625840537735086317,48|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRe48M5tcwHHbQ_HBYpXrFKTh8Tn0WED1MW5Ds6lxp828xhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 434C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53564334&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c05d4b6218e4897fcedcfa93f8cc00d071c5cee416b4d95005a444dc30022a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 27D7 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 22 Aug 2023 09:43:41 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5033
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725322781652957803&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725322781652957803&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
90287974-f500-43ed-900f-ad91d82035aa
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8725322781652957803&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
84.19.175.165; 84.19.175.165; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1D2C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DSJasDjDWRZAhPmjYk7hYlQTr6U&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DSJasDjDWRZAhPmjYk7hYlQTr6U&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Aug 2023 09:43:42 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DSJasDjDWRZAhPmjYk7hYlQTr6U&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1BB1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270080026586577042&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270080026586577042&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 22 Aug 2023 09:43:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270080026586577042&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 332F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOSDTQAKdxSqwgA_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230081-FRA
x-timer
S1692697422.863338,VS0,VE88

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 22 Aug 2023 09:43:41 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOSDTQAKdxSqwgA_
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230081-FRA
x-timer
S1692697422.747030,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame 8DAB
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 22 Aug 2023 09:43:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 71D9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUbb3bebdc5e9f4044889fdee822c4d973&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUbb3bebdc5e9f4044889fdee822c4d973&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUbb3bebdc5e9f4044889fdee822c4d973&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
Tengine
mw
mwzeom.zeotap.com/ Frame 434C 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7faa2c45d8c61913-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 434C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:52 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:52 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 434C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb8b318f9eb677ea
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8fe1699244e&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJOZ8SlSLdzfpaDLhCGWfF4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8f...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJOZ8SlSLdzfpaDLhCGWfF4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8fe1699244e&zcluid=cb8b318f9eb677ea&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7faa2c46a9ed1913-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJOZ8SlSLdzfpaDLhCGWfF4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=755e9653-747d-4d55-6135-61b96e4779f3&reqId=771df954-bc80-4feb-4c45-a8fe1699244e&zcluid=cb8b318f9eb677ea&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=daba3d58-9676-496c-9168-cf9f74caae88&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=daba3d58-9676-496c-9168-cf9f74caae88&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=daba3d58-9676-496c-9168-cf9f74caae88&gdpr=0&gdpr_consent=&gdpr_pd=
date
Tue, 22 Aug 2023 09:43:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 434C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7147131029093869685&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7147131029093869685&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 09:43:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7147131029093869685&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Aug 2023 09:43:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 434C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e02b784c-2808-4199-907e-d88e3e1010f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e02b784c-2808-4199-907e-d88e3e1010f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 09:43:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e02b784c-2808-4199-907e-d88e3e1010f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 22 Aug 2023 09:43:42 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
c28ee83047461d8b4054c01d9cad59dd.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/c28ee83047461d8b4054c01d9cad59dd.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bfeeac72b1bd9df793a7d5755964b7498759a0d484aa2b666039b1a5dc45082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 07:05:02 GMT
x-content-type-options
nosniff
age
268719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 07:05:02 GMT
