advancehappynewyeareve.com Open in urlscan Pro
144.91.97.152 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://advancehappynewyeareve.com/
Submission Tags: phishingrod
Submission: On December 04 via api (December 4th 2023, 9:26:17 am UTC) from DE — Scanned from DE

Summary HTTP 244 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 27 domains to perform 244 HTTP transactions. The main IP is 144.91.97.152, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is advancehappynewyeareve.com.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time advancehappynewyeareve.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	144.91.97.152 144.91.97.152	51167 (CONTABO) (CONTABO)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
39	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.94.19 143.204.94.19	16509 (AMAZON-02) (AMAZON-02)
1	23.215.20.4 23.215.20.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4 27	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
42	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	18.135.55.196 18.135.55.196	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	35.177.10.97 35.177.10.97	16509 (AMAZON-02) (AMAZON-02)
244	44

20 144.91.97.152 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vp3001.cloudhostingpk.com

advancehappynewyeareve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.94.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-19.fra50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.20.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-20-4.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.149 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.55.196 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-55-196.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.177.10.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	967 KB
40	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	273 KB
33	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	259 KB
20	advancehappynewyeareve.com advancehappynewyeareve.com	312 KB
11	wp.com c0.wp.com — Cisco Umbrella Rank: 8588 stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796 i0.wp.com — Cisco Umbrella Rank: 3858	133 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	573 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal90003.redintelligence.net — Cisco Umbrella Rank: 218779	59 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	109 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	109 KB
5	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	299 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	6 KB
2	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 9295	16 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46149	606 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 305788	401 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	36 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3351	360 B
244	27

	Domain	Requested by
42	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
39	pagead2.googlesyndication.com	advancehappynewyeareve.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
27	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
20	advancehappynewyeareve.com	advancehappynewyeareve.com
17	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
9	www.googletagservices.com	googleads.g.doubleclick.net
8	www.googleadservices.com	advancehappynewyeareve.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	c0.wp.com	advancehappynewyeareve.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90003.redintelligence.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal90003.redintelligence.net
4	www.googletagmanager.com	advancehappynewyeareve.com www.googletagmanager.com adv.office-partner.de
3	fonts.gstatic.com	fonts.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects advancehappynewyeareve.com
2	pv.medialead.de	1 redirects googleads.g.doubleclick.net
2	cdn.retailads.net	1 redirects futalis.de
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	z-na.amazon-adsystem.com	advancehappynewyeareve.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	medialead.de	1 redirects
1	track.webgains.com	advancehappynewyeareve.com
1	pb.media01.eu	hal90003.redintelligence.net
1	adv.office-partner.de	hal90003.redintelligence.net
1	futalis.de	hal90003.redintelligence.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	i0.wp.com	advancehappynewyeareve.com
1	pixel.wp.com	advancehappynewyeareve.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.wp.com	advancehappynewyeareve.com
1	s7.addthis.com	advancehappynewyeareve.com
244	45