a9bf8375d717f56ce1522864d15c6e20.jpg
s0.2mdn.net/sadbundle/16251597516964128356/media/ Frame 3369 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16251597516964128356/media/a9bf8375d717f56ce1522864d15c6e20.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
382181a721111ae0492e9a7a5efbab5d8332a12b421ab5168f43831a94677752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16251597516964128356/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 07:05:02 GMT
x-content-type-options
nosniff
age
268719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2644
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 23:40:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 07:05:02 GMT
dc_oe=ChMIt_Pkn_3vgAMVSYzeCh0ZQwagEAAYACCC3MhdQhMI956tn_3vgAMVp0xBAh2ShgKi;met=1;&timestamp=1692697423247;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F4BF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIt_Pkn_3vgAMVSYzeCh0ZQwagEAAYACCC3MhdQhMI956tn_3vgAMVp0xBAh2ShgKi;met=1;&timestamp=1692697423247;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;met=1;&timestamp=1692697423248;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 40E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwqHnn_3vgAMVaYeDBx0YKgt-EAAYACDm4INdQhMIg_Ktn_3vgAMVskNBAh3sGw6z;met=1;&timestamp=1692697423248;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImu__n_3vgAMVipreCh11HA3mEAAYACDPg6tXQhMIqZrTn_3vgAMVUBMGAB3MrwkH;met=1;&timestamp=1692697423542;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4293 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImu__n_3vgAMVipreCh11HA3mEAAYACDPg6tXQhMIqZrTn_3vgAMVUBMGAB3MrwkH;met=1;&timestamp=1692697423542;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 434C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:43:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 4C5A 		35 B
583 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6136022691595043624@@38735235,1380554166661093633,48|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRe48M5tcwHHbQ_HBYpXrFKTh8Tn0WED1MXQMLsaagM5IxhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8FD6 		35 B
583 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6136022691595043624@@38735235,83250964132955400,48|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRe48M5tcwHHbQ_HBYpXrFKTh8Tn0WED1MXdkJVFkSIKBhhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8F2C 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6136022691595043624@@38735235,8574232576417556350,48|0|0|0|0|0|0|0|0||0|0|||||1|0|0|NlmW-JwvWRe48M5tcwHHbQ_HBYpXrFKTh8Tn0WED1MUEG5KgUAmnoBhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/629/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:43:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| $MMT object| googletag function| $ function| jQuery number| mobile_width string| COOKIE_NOTICE_HTML function| prepareTest function| gtag object| dataLayer object| TEST object| google_tag_manager object| google_tag_data number| currentClientWidth boolean| is_mobile function| postPlaceCanvasSlider function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint string| c object| blockedPages function| blockCurrentPage number| google_unique_id object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| xDomainCookie function| confiantWrap object| pbjsChunk object| pbjs object| mnet object| apstag object| ifvisible object| _aps object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad boolean| apstagLOADED object| confiant object| apscustom boolean| creativeVendorLibraryLoaded object| GoogleGcLKhOms function| setImmediate function| clearImmediate object| ID5 object| __id5_instances object| plObj object| atsdetectionmodule object| atsenvelopemodule object| ats object| google_image_requests object| -10dbfk08b2f4 object| Adform

105 Cookies

Domain/Path Name / Value
.www.idrlabs.com/ Name: nonce
Value: 0d29f84aca7a4e62d3cf19%40expires%3A1692870210
.www.idrlabs.com/ Name: qsort-mbtiEN
Value: a%3A44%3A%7Bi%3A0%3Bi%3A33%3Bi%3A1%3Bi%3A17%3Bi%3A2%3Bi%3A20%3Bi%3A3%3Bi%3A41%3Bi%3A4%3Bi%3A28%3Bi%3A5%3Bi%3A31%3Bi%3A6%3Bi%3A39%3Bi%3A7%3Bi%3A35%3Bi%3A8%3Bi%3A44%3Bi%3A9%3Bi%3A9%3Bi%3A10%3Bi%3A37%3Bi%3A11%3Bi%3A5%3Bi%3A12%3Bi%3A21%3Bi%3A13%3Bi%3A42%3Bi%3A14%3Bi%3A29%3Bi%3A15%3Bi%3A16%3Bi%3A16%3Bi%3A34%3Bi%3A17%3Bi%3A8%3Bi%3A18%3Bi%3A27%3Bi%3A19%3Bi%3A2%3Bi%3A20%3Bi%3A13%3Bi%3A21%3Bi%3A36%3Bi%3A22%3Bi%3A10%3Bi%3A23%3Bi%3A43%3Bi%3A24%3Bi%3A40%3Bi%3A25%3Bi%3A7%3Bi%3A26%3Bi%3A26%3Bi%3A27%3Bi%3A4%3Bi%3A28%3Bi%3A6%3Bi%3A29%3Bi%3A19%3Bi%3A30%3Bi%3A12%3Bi%3A31%3Bi%3A30%3Bi%3A32%3Bi%3A3%3Bi%3A33%3Bi%3A32%3Bi%3A34%3Bi%3A23%3Bi%3A35%3Bi%3A14%3Bi%3A36%3Bi%3A24%3Bi%3A37%3Bi%3A38%3Bi%3A38%3Bi%3A11%3Bi%3A39%3Bi%3A1%3Bi%3A40%3Bi%3A15%3Bi%3A41%3Bi%3A25%3Bi%3A42%3Bi%3A18%3Bi%3A43%3Bi%3A22%3B%7D%40expires%3A1693302210
www.idrlabs.com/ Name: srv
Value: 6901852a20ef|ZOSDR|ZOSDR
.idrlabs.com/ Name: _ga_WZ4R7WY0KV
Value: GS1.1.1692697410.1.0.1692697410.0.0.0
.idrlabs.com/ Name: _ga
Value: GA1.1.1807107546.1692697411
.www.idrlabs.com/ Name: cookie_notice
Value: 1
.idrlabs.com/ Name: __gads
Value: ID=734637c1f7c8c668:T=1692697410:RT=1692697410:S=ALNI_MZHM5Z5nehLRNA3S22rNdHO1PQJYg
.idrlabs.com/ Name: __gpi
Value: UID=00000c8b5c202bb1:T=1692697410:RT=1692697410:S=ALNI_MYETMSx7RDOVXK3zT8OY6gnxI7BKA
www.idrlabs.com/ Name: session
Value: b54574b4-e4ff-433b-a0cc-31ffa5570cde
.openx.net/ Name: i
Value: 6e006663-9e97-4fa2-99b1-9a23d20cb341|1692697410
.doubleclick.net/ Name: IDE
Value: AHWqTUk25wkRvHo6gE6HZYhQyHbYaudLZ-v6OhTxzcFDQPv9jwHLmfTAfBkzP921dzU
www.idrlabs.com/ Name: _lr_geo_location_state
Value:
www.idrlabs.com/ Name: _lr_geo_location
Value: DE
.casalemedia.com/ Name: CMID
Value: ZOSDRANvG-mhC3oCYkpiZwAA
.casalemedia.com/ Name: CMPS
Value: 3241
.casalemedia.com/ Name: CMPRO
Value: 3241
.adnxs.com/ Name: uuid2
Value: 8725322781652957803
.doubleclick.net/ Name: APC
Value: AfxxVi7xI25bdFeYB3GdqXUuJA_5osnjJ_TSPAqdXIb82Ni0JkhBAQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbXbExwr!1yIE`fS1ueD1W-044)d+]NEAAqo=0qGPsA-4nPbUZo5R-lkjA0zgz!i[18TP(hw9P-HC_#tto%*+0eO
.3lift.com/ Name: tluid
Value: 2211623501173583107824
.quantserve.com/ Name: mc
Value: 64e48344-ce195-6261d-2e418
.turn.com/ Name: uid
Value: 7147131029093869685
.mathtag.com/ Name: mt_mop
Value: 4:1692697412
.blismedia.com/ Name: b
Value: 64E48344949594AD3ECCB51FBLIS
.adfarm1.adition.com/ Name: UserID1
Value: 7270080026586577042
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%223B0EB199-013A-4469-8175-6AAD0DAAFFD0%22%7D
.acuityplatform.com/ Name: auid
Value: 817254177635
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRQcUDCmmmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUHFAwppo90aGlyZFBhcnR5VXNlcklkWkNBRVNFRm5OWGJ6ajBQUERTWVBaWHVPSWY5a/v7hnZlcnNpb27C+w=="
.simpli.fi/ Name: suid
Value: 3A0643BB117C49CFB15E7FDBDD98E173
.yieldmo.com/ Name: yieldmo_id
Value: 3mS7oHHbbPHIrxzDaWoW%7C1692662400000%7C0
.idrlabs.com/ Name: __qca
Value: P0-778462614-1692697413506
.go.sonobi.com/ Name: _usd_idrlabs.com
Value: 2a831375-ce18-438f-9bd4-0144922f4e8d
.go.sonobi.com/ Name: __uih
Value: 1
.rubiconproject.com/ Name: khaos
Value: LLM4C3YZ-3-866R
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpaM/ohno5LxebASkO6QPb7E03ikE5KqM3hUABmOSVPR+pgAt1VlMj5yH68Z1efSqmPq/V9uElNwyYbB5SW5XQ3bGR8744cafEijy0RC4Zd8Ri5j99IjSR+
.go.sonobi.com/ Name: __uis
Value: 7a695fe7-de80-4ccd-a979-f7aa86018663
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6136022691595043624
.adform.net/ Name: TPC
Value: 1692697415473
.prebid.a-mo.net/ Name: __amc
Value: 8_1692697414_1692697416
.yahoo.com/ Name: A3
Value: d=AQABBEmD5GQCEO1kmHuluOtfScIUG5NrHAYFEgEBAQHU5WTuZAAAAAAA_eMAAA&S=AQAAAurev4vOs8zFMHhl-k8-TYg
.amazon-adsystem.com/ Name: ad-id
Value: A9OrcrzzSkYEp0FSMEMIlCw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&33e95132-b199-4df2-8bdf-9b4d098948bb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTI2OTc0MTc7MjswMjGhwfogMKxXLgDbXaehf8UHo8d3viDolcKbjySdtv/Xxg==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2821:u=1:x=1:i=1692697417:t=1692783817:v=2:sig=AQHvWc_fyKPMmzsb1HPtvFCYzEuDk5iz"
.bidswitch.net/ Name: tuuid
Value: daba3d58-9676-496c-9168-cf9f74caae88
.bidswitch.net/ Name: c
Value: 1692697417
.bidswitch.net/ Name: tuuid_lu
Value: 1692697417
.creativecdn.com/ Name: u
Value: ATvH2487B9VD0zDhsAr4
.creativecdn.com/ Name: ts
Value: 1692697418
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4f3dfe533fe94986
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrMwMDAwMTM3NxfiM9Qtz_QvrUyODPDKNy8BAM0_CN0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrMwMDAwMTM3NxfiM9Qtz_QvrUyODPDKNy8BAM0_CN0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZmlkZmluYmhhYGoMAJye3SgQAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5CBFC795-1B13-436E-ADD5-6D2B72FE18C5
t.adcell.com/ Name: ADCELLvpid11603
Value: 347134-46690-oneidk5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFRoneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697418
t.adcell.com/ Name: ADCELLvpid11621
Value: 345360-46690-oneidjpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9oneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697418
.awin1.com/ Name: awpv25533
Value: 412871|1692697418|5f06cb06-40d0-11ee-b98b-2233369fc7ee
.awin1.com/ Name: AWSESS
Value: 423119:3010213
.go.sonobi.com/ Name: HAPLB8G
Value: s85144|ZOSDT
.quantserve.com/ Name: d
Value: EJMBDgHiKYEO-TA
.weborama.fr/ Name: AFFICHE_W
Value: sZRV63Evo0Wx44
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ&KRTB&19420-GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ&KRTB&22979-GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ&KRTB&23403-GQkckBcOTZACXhyVFghUkh0LSMACDxyQHgWzNhFZ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHvN-KyzXVBC3Zp0R4vIVQM&KRTB&23025-CAESEHvN-KyzXVBC3Zp0R4vIVQM&KRTB&23386-CAESEHvN-KyzXVBC3Zp0R4vIVQM
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6136022691595043624&KRTB&23263-6136022691595043624&KRTB&23481-6136022691595043624
.audrte.com/ Name: arcki2
Value: 7lfqUqVWCq8RDyjsA6v9Acimw!20220908!1692697419265!ip#84.19.175.165
.audrte.com/ Name: arcki2_pubmatic
Value: 5CBFC795-1B13-436E-ADD5-6D2B72FE18C5!20220908!1692697419268
.audrte.com/ Name: arcki2_ddp2
Value: 7lfqUqVWCq8RDyjsA6v9Acimw!20220908!1692697419466
t.adcell.com/ Name: ADCELLvpid11570
Value: 339158-46690-oneidWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2oneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid11667
Value: 345074-46690-oneid9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFdoneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid6680
Value: 348101-46690-oneidjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9oneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid11198
Value: 341798-46690-oneidPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFponeid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid11775