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org

Subject Issuer	Validity	Valid
advancehappynewyeareve.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-18` - `2024-02-17`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://advancehappynewyeareve.com/
Frame ID: 25AF340584C7630E5CEE99E9C502A925
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 4210348D6BFF86281C38B30CA2ECEB9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&adk=1812271804&adf=3025194257&lmt=1701681994&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994309&bpp=2&bdt=547&idt=300&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7248305282478&frm=20&pv=2&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: EED5A9A3AF30DA5B93F129982E15F8FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
Frame ID: C03ED1C83B62407ED772D8D5A62478FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=450&slotname=1812150678&adk=251077296&adf=3380724228&pi=t.ma~as.1812150678&w=450&lmt=1701681994&format=450x450&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=327&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=329
Frame ID: 14AB02C9AA40EE13B9FF028E92312573
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=147&slotname=1352985678&adk=2931861098&adf=780794530&pi=t.ma~as.1352985678&w=586&fwrn=4&lmt=1701681994&rafmt=11&format=586x147&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=330&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=332
Frame ID: 18FB7D91E75DD10D980A4EBBCA2D9484
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=600&slotname=1606522141&adk=2158643156&adf=2080102769&pi=t.ma~as.1606522141&w=300&lmt=1701681994&format=300x600&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=555&idt=365&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=14&uci=a!e&fsb=1&dtd=367
Frame ID: 1F581B1DF37766485E8E0BBBC6E14B1A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=250&slotname=2929667514&adk=3896112180&adf=3928351752&pi=t.ma~as.2929667514&w=305&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=305x250&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=556&idt=370&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147%2C300x600&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&btvi=4&fsb=1&dtd=371
Frame ID: 5973AC8ABC2E28E87FFB16EB781D0976
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgAKinsKwlR3AA1iSWRaf06fHvxQka74AQ&u=%7CCUBL%2FITgtJelHn1cNtwq0w1cwmen5r5L%2BhxEbZel7XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TzLGUxQmyfiD-kUH1bSDx2cHw3-HxOzIBOwasxEquTz73QoL9kyNUNZYgNEVcErAirme93aI2W2Fdn30hhc_FrHXIPOYYbC3UzR2Zn5_ZUQw-LV59L458E2EAS3WstGATs3cahIwIme3-wqPc5gr3zwZ28S57r40wUQ-aQ3NS0b_hPYfquMhhVtqp7d6BbX0SM7ti2OPZyPdlVyjDuVsLRBxBPwrlAAJkBgrScXW2wIQdLR9w3SyS1B762_J8SYW4z-dgsuB8emlcwTNHpDFlceMxKgp58q6lNWFvEBHYnr-oaQK4l8t11fZKiegUWgaIMstqbqgvkulHlELp82NLT9ZrPM0HVeceA-JZIDkbKVSPkxIq_Aycvpi7SOTLqmxkT4rmt-sQxzwocWrGMXTOg2AG46YV0Cv_zrAMIPCvHuqKSznC34VZz391lsijiXnJhhSqVWi2if8laPj0Q8q7eGDgZgFqEbTHRSGjGigMka5RQbPesZqNMnGwc2_JOouGw1fF4v3Wkzp68g8kdtRAXihKlcas2q8kqeWuu1Bf9XUcBHkjrh8ItE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCno6lSpttZfuUKveoiQbJxLXoCMme0rFc9ZHevrEBwI23ARABIABglYKAgJQHggEXY2EtcHViLTQwOTM1NjI3MjYyNjA2NjjIAQmpAocWcjmKQrI-qAMByAMCqgTWAU_QQE3ZVu9jJKE0mpRtJVIuyOxVAUZd-Wji2vy4qFCh3qj7oKOneVrOeedhk9Z8a284aWyDVwnvJZfwCnflp1PG4Xjkrurn_amoQJhprSaOsaneqRBil3ykatFOyLj-7XQvXEYqasv1dXonabYhc6bBIQXiFQWt8ugGRzsgR-2Ik2-QbUvAJ68oJ5nchheS4YQ2Scc-rGh2RZS7aRNuN8Ga5mH_aDl4a-PRmyVhR_UyIrSX76Cj9nvS9d9gNwUejEFtWCKPP8T7TvXJGX3E7MjS-stUMwGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljHwsC2u_WCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xPbKEhYL6bqwHIr0QQtx2tXxwLw%26client%3Dca-pub-4093562726260668%26adurl%3D
Frame ID: 75F0245F4F05326B0A7FD3D5481066A4
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVAc19RO5EnOoNN6k8nfAoPnCZFO-4UBQebGOCaHJbD7YhUCiRTRhg32mVjZYVdKYvYzoiuN8MT0KHE0KxmQBUSbSgPi6WBRlO9bYYWiNYXfPMpeNh5FNq2TLUFH7AQwBDgUdTkUHd6ZMa0kERSMRWe90sPYPoF2qBBJbl1vI8gJ9g7Sjc
Frame ID: D3165F792E0CBFA94003C14E2B676453