Value: 347982-46690-oneidXxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJoneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid11715
Value: 348098-46690-oneide7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1oneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
t.adcell.com/ Name: ADCELLvpid11569
Value: 341918-46690-oneid7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FMoneid__adf_Netmix_Reach05_DC%23%23%23%23%40%40%40%401692697419
.audrte.com/ Name: arcki2_adform
Value: 6136022691595043624!20220908!1692697419677
.pubmatic.com/ Name: SPugT
Value: 1692697419
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 161763:4
.pubmatic.com/ Name: DPSync3
Value: 1693872000%3A241_235_227_226_219_197_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1693872000%3A251_234_264_56_233_81_220_54_21_22_13_3_71_8%7C1693267200%3A223_2_15%7C1693526400%3A63%7C1695254400%3A203%7C1693958400%3A35
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7270080026586577042&KRTB&23369-7270080026586577042
.pubmatic.com/ Name: PugT
Value: 1692697421
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8725322781652957803&KRTB&23339-8725322781652957803
.onaudience.com/ Name: cookie
Value: cb8b318f9eb677ea
.onaudience.com/ Name: done_redirects219
Value: 1
.rqtrk.eu/ Name: browser_id
Value: 1:e542f099-3657-4c45-aec0-783615b204e2
.adx.opera.com/ Name: UID
Value: OPUbb3bebdc5e9f4044889fdee822c4d973
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7147131029093869685&KRTB&23150-7147131029093869685
.csync.loopme.me/ Name: viewer_token
Value: 58aabb9e-2509-40b3-b0f8-1c5942a1ec1a
.semasio.net/ Name: SEUNCY
Value: 17FF007CBE66EAAC
.zeotap.com/ Name: zc
Value: 755e9653-747d-4d55-6135-61b96e4779f3
.zeotap.com/ Name: zsc
Value: %93%10%EE%DA%CB%DB%3DCk%0E%95%40%99%97%26%85%BAhr%F0%1F%D5~%C8%12e%D4%19%E4Gi%F4N%DCns%8Cc%EC%12%003%EFP%28%1D%D4%3A%E9%5C%FF%B0p%AByx%14%DD%09%1D%92%17i%7F%95%ADM%1A%DC6%94%C9%8EM%96%7CZ%F5%96%3Dh%C9%07
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-daba3d58-9676-496c-9168-cf9f74caae88
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZOSDTQAKdxSqwgA_
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0d225ab0-38c3-5916-4084-f9a3624ee162.kEBNRL2TgNKTb9v7TBO8VzyKhvHmmTA9YAvlt1YtAN4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ADSJasDjDWRZAhPmjYk7hYlQTr6U.zyttRg8NpCDizkD5YvdGsZCmHttaGsRpUYt2ZVwZfEs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDOhpKnBjABOgTa3nmDQgToOlJO.vz9eTdp3yhnpOnScSo22ZpiRwk%2FM09y3TFVff9p6azo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIElOXdSZ7By4WPEYVi5UFYA4BZ_Nk0uvFs4tzLYfp2HYEHwYBCDOhpKnBjABOgTa3nmDQgToOlJO.vz9eTdp3yhnpOnScSo22ZpiRwk%2FM09y3TFVff9p6azo
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-DSJasDjDWRZAhPmjYk7hYlQTr6U&KRTB&23334-DSJasDjDWRZAhPmjYk7hYlQTr6U&KRTB&23417-DSJasDjDWRZAhPmjYk7hYlQTr6U&KRTB&23426-DSJasDjDWRZAhPmjYk7hYlQTr6U
.adsby.bidtheatre.com/ Name: __kuid
Value: e02b784c-2808-4199-907e-d88e3e1010f5.461911422

6 Console Messages

Source Level URL
Text
security error URL: https://as.ad4m.at/ad/rar?a=518077%2C518103%2C517452&b=e7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1%2Ck5Aa5f3fm8J1a4HwHetBtDx5pHZSjTmPFR%2CEj4aDfEfA48WHzHAHjt4tqZGASKSVTYrF7&f=DjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV%2Czm2TRfYf9X7xtpHBHMtJCE9kKtVSwTQDFW%2CAD4uYfqfb47YtAHRH4tMCeJp7URS4TRrF9&c=300&d=250&e=&g=5947f1cf694d5d9c6d836ac00a9c2bec%2F8234186467320823849&i=195246%2C193979%2C71058&j=4%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697417774&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DzDaARG-6ApQwfKG3lGCYjapyueV0nYelRJFYGKdBVxeg77fulqrO79MIBwPF1ltmAebemmAKRmAmo5KYV6q26xLpwoBicOM9nQP8DfuiZDc2O4SVX2qwwWf07yI4n_YGikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5ulko47we0LhE4DRGE6unz5_0iRnYnNH-HsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0WV21x0wrtujfg_UMdVsnoo_Po003gvwpINDudDDhtb_xUSnPqtAE-Q8012HBdD-vYt4YKGVpwTV_G2Yxk8nsVSF5X1HjFeS-2VobH_0x3bbNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AeNy-7h7Mj3N8-hdnp50miYG2wqChXZ3umDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=522935%2C522930%2C522923&b=jpMTEfGfJ38ACYHEH2t6tBg8kfZSzT1Bt9%2CPxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd&f=xEjUQfAfb7wjuPHdHztDCYxkAT7S6TK4FA%2CbM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA&c=300&d=250&e=&g=fae2c6631ac26c144cd14b41218057d3%2F7907690887446482120&i=190415%2C186318%2C190297&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697418062&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DLd4lKAHxgaOYs8nbzylQztw2q6oYmTquvfVjzzliguCMwst7i9KvFucm0A2bjuj_8zSS5B7X2yGOu5-Ik0W3AvyexW5Hv5V5IY_--0o882GpzvFOt1438HEg125xJuWkikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5-e-HPY3VmcMwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpPFoc-9pGO8ZOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNa4ZhZgcAeW6ppUf_MKq0vT4uBYVSC3SO_wIKnzNEz_XwVtln1wnx748012HBdD-vYt4YKGVpwTVQUKnld2sZCXRrslSWdddw-NQq6CmcfHcNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYbhTL7JLn4raDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5CBFC795-1B13-436E-ADD5-6D2B72FE18C5&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/rar?a=522930%2C522923%2C522922&b=PxKUBfbf75YxC9HjHbtMtjwA4tJS9TDbFp%2C9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2&f=bM1cQfZf2zqjuYHbHzt8C3QD6tbSJTMdFJ%2C13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1&c=300&d=250&e=&g=ff2d748cd669d95128c29dcc70a3b62f%2F11799351484298764459&i=186318%2C190297%2C189563&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419297&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DAmPR8rF5V392gNzV7ROCOu9byRe-LnpLX8Xk6EdoecgXTpUeBLnWWScmBaq-q-td8mEx7oP89QfXAaXjP56AWQS3LTqJR8S-Y71WDT_LCe9-kq0XIEkYe4ZHn8yTmNiVikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UNLltKiCEwUwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0eynrcpCApdZliHq0NSCVtSFBBgg93AeQX8jpC9XtZMSKVW-6rkObC88012HBdD-vYt4YKGVpwTVKX6LRaqf8txXL8L0Qn-5GytZ5oCrG149NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYnPMDNyeL-hyDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=518062%2C518076%2C518077&b=XxKUzfrfqjDdu6H4Hetqt74X5UQSkT5QaJ%2CjpMTEfGfJzBmsYHEH2t6tKbDfZSzT1Bt9%2Ce7bf3fVfx9beHjHZHet1t3JKMCwSQTK3F1&f=e7bf3fVfx9bDSjHZHet2C3gPRUwSQTK3F1%2CxEjUQfAfbXxkUPHdHztDC6Kpu7S6TK4FA%2CDjYa3fwfbgpjc3HmH9twCm2deaxSmTYEFV&c=300&d=250&e=&g=f0a2d5c547c551e7373ea28bcd0638db%2F9740419264979526637&i=197022%2C4036%2C195246&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419334&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3Dh2YMBJsnKtB7oNbcPY-A1oHXBmFfm-NgHcw75vSDGgAibSXj7Nq7IH1NGxEukdAO0cWP8c2Y2Q310-5O_ALolTcceLJuzDA80drnarRNTPQrvbEgngarzq6o18_s1CYcikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5cCw8_gYzu5cwBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNdRuCMVxqF44_r1DiEgJMcD953Rgl76wLtVxXYDOSRXXejDxHiwKUHQ8012HBdD-vYt4YKGVpwTV1RB39SESRKKVfSuHqXaInafFfFj4bf9cNEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYDiyKjRGF_UGDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=522923%2C522922%2C522921&b=9jDaMfmfYG77cKHBH2t7t4Vj2F9SmTzPFd%2CWK4TrfdfP8V3cYH5Hjtxt5rz7h3SETVWF2%2C7Q5aqfzfz38jsrHXHgtAt8kw3h4S1TQ8FM&f=13eCbfKfYE33c9HdH9tpCz87wt2SKTGRFA%2C54PfXfEfM3dEtpH7HMtkC6bZRtYSVTpEF1%2CEj4aDfEfAgVEHzHAHjt6Cw9jDHKSVTYrF7&c=300&d=250&e=&g=8508049d385cf7c1f9335f19b15444d7%2F12338322878061971593&i=190297%2C189563%2C187505&j=4%2C4%2C4&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach05_DC&r=1692697419354&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38735235%3Bcrtbwp%3D0B180AA7CA362A19%3Bcrtbdata%3DsX-Ycu91kr_FUkB1B0csHkcO50C62khMgyfMekFqG8rWy3USVvjKj5f7x7170Veye1rhlk4TIrV30-GROnuHtMqKtfAGriYED81jbr243C-_4-bJY1T2sEkV_Lg5Tv0cikSyMY6XAlw8012HBdD-vQsO1hXbWKyUgpI6DhIqhbOPdndwcvhi8-02WDPsNfG5UEkWTxUVPt8wBqYaizuIm5Zb2sbCGkIKHsUeW1F3wxHf_FxQHnbSsNJIV0cHWkqBOdtrzbQfEpP94OJQrteKNuFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DndtF0oEHM6yAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzHYqxJiQAM0d2SoemQHjAeqwKhHRc8YbFg9ngIBKVneWXnFeN8oUj5EB3V5bva6tg8012HBdD-vYt4YKGVpwTVdaDqQTuRpC8QgV0O-yCmOTlXTX-bBP92NEPYPUvXUsiFJr5URSelIk8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQc-hdnp50miYMuc4KtYom_SDghraF4BXIimeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.idrlabs.com%252ftest.php%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
9ca1253103f3dc379f7186e01f8d29be.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
as.ad4m.at
assets.ad4m.at
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon-fra2.rubiconproject.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c91f9dfdd4527ba6d2101470fa25d017.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.idrlabs.com
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
choices.truste.com
client.aps.amazon-adsystem.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
monu.delivery
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxdrop.lijit.com
r.turn.com
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
saambaa-static.azureedge.net
saambaa.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
t.adcell.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vap2ams1.lijit.com
ws.rqtrk.eu
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.idrlabs.com
www.zaun-idee.de
x.bidswitch.net
104.18.38.76
108.128.164.100
108.128.97.117
108.138.36.111
108.138.36.122
108.138.36.28
108.138.36.36
13.227.219.117
13.248.245.213
141.94.171.212
141.95.32.72
141.95.98.65
142.250.184.194
142.250.185.162
142.250.74.194
145.40.97.66
151.101.66.49
154.59.122.79
161.47.17.28
162.19.138.119
172.64.148.101
172.64.149.180
178.250.7.11
18.159.228.172
18.173.154.106
18.173.187.28
18.173.189.135
18.203.116.167
18.65.37.219
185.184.8.90
185.29.134.244
185.64.189.112
185.64.190.80
185.80.39.216
188.166.17.21
193.0.160.130
198.47.127.19
198.47.127.20
198.47.127.205
2.16.97.41
2.20.213.154
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:8d8:100f:f000::21b
208.93.169.131
216.52.2.39
216.52.2.6
23.218.210.30
23.35.236.201
2600:9000:219c:1e00:6:44e3:f8c0:93a1
2600:9000:237d:fa00:1b:5138:8a40:93a1
2602:803:c003:200::44
2602:803:c003:200::67
2602:803:c004:200::152
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::681a:ad1
2606:4700:3031::6815:d20
2606:4700:3032::ac43:c5a2
2606:4700:4400::ac40:90a6
2606:4700::6810:5514
2606:4700::6811:190e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200e
2a01:7e00:1::b903:5c4c
2a02:cb40:200::242
2a02:fa8:8806:20::2040
2a05:d018:d29:3602:bd5b:64ca:999b:f400
3.213.136.125
3.75.62.37
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.96.105.8
34.96.70.87
34.98.64.218
35.186.236.140
35.190.0.66
35.204.158.49
35.214.145.237
35.71.131.137
37.157.2.229
37.157.2.247