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C6DAF98EE5779EDE828FB09727638FD5
Requests: 20 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgALZesEf61fAAaucSNSoJps6vu5TwRDWg&u=%7CCUBL%2FITgtJefjojw3A2ych%2B4LdFDZH4mrg1mWzccxic%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWKKpsogd4iqH1xVIDR5o_lDcmzExKjbWhDunsMXDY9BW6PKLnvu34cjyYYFDXZAKvgrWnvq-EBxWmAbuJzLEC_wCPcKXUXmJBHja_k83Ryz5svXwp6D7JAQkzbODkbbANu6FXv7wa7OlwuYQQlPIkUQsJVhcbx1ZBse7DreT3iNoUkoDvBnhAk__nnqw0bsz0SAVyUsSyqa2MA32xPEIh5nwOviiWg4m1QtnignOrXikVacXlVZ5fMi9pnxygX7q0Wg1sZD3FQXpXfZFPkR-_I8K48P3uEuEjet4eiL0vwnRU2Oy06xhp70VuzOpNEMujoIO-bcEueYobXHXoBQ3mu7-zoCexSHpovLF-4ybbmvAfmnBSSEncKUSYeJllQJGt2lgS0jYgDCiuigPVXvZM8GH9frO62t9Sa5Uln4jK_9L9RPkWNCqvYZWKXDoLvP0x7nNg9ieVrb9QIklAYmZ8ouVkfS0-j_YA8Uymt71DktHCM5o-EtGO7CkmbmgF6ah0XPu4FplxiVDHMx9Q7Cc7dqTUi5TIaQdjTuF3gw3AaLn1BSaBk9-WabRIh7hi2Kew&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFUAPSpttZevLLd_a_tMP8dyaCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNDA5MzU2MjcyNjI2MDY2OMgBCakChxZyOYpCsj6oAwHIAwKqBNYBT9CplqeBRFFKAwg7oYQ-GYrnf0z3WdEiMnpN5M4Ee1mMAouyhW_l8V0-sQCJM-iwMoMF-izOlHuuF54LgsgYNfcbknRLFj3FAfnwm7zctgf4ZnYZfulxLSHJcq4vvrRIKYRnwYb35Rg8u37CUtqjhTdKidS6F4cUcZANYh2t_fTJuuxzihRztxBuRr8H9_oWkaBbJy2cKM_jDJHZPlxUHndtoFHG3O4CQA8KFnxBQxuiPk-XcSpqRTUSDFx5GdSTmIzkSz60G2BUVh3r37XfpttS2aLEH4AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPrkwLa79YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12udiS6pduWnFJ80bfxMl4WWwFJA%26client%3Dca-pub-4093562726260668%26adurl%3D
Frame ID: 04C0E7521F3F093B142829252583B90C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNVF1drv71gR8kdAX3exTi5DUYYpKeOoShpXPpxxcq6qM7CfSc93obpNOMAkAgkfWbRIDru-A-UbJJL2esQwEIoJs6oX1i4f9-mt31Sru74AwvGfsXPh3ZBfUtSw2bS6yvAN1qvLUpqqebjPfY02q75ZZJtgGmoI-T5ZG0snXJWMTMDVKME
Frame ID: BB67A6CB4744C54072408B79300BA6F6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 27019ACAB4E105E92BA90AAD8808FC33
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8A39EBF37D6EF46E024407E0804EF35F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4EB640D00DF28FFBCE5296755DBF2AE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 780C9B9ECBE12440DF82B429043526D3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8AC3924A4A3E599A04DD947255D0CC3D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1896037EDA8FD644FE758343A8FB992D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 040A5EEE86FB422917822FF51DAEF42B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 40F85E0AFE90FBD21910B90E67328E85
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 44F04163BB5DECBA3AA3C067C5043068
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: BA1013BE14A1C52AA6C595595CA9ECA4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: DBDBE4DCAE9C6E13DE4ABF67F1968CB6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: EFF8AE045DB113DC0165780A3493F17B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: E74F6E221398E2EF263962530C56E419
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 04B765B3A4AEFC29EEE7DE63A14E04FF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C930D2E64956011DB9DAAFB3BCE73971
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655
Frame ID: AFAD789EEED5D4B09E6E17D87801D440
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1F16671D915AE94C49CB60460F076178
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=63520800047489604444994012528003&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: F56DCC1F5270F1C8A8B9F4B56A2A35BA
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3
Frame ID: 295E32CA3F92B20565797A503D42C7B7
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Frame ID: 9E284A47A9ADC5B2386DB96B4C69F7F1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71F1B83C31A6CB8031E24068528146B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 644B98D62EB0A1E601F2ECFFD260A8F5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Explore Advance Happy New Year Eve 2024 | New Year Wishes Messages Quotes 2024 & Much More.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