37.252.171.21
46.228.174.115
51.75.86.98
52.222.139.112
52.44.35.59
52.46.151.131
52.50.218.26
54.144.103.147
64.74.236.223
65.9.86.23
67.220.226.234
69.166.1.35
69.166.1.64
69.173.144.138
77.243.51.121
82.145.213.8
85.114.159.93
95.101.111.145
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
014c7e737f5d8030f00cd80d58499ce60f401e30a092cd840cd2ee8bb4af66ee
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
05a9031454324dcd0150aeb877d980bfe8bdc132d39f87dab9623994e8e1f6c2
05fc23dbc5ee26062ae7e86a29ab744250f3a650b9e309667498dca15796b250
064baacca20665004b1ad4cf8fa6916e35594aa0612ea76007471941864fd413
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
0b3affd7094235002305916af49e15949fdd573641ff28449391ef661838c3ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cde7d722752c14319f4afbe04ade3a51ac6642367549bb5c111b4c8bb62dda1
0d0091bf01bcf43c0e5f328b4dd477a15d5e0c2bdedb9e8243b20bd840dbc6ca
0d1ef47eb0077b0bcb4a56a1e6821e58a7d318a21542c6516d648c67ab9ac2c9
0e6f3d17742c1f1454c93469f89485be79d18986d49de4f3f72ddde2d295ace3
1054fe4426fce5574dfff322066f86708fcfc8b212c7f905ee52b447e0156d69
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
1162d608167cc4a3218ff8ed6015d092b08214934297b6ab3fb2448845b4a637
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1284e975bf9adfdaa9e0a07dfa9807df5df5fb550908a53056044aa6627578e4
12b0b9c13e40e088e48ba26db1ff8ece300ac31ed56a7e4fe66a3b1f3febe5b9
12e524e0ea33b808b9b649b5dd4bdff818b5af74d3da172aeb6ba819b12af836
133b7a5335a8065c57b8d6de4d757c6ec6742f80b1be2d910a4194db10bac6b5
13626b600e6da99f04fbed63da9b9c46264dc36302e7c2ef10bfa31cd325aa1f
15c358f2e925b6f82780cf309cf404ddf268f79d7d4f0661572a8d7c02a74c11
15f92fdc9fdd2a5c205fdb6bdb2a51f345410faf73b825c668f771ec25080533
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18961716780b001d953d434a5db72e58acd26517e11b80954969718a82e6ae5a
194d42e91b7c680ea2daea29135747b1a897bb4bf6fd4b19f559b6eb7866ac08
1b7a5cb0b0c9b00cbe62b68b79e4b2a554559ea00e43e0e27f0c187bdbca0c04
1bdb17a92f6ebd29112668afc661dba4737a6a5b79fb8ec5d2825d9a67bfafb8
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d7724ef1ad84759048cc5a300e9fe711e26613f07923c91bd60217cbec9260f
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
1ef4cbeeeeb11bf689c56bf1a96f0d51bd084aee65c3c247e099b85f088aa9d3
1f04c8d25c1ce6cd34121ec98e9d279327335db055bef02ca00c9c020399d8e8
1fac29d719fb5991328446771438c2dcfa589b20579acb8432c608f59734c85e
20762ffee4d90ca0747920754bcd642be861d74385deb6cb4f88944da9033f23
211cfcb14f82c8d49dd0ec6f5b20ae67bab93631d6acb22558d78e66e235c63a
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21e4ff55e50a6a593b0cf711a2a8bd1d39e8f8a600b1d4ae2b35d2935d214007
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2564920c395c0dc4b4f63c5e0aae7b764be4c29522c83e987998483ccffb62c5
2950d207f5e20d7fd3108cb75d1a877d8584501347f491fcaa87e32a7758e78a
29704b449c70299c45d5833bbb033f16209f6ee87e6e4adf3fc43997aca14ac3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2cdf3db1fb8c36938ea016a8b6b0573efafc54ad1c1f644d68e3256ed79d04cb
2d6c711b95fab6d5b0d8674ff96c7a10fdf010ad71bd2391ee59c89773a25a04
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66
2e6a367150ab3e16dc31b9c7cba050d5881bffe4e5dfbe4f4afcb14dd0128f3a
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691
30ccf684419e3b1df5191aa52c9f284e8539531e53e4c7dec2111c8d4adaead2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
327455a3d292c084faf64e76b8abd2fa7fb79588f1dce1c8709205fb51b569df
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
34d9dde83f33077cdfd0d8eeccc789a29fd5008680f18b0ce218ebd241379a7b
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
382181a721111ae0492e9a7a5efbab5d8332a12b421ab5168f43831a94677752
3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c
38fcc5eeba8ca7c037d8f8052539dcd7e4f72694869ad2354e1e2ee5ba08201a
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
3b2fab1228cc0d0dc4b9f0a1fa32dca550e1cc10d3de987dd48780833e76c95f
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a
3be5cb97339ed3bd5cbab02c942836a98aca77059a6abc366fbac624409d8e12
3bf1aa115e020a3438cb03e8b796feaa2c4dc6158493e2cc41098ef7a0347df6
3cd9a213004999a2d782dfde079bea21a6d9707f1d45dec06b171677b9658c9c
3d02a6108318fbab4e25136d011d2c591fef5c4a5e904cdb696cb8566edf3ab4
3deca804193520d2723c0c93f4ff2971cc871ac025b299596da12af15e92e361
3e588117bf41ae6c28d5f9e0359a3ac79dad1a8351ce105b92ca056d4cdd1972
3e66f9bb69cc890fad076700aa449a9ac18b091c8ecbe8fbb38a1956a10e6845
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b804c28e215aadfefd8e3fb7b3eee5ea8c12b223cdd8463b538267ad2a989f
442ec6835a8638594d838ee1d856fcdce0d80f64f95b2a4e6f2faa8d505e8bb2
45e1a77f0c14862195e079cc1747f653d2d982fbbea50042fbe1b611ed91d1a1
465ca6bd59306caeeabd0293a7138e20a6c8121417b8f02150c2e7d7486ecfa1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46940175ce1083199c26fed62228636bbc3a8bc211e1e3d5bfd0964abecca868
48480f911acc8f4bace080eb1eb22e64df0d5320560dae2534017bdb309e358a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d0fcdd331242b989638d849e67bfbf6699af6769052dc434ba976fb819e5a0
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4
4a333823fbbccf50083145a46727880cf677a79008cb676dd0d9c3b88166daeb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4b889539f97fcc7317531b3493137e3900e470596267b045793b69f2b6840387
4bfae6151b2a1bd1d8f55a86916cc63d370bef08e0b8e6300161f261ef70cd12
4db8f5178ae4aab885bdec1ab51661bc25078e8573259ccbfc57de5dcf0ae1c6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce
4fb0afe0526b3245ea645c83c5303e522413b98b0633acce4875c636eb8595dc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b899edd8876f227d52f219098323ca6188bdd467c059edfb13889780c4ccbc
51c7e9a23adaedfc5407523db88237755937e8e7a1bbe88c27980bb9a8327e42
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02
586337458196a2d923f31a53fe4923bba48c04158dd434f9526dcabf7f6a0349
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570
5a1f538d31fd67569a9212ae662a35aa088e8df2a224e7298bf8ab023a49c49f
5a85afb7e1570cd2c7ac5857e79f8af2ecd5a2c9dd05deba5fc1e195fb34a096
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5c22eef4876c572a09ea4f4e9f23fb733216921bc16d61da5fbea7e1e9c9798f
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dcbf56ff912e3ab5fce9463b5ea4bb5d0a1732c8c562aa09fb4309143013420
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332
62fda6b2907b78f312f6109adb9c153ab966a82b702676a9b8d28a10b6b018c8
6335acd39fb5e7657ee3d854e2a92717c6326955dc8615913d1aa3b2f82bce38
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06
637a07dfcae6b5f2a79814a4c031d3f692e021fcb70011310437377226f7c071
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
653c028c014831ea765ae7ef41cd60d773bd79b1004b30b8e71cd394fa80670f
6578ff6f1ff251b024a5964bb40abd365e0aba4b521153341918d38340ed4566
6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a
667db19b0b09e116d423f830f92d38279ded81f0c8f00ee0806db7719fe37de6
66aff2c68283a6079a74e741d89f6d31021261276178f2eb15ae9b3041c5fd7d
66e02c04ad63046e0d0644bac779f1706c6560b94a6ca44c3674fd88e9fb1d05
671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b
67d2bc277208d9b6fcdaa8f11e46e79341d0856fdc41b3fdf19192fd1c0dc1ea
68a8499c1e7702c56dd915220fa96c91b7d8ef6514769f8b846c52c9d1bb726e
68bacf652d7a7db62c86f4fc74ee7ec0d6d2ac4390e2a84aa7a98d2381445568
692d7839da1340b7e5dce69eb56235dd291bfeefc1baeb94cdae29ffbf4115c5
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695fa7e3bb5742f7e4e3f291d9571473258cddad68a2f894967d1c0a3bcddccb
697a3a6e1f4f817493fe4809b2af09c5c05697d3899e6b0ed1f7375366898f17
6a815019d1490882eb7847a4400207f82ddebf2fea35ff20c043915634fbc54e
6b2a70e70a6557e78cf64930016b6715ff12f7302f869a502a378c5dba8954ec
6cb9932408a047ffa02b1d4ea5da6fb852c9a312dbc0bd4932014cb473150cab
6d371ea6cca532d1e3784d54160b66bd5b057b80749bb3423a8cdfbb0cd5740a
6e577ced0a1c18229f841b986786497219e6cc4dab07e9de218b02a04b0bd57e
6f8ccd910168373109c4ebb9e2d64542bbbfa6fee139f14772621680f1228e21
70111568e822ecfad1374bebecfbfaf5c919b018f3bebaa217cefa0377fb992f
72c35f8a89812113ef32cc0f127e17f6a75f61170415ac7f4cadd8f7101dcaf2
7428148a46f1be021d68608b6443d1812a65ff4b9506b55da9c052cf4627d0d0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a21afee5c8eacd2b98550b49f796d4a70865f392ff4f448d7f6c3c2140b6a8
76ecf633f13d9c28e4297ac73a726a8cbc13a0b6d5a2f853fb6dd4d39142a1d1
770e3d597a50bb5294424568ed6fc0a1f9e0e28d30de7e09678f2f6eabccea8e
7a8153583e110c677acb7490370ca429d077b150404ac374b605c321317f0cb6
7a8f3efb337c0ffe0c8b17ef20f3de50385cfa4b210dd61f9fdf36bcad4ffb33
7aa7c961ccec2b406c1166ae70d355aaef8ceb59b36adfee65c93d58a7622f27
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
7f70f45bfb78238cbf8aa2c6eb426591820a2d2155e5e804b6631aae0daf7491
7fca39b23f7c82c1ed1589067d9286142d9b8a56de299bc2f00b42e0f9e2a352
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845b4dddaec1d29de20289db249856b9f3da41f3b1bfc640e65d1a3db71277c9
849032524598b6ff398f77a6bfc95235029778c3f6905e1459e53198077fb176
862b0015ca5917905e95ec698563410091bee3694bf88acff563200ed0645786
878f4c83911cea3135c79e317a8ec849b4a1cfcf0f007395f7ca9e8da8b4f711
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a4a14522da03928e2d36f023e44a24b78aaacd8efdb2f1b388fec7c14f8b5dc
8d40f0a14249b5ace4ebd28c0567539c94dbcea09bb30eeb766d2445c095d920
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90a33b6cb46421bb6a281b8575a3c54d675919e4cd7667ff826fa1949f8dbbb5
90e16709a3f2bf798602773fd83f5d6af3d20cd6e46996867c20b353f41563ba
9111c0d4065d0935e3883d8191f106ef4e723aaa5c08063c38b077b821b8eb06
91dc26176d513f30cd449ba98dc1be7c524f505c097a97f5aabf81fbe9a52bd7
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1
9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
96432900b69d27f780601b2d0a7a0419ff81e5f8283fdf536daa78da21ad8b5c
9711f52ca474ea2f19631f302ee2161cc9fd0299fb2de47ec1d090f1cae30f4e
975e9c742feedf22b400e07f9b4cd28f5d19f29f722f928e77d012df4677b1a6
97e35b0f62b1819861a737133167dc6a2afde669681c65a8b204e57795eab55c
9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d64d91aab34512237063c941f7614a0189424cfd02579b5f49b1218c8e0ab6
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bab8a1f351f34e32542519e20b90cc955e35b5925ca7644f023e8dca2ceaa8e
9bfeeac72b1bd9df793a7d5755964b7498759a0d484aa2b666039b1a5dc45082
9e4889197c0549c4462dde8b20537e02e5c82d3a70cdad916e8fe8fe754017a3
9ed1a65bffc0cac4d177df9eb91faa9d45a753109e70245fe4cd2d7b1f54a5cd
9ef1ab7d75770fdeb0d622ced58ab59f4e037bc664005922c0d022f0f096bde9
9f99d1c613e06ab5833886d0befcc3c522b2b49ac9df6427648bdfd82ffd772c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d
a341949c452c3e0c1237fe60036263b2819d8f95d1b543f50b929367e3d66475
a3b7b405be44320e2e98f5de6b3bcf1438b8f9ff6dc14da8be88c5c7797e0264
a3bfbaa43590a528409b9ad9ac810ab9e53c355ab05dbcd0a6a1679e8c9e33d5
a41f39bb11466de410dff10abc98d5f3f0b1fea3b27c2293a1756e9c0a7da2cc