244
Requests

94 %
HTTPS

45 %
IPv6

27
Domains

45
Subdomains

44
IPs

5
Countries

3201 kB
Transfer

7912 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/New_Year%27s_Eve
Title: New Year’s Eve

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/New_Year
Title: New Year

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2bSyzyzTdQVfDq5Wd23QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2bSyzyzTdQVfDq5Wd23QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 198

https://googleads.g.doubleclick.net/pagead/adview?ai=CT1bhSpttZevoLJHgZZCamYANj-2bnHT2k__p-BHAjbcBEAEglo7wLmCVgoCAlAegAb-F2eADyAEBqQKHFnI5ikKyPqgDAcgDywSqBNcBT9DQCXzcPom1Hn32HLkhq7asx5kj7EKh4rWqvG-rqg-StKtSo8fYryONoA0Qkd3IyQIV6fSUiQj4oBCnRktnw73sNASv7Dx-OqDDJyUDUkfRZu1TrIEkRAnEGJ1vVVuX01K-WTKDqrJarmAiiLKegEGFx4Euy9y97SMaMmLTBSH6hx8pwVupjwwaIwMP93q1agozAieNLTtj5gJNEDZ3sQRfzne3TFsEqnF0ameK_uXCU0WoYED1HEApfJd5Ooa17y9mP5EpgfVgW-JTaEuAPOHdtFai9frABOf0iI3FBIgFk8m4sk2gBi6AB6n6ph-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDfuUrSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMKXw7a79YIDmgkiaHR0cHM6Ly9UYXJqYS5sbmsudG8vZGFya2NocmlzdG1hc4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMD0BUBgBcBshccChoIABIUcHViLTQwOTM1NjI3MjYyNjA2NjgYAA&sigh=20MxV4m6J3Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNm7_gzfeAsOnw8qAY4zzt7-Y-S-ch99-WxTcFGQYVvML5y812KeWUr7twjDARl7I2CvVW6Oqm05m-DRr6DQbBG1FIg5AWYaam9RgB&template_id=5021&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221571093852933352818%22,%22debug_reporting%22:true,%22destination%22:%22https://lnk.to%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221008091839%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228121929576835278913%22}&andc=true

Request Chain 201

https://googleads.g.doubleclick.net/pagead/adview?ai=ChVm0SpttZdO6KdaDiQbBworQD_Kztc108fLu4rMSsJAfEAEglo7wLmCVgoCAlAegAcO8ipgByAECqQId0_3VgGWmPqgDAcgDyQSqBN0BT9BhFnWVa9cGzmiQLxHI4LmPjsA5Ip8xHaahSK_2WyHhcosaAFHlP4jtCgapATzy5GwcAGiTBebg6xutF2hiAhP2N6C6yvo_oApaDW6JoeGXPjaQPkHFRmWD0CbhFoiEeWD6zIEexUX8JX8LgGBUpQMkPl4Mq4rGD_yJ2PBhWHseu9u8qPTWVATBGwCj5OfL-rcYO7ltUXs11ItCKjCKrrppTnXvd3kYQA4dV-GmFaqp_z7U1SN-QNcf43tKPBnqqXkQ4Yf75zdBrqtbByC5EYv77t3gE_y4Si82LYPABO38yOiQBIgFrJCgxEaSBQQIBBgBkgUECAUYBKAGAoAHpcP15wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCk7Q7SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMTMv7a79YIDmgl4aHR0cHM6Ly9taWNyb2JhLmNvbS9taWNyb2Jpb21lLXJlc2VhcmNoL2NsaW5pY2FsLXJlc2VhcmNoL3doeS1taWNyb2Jpb21lLWRhdGEtaXMtYmVjb21pbmctZXNzZW50aWFsLWluLWRydWctZGV2ZWxvcG1lbnQvgAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDA5MzU2MjcyNjI2MDY2OBgA&sigh=am8luq7hwV4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228517014382054125371%22,%22debug_reporting%22:true,%22destination%22:%22https://microba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22318938691%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225341020004456328625%22}&andc=true