a48d30b646c02d84cd19901e982551534ce550613682ccb678ded7efadfc7e93
a4b54f5f4c252304774c06c5b884122c1cbb4f63840c1e104b82aed4f9bcd81e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a5b09d1bdd80e1cf977d87989ff46c01f9a53ac0c467e317e9d51dc6786a7bd9
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a830a45c53ef48930492da2bdb28b05b5a0b323ceb7aec06608912c63a32ba94
aa9c2c77d1ea49e034ba5c8b3d14c8949e3836a7170f7608ecc4db744945b7cc
aab40de161061febcc2b8ad6e131fcc712a6f846691e48dd558689b37e596c36
ab5c84df364a865e97bb1b3957f03f65452949925bac4e5395f1b70369bbc58b
ac1250dcdb2f245bf53d9e8a65f6b47194d20cfea008b559b407287dba6ba7f2
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad14f309038516b756b52c13b92d27bd06dfadb52919a199eaa33e5f7e54f34f
ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f
af0c7784da83b7c09d274e55a72e3fe27ec982118b8e3883881c1a10a8f9e226
af22380d5deafa05590754ba24ee155d3907ecedab1a14439ea2d9dd4e5d84ea
afa59c5adadf064c645b472ec3436d411ef5ca209e0f5c49b8cda7d2e6290951
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4490282172fe33bec1fc4ed1f14b746d10634720dfb9093a52ac1db383c5701
b4e9a04c9b942a515bdf7d40b23e268ddecf37de3da796e563307b6542b98b35
b52bf2ccf4f60e9256e0a53ba17aa3dec5927fe74dee5476066bdd704ae43b70
b606c8b12559dbee078ecbd384cd6e294b2173ed63f3630083cdb1127327715d
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b9d6b53eba48ece4f829cb36086f27447016991159182791397e5c9464fdd2df
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb3cdf5c158000365fa62ff170928fdd22a3141c78817366bea4ed5592431fce
bbb12ff1ef64df73054510365da294db236ec57a064866d14d533530ff50d461
bc4448fa6329500d426ffe9a4cad3b62a52ec212be46a7ea6a34546876bfe196
bc63cc46d41a4dedbe7f2156eb749199433314eef172867a20757f9aeccb77bc
bce6a6a3045c083e7a6698cdaa9e6bc12f724268e8cd03f3abad80826fcdc655
bd536d6281d3e54924e066466f62e03149e0d601f36d9ab9207a413a73b33d93
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4
c05d4b6218e4897fcedcfa93f8cc00d071c5cee416b4d95005a444dc30022a4d
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c520363e2cc69084b2d170bcab4641999c83a5e68a4b5d9939047aefa148214c
c594bae6a9c6aaa5a6ac1b62e8e59457e97aa2b31202aa46548c95b2e1f9c98a
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a
c9729c422fd908ca41871749e0e8f85a5aed856bbdea462d74e10c5567eb2139
c9b3055d701ff3e974f3144b5ef38af3e4a2697499f658fc11b4eef078bc2f47
ca88e9d1b4cb8c46a92b175d573fe9ec1c1597c89b72fa52dbab3622299614a3
ca8cccbb32fdf1f964093bba0b69bf1d405c23fb2e1a29c2fc7b60d12252d849
cbc540c1de1f3fdd9bde60294d3912bc6b83294ad1734150f4aae717a7ea8315
cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4
cc6ad00073f3f69a05c76ce329bfa49ba450fbe99de5e2978841382dd3434cdb
cd7896ebb9f3ae789ba5d7102d9ffe678863ebb715a458c3eb8a7f61674d98b9
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d064631b360b5bf25cf62aefbfa660da59d569608488f2de08ac852aaf9dfba1
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d170323e7ba83ad978d670a60e34b068e2b6a0328bf40ff8b760847ac1416cc5
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d7e6b82560e582dbd606cc91e9414f9d8e4f242d59f6c7b98f7801af686df4e9
d80d3835e81fb67c6505c8314953a4a2b1971af5b396e49e8b1160f6ac4c5329
ddafda7d2c9a2e3b1b55849a475470762c9fb58f123b7d59290e8932b87cf6f4
ddc7868c27e2927490a65faa417940982ee2a765b06d08e111bc71c437e0fd18
ded16d684fbe2fad23aabf3c0c97d2c51bb428ecaef9247e8d1f75a9c0441e8e
e06ac1023b1f36aef13764bae154da4f739babf48d41b51ad6f39f373372dc34
e06acb56efe8c1c54e3c34672d06cff760b820ba8c617d2d95ef9242343e80e8
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2af8ea3aa37a08d84f810dcf6470f036028268160a582722e4058a859539f2d
e33341002ceb1e806be874b256aa36f14b5272f46e87c25b981756176eaa356b
e3adca0aa424267c00d210820a630780848f62da2eb1279c8c45149de717f473
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e661126e9de5d523bd39aecabfe41c5e183f2ea038316fe2d15495e18cbbad14
e685f0154d13ea1fe5c9d879386cd2c0b0bc65d6ce393ed4117d0dfcc5dcf2dd
e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ea7e6668ee0c5bec25d25948eb033b0ed3a956786654c8ad317cd855d4ae3165
eb2b025be42f833d4f14c5f81bef7bdb1bddfc9d78aecf939a2ffc858a0cd5f5
ebb0e85cf8a5e0953a5997538edab29e75417ffe81d7097459e7c2ab99f371e4
ecc46dc5eff05f6f501b13e9829361b8b91ffe0aa443f648868034bb5e09d20a
ef0d0ba3266f303f74e5f3d5ac99b1657e2ec8c169d7339b7aa5d8d24513860a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f984f6b111125e9e4373686d773290f30e03304825a651b5d1f55a31449ef5
f11e1bbe35889e65234470a337517b20a01e786d601596cb9a1ec0cea237912c
f2c0a00b14d6618a1437841a1d09241b97604cbf813f8e33a17733259e1e75e6
f434cb2cd17117f923980abe51099fd8dbb157109fd2a01c1d383e842c20f577
f4af8775c0fe4a0f6e90f99800a7829e7c63f84f4c378bbc7cd190ae02c3750c
f5ca72ab43b96d7f9c3d72990059dc60ee8cca2aae09c6276046f28e24dd8790
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
f6e56a2645e4390a2d026215f24da8b6e869127efa686842d7892d209126a62a
f7f17aedf355c66b736420a60cd75ed07b87b8cd7244b3092b8837b4e1e59e6a
f908c24d190f852f95bd323283ea2565090784c630a2c5c39a206c42f440f20d
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
f9ff3715f657630f4af33db327c39280a35032d7ffaccb82fb55bcc324596505
fa381852708f193d24b4f2c3afb63f23a2dac31b09585653871b9095d652bcd4
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
fd901d49a25858f20c575f7da0792e60cebbd53d4be8ae7eec98ac1df7dcb7dc
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5