Request Chain 210

https://googleads.g.doubleclick.net/pagead/adview?ai=C5xZMSpttZdK6KdaDiQbBworQD6ya9790oYSjkOMO8vLWssUBEAEglo7wLmCVgoCAlAegAYbX170DyAECqQKHFnI5ikKyPqgDAcgDyQSqBNsBT9CRIQ_7_idM_XCTcoFEJDQV8OtxALSV6qtS4vecTd1DAYR0iLuVJWpV05XTpVCcvr2TqyREQ2QdIuvVJLD34AJxKbcUZCwncQqfmMuU-lqfPYV9kdjQzu5iZ31PU25OnE3Ek8_wrT5DkV_A9vj_HhNkxIwp-1aoM7LM4715FGczApkcVi5FW0eoVV3OEd25LYnr-S21EgAFzrIAd8z4jc_ddxW5GsVyMGfhc7ZF44TOP0_Ae7Kj1_cmicTvKhJHTAt0j42O4j73l_RDgBTIG1w7LWP6QYK2Hk2mwATAhrCy-QOIBdLRqY04kgUECAQYAZIFBAgFGASgBgKAB-KoqEKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCQ5AXSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMTMv7a79YIDmgk7aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vYzAxLTEwMS1iMDAyZj92b3VjaGVyPXNwZWNpYWyACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi00MDkzNTYyNzI2MjYwNjY4GAA&sigh=nugqxf-gbhc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227157912674481316836%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227387941189621958977%22}&andc=true

Request Chain 213

https://googleads.g.doubleclick.net/pagead/adview?ai=CnPg9SpttZdG6KdaDiQbBworQD6ya9790oYSjkOMO8vLWssUBEAEglo7wLmCVgoCAlAegAYbX170DyAECqQKHFnI5ikKyPqgDAcgDyQSqBNsBT9A2ojHg2IkTPVNUFaBpfhI8614ytn5AJGDe5ebJsMw-HDcySPMeTrYTUF_h6hTJpwXs87EZMEqQ8zNu2PRMdEG7xpoy5bP9AVv__HPe2EHWqhyF4l-gk1pEXq1rPmdA3VKTU3cr9-X7Ib_wsEg-GSRHNWyujfJhWzeUGyRySBM7b_g_m9FFXgzKJ_Ic_h4IXTKqoiRiglWlO28JXzLKKNab8x3FQlG6QdmDg0M_Yr7NfMSQ2r_fpvrWC3ROOQP3o3ret9uRscsWqvCY5dXQaz8_L91xhbgsYATRwATAhrCy-QOIBdLRqY04kgUECAQYAZIFBAgFGASgBgKAB-KoqEKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDt0wfSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMTMv7a79YIDmgk7aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vYzAxLTEwMS1iMDAyZj92b3VjaGVyPXNwZWNpYWyACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi00MDkzNTYyNzI2MjYwNjY4GAA&sigh=dhNfdf2ZyEg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213340094694821260099%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211770628589215313601%22}&andc=true

Request Chain 216

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=63520800047489604444994012528003&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655

Request Chain 218

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=63520800047489604444994012528003&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 220

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3

Request Chain 222

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=

244 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
advancehappynewyeareve.com/ 191 KB
34 KB 622ms
485ms Document
text/html 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: ab9b425f4297c5ea074e19d2c31e5a1585fdabf3a8b1c63437c6add19f9cfe8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 Jun 2022 03:37:31 GMT
link: <https://advancehappynewyeareve.com/wp-json/>; rel="https://api.w.org/" <https://advancehappynewyeareve.com/wp-json/wp/v2/pages/44>; rel="alternate"; type="application/json" <https://wp.me/PaaRYd-I>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 style.min.css
c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/ 102 KB
13 KB 130ms
38ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/ 11 KB
3 KB 131ms
39ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/ 4 KB
1 KB 208ms
116ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 styles.css
advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
987 B 82ms
81ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:18:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 878
expires: max-age=A10368000, public

GET
H2 200 font-awesome.css
advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/css/ 30 KB
7 KB 83ms
82ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/css/font-awesome.css?ver=4.46
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 20:30:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 6658
expires: max-age=A10368000, public

GET
H2 200 frontend.css
advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/css/ 980 B
423 B 84ms
83ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/css/frontend.css?ver=4.46
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 7bac686f3c57cc1915e8739f4519da1eb6f11febc62b1fc48fe542e8e17560b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 20:30:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 390
expires: max-age=A10368000, public

GET
H2 200 genericons.css
c0.wp.com/p/jetpack/12.7/_inc/genericons/genericons/ 28 KB
16 KB 131ms
40ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.7/_inc/genericons/genericons/genericons.css

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 13 Jan 2016 23:09:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 style.css
advancehappynewyeareve.com/wp-content/themes/frontier/ 26 KB
6 KB 87ms
86ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: e4f6c6576d71bd557785071ed53634304d9d61580ab81bf6b21c0d5e910b71ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 6058
expires: max-age=A10368000, public

GET
H2 200 responsive.css
advancehappynewyeareve.com/wp-content/themes/frontier/ 3 KB
785 B 85ms
84ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/responsive.css?ver=1.3.5
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 729
expires: max-age=A10368000, public

GET
H2 200 addthis_wordpress_public.min.css
advancehappynewyeareve.com/wp-content/plugins/addthis/frontend/build/ 587 B
293 B 86ms
85ms Stylesheet
text/css 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=6.3.2
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
content-encoding: br
last-modified: Sat, 21 May 2022 04:33:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 237
expires: max-age=A10368000, public

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.7/css/ 98 KB
17 KB 130ms
39ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.7/css/jetpack.css

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 10 Oct 2023 19:16:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.3.2/wp-includes/js/jquery/ 85 KB
29 KB 208ms
117ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.3.2/wp-includes/js/jquery/ 13 KB
5 KB 208ms
117ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:33 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
53 KB 237ms
122ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c894de7286f1af5077f4d1e6bf255d883756d57a80855e30276f8e6fe17ebd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53690
x-xss-protection: 0
server: cafe
etag: 15501805493489285077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 145ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145882822-2

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e95173133504fad00f934bfbfc3d005e7542405419513b3bca148d90fa4f615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68966
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 09:26:34 GMT

GET
H2 200 new-year.jpg
advancehappynewyeareve.com/wp-content/uploads/2018/08/ 125 KB
125 KB 86ms
86ms Image
image/jpeg 144.91.97.152
CONTABO

General

Check archive.org

Download Go to Show image

Full URL: https://advancehappynewyeareve.com/wp-content/uploads/2018/08/new-year.jpg
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 46b9fea73bf2862085e4022c55ae4ffb5ea99c4344838134acd8f6fc1725914b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:31 GMT
last-modified: Tue, 14 Aug 2018 09:53:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 127881
expires: max-age=A10368000, public

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 162ms
42ms Script
application/javascript 143.204.94.19
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-19.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 9a99bd06295606f644c2daf3d7340eb6df3f5196ce470faff4f9093db55b7fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: Public
date: Mon, 04 Dec 2023 05:59:49 GMT
content-encoding: gzip
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
age: 12404
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7983
x-amz-cf-id: IpesGosye7yZH_cO-hIVOL8Q1PStGyWTuPWowcEFgzmp9rkmVAfURA==
expires: Tue, 05 Dec 2023 05:59:49 GMT

GET
H2 200 q Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 40ms
39ms Script
application/javascript 143.204.94.19
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-19.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 9ae92e3ed374198381beada22df3a964f304a0a704f3581ea2795a1e4fd45107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: Public
date: Mon, 04 Dec 2023 02:41:28 GMT
content-encoding: gzip
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
age: 24305
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7989
x-amz-cf-id: y3y3oYkl9ytCxvN74PvB9sgvGrV41UuJFcf6VKmu-1PcLCmxWA_VuQ==
expires: Tue, 05 Dec 2023 02:41:28 GMT

GET
H3 200 image-cdn.js Show response
advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
604 B 47ms
47ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:04:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 330
expires: max-age=A10368000, public

GET
H3 200 index.js Show response
advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 52ms
52ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:18:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3061
expires: max-age=A10368000, public

GET
H3 200 index.js Show response
advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 56ms
56ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:18:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3918
expires: max-age=A10368000, public

GET
H3 200 frontend.js Show response
advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/js/ 875 B
441 B 63ms
61ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/js/frontend.js?ver=4.46
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 0d0966fca4860b7b73a155c8cae651f580e0fac7c89153122e515fc1ef499628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Mon, 01 Nov 2021 20:30:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 396
expires: max-age=A10368000, public

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
360 B 196ms
55ms Script
text/javascript 23.215.20.4
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=6.3.2

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.215.20.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-20-4.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 09:26:34 GMT
server: Oracle API Gateway
opc-request-id: /2E374900495F2E31F93072F34B6218B3/E626C4A4EE2AC4726C295D128FC5582A
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H3 200 intersection-observer.js Show response
advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 57ms
55ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:04:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 2894
expires: max-age=A10368000, public

GET
H3 200 lazy-images.js Show response
advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
984 B 62ms
60ms Script
application/javascript 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=de7a5ed9424adbf44f32
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 2cc31667549ffd4158c649e13057689ab523aff3635adc89abe1caf3cbfc961f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
content-encoding: br
last-modified: Fri, 13 Oct 2023 19:04:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 939
expires: max-age=A10368000, public

GET
H2 200 e-202349.js Show response
stats.wp.com/ 7 KB
3 KB 372ms
38ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL: https://stats.wp.com/e-202349.js
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 03:42:01 GMT

GET
H2 200 jetpack-carousel.min.js Show response
c0.wp.com/p/jetpack/12.7/_inc/build/carousel/ 24 KB
7 KB 40ms
38ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.7/_inc/build/carousel/jetpack-carousel.min.js

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 30 May 2023 17:03:31 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 09:26:34 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 honeycomb.png
advancehappynewyeareve.com/wp-content/themes/frontier/images/ 265 B
308 B 56ms
56ms Image
image/png 144.91.97.152
CONTABO

General

Check archive.org

Download Go to Show image

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/images/honeycomb.png
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 265
expires: max-age=A10368000, public

GET
H3 200 roboto-condensed-v25-latin-regular.woff2
advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/ 15 KB
15 KB 53ms
53ms Font
application/font-woff2 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/roboto-condensed-v25-latin-regular.woff2
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Request headers

Referer: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Origin: https://advancehappynewyeareve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 15700
expires: max-age=A10368000, public

GET
H3 200 roboto-condensed-v25-latin-700.woff2
advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/ 15 KB
15 KB 70ms
70ms Font
application/font-woff2 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/roboto-condensed-v25-latin-700.woff2
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Request headers

Referer: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Origin: https://advancehappynewyeareve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 15660
expires: max-age=A10368000, public

GET
H3 200 arimo-v27-latin-regular.woff2
advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/ 10 KB
10 KB 82ms
82ms Font
application/font-woff2 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/arimo-v27-latin-regular.woff2
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7

Request headers

Referer: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Origin: https://advancehappynewyeareve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 10016
expires: max-age=A10368000, public

GET
H3 200 arimo-v27-latin-700.woff2
advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/ 10 KB
10 KB 91ms
91ms Font
application/font-woff2 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/includes/fonts/arimo-v27-latin-700.woff2
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: ec57a929af01e96210beb73632be51c1c3d59590696e3d18d482c3183ffe8301

Request headers

Referer: https://advancehappynewyeareve.com/wp-content/themes/frontier/style.css?ver=1.3.5
Origin: https://advancehappynewyeareve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Fri, 13 Oct 2023 19:17:01 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 10016
expires: max-age=A10368000, public

GET
H3 200 fontawesome-webfont.woff2
advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/fonts/ 75 KB
75 KB 50ms
49ms Font
application/font-woff2 144.91.97.152
CONTABO

General

Check archive.org

Download Go to

Full URL: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/css/font-awesome.css?ver=4.46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 144.91.97.152 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vp3001.cloudhostingpk.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://advancehappynewyeareve.com/wp-content/plugins/simple-scroll-to-top-button/inc/lib/font-awesome/css/font-awesome.css?ver=4.46
Origin: https://advancehappynewyeareve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 03:37:32 GMT
last-modified: Mon, 01 Nov 2021 20:30:48 GMT
server: LiteSpeed
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 77160
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 62ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X2HQE9ESM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145882822-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

751f32223168838c86cc0c466edf36daa844f913882b6057380a276cc773f7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 09:26:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145882822-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 08:31:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3294
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 10:31:40 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aef03efa9f7020516997e583f38cffdcf7b382f90241c0fa45839f2d1df478ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137667
x-xss-protection: 0
server: cafe
etag: 3733484380964174467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 4210 9 KB
4 KB 125ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1X2HQE9ESM&gtm=45je3bt0v9110488518&_p=1701681994000&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=91301450.1701681994&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701681994&sct=1&seg=0&dl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&dt=Explore%20Advance%20Happy%20New%20Year%20Eve%202024%20%7C%20New%20Year%20Wishes%20Messages%20Quotes%202024%20%26%20Much%20More.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1231
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X2HQE9ESM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://advancehappynewyeareve.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 43ms
38ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=150354105&post=44&tz=0&srv=advancehappynewyeareve.com&j=1%3A12.7&host=advancehappynewyeareve.com&ref=&fcp=906&rand=0.07811877411039214
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 09:26:34 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
214 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=377716936&t=pageview&_s=1&dl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ul=en-us&de=UTF-8&dt=Explore%20Advance%20Happy%20New%20Year%20Eve%202024%20%7C%20New%20Year%20Wishes%20Messages%20Quotes%202024%20%26%20Much%20More.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1627040454&gjid=1330774898&cid=91301450.1701681994&tid=UA-145882822-2&_gid=465242185.1701681994&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1848308387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://advancehappynewyeareve.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Happy-New-Years-Eve.jpg
i0.wp.com/advancehappynewyeareve.com/wp-content/uploads/2018/09/ 38 KB
39 KB 327ms
235ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://i0.wp.com/advancehappynewyeareve.com/wp-content/uploads/2018/09/Happy-New-Years-Eve.jpg?w=640&ssl=1

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

984a95e651942b29e70485cae4e804de8391c52040616e99d121f8081a4fd1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 39386
x-nc: MISS hhn 1
last-modified: Mon, 04 Dec 2023 09:26:34 GMT
server: nginx
etag: "d409d839bd48f2ec"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://advancehappynewyeareve.com/wp-content/uploads/2018/09/Happy-New-Years-Eve.jpg>; rel="canonical"
expires: Wed, 03 Dec 2025 21:26:34 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 152ms
73ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EED5 587 KB
104 KB 512ms
511ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&adk=1812271804&adf=3025194257&lmt=1701681994&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994309&bpp=2&bdt=547&idt=300&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7248305282478&frm=20&pv=2&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da9589bf993f0b26a2bdf472efc72ed1950a2f75026abbe7c3d6d90464c83b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 106713
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C03E 29 KB
12 KB 486ms
486ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5068f72239e3e23c9afb0d5e8a7fe9490ecdd0655ea2c2125728cb72f5068206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11774
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14AB 36 KB
15 KB 407ms
407ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=450&slotname=1812150678&adk=251077296&adf=3380724228&pi=t.ma~as.1812150678&w=450&lmt=1701681994&format=450x450&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=327&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=329

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b77efcf50f1e40606dfe6e8442347285829b87a3b72dc7c690b0091c518b2ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14721
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 18FB 36 KB
15 KB 476ms
476ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=147&slotname=1352985678&adk=2931861098&adf=780794530&pi=t.ma~as.1352985678&w=586&fwrn=4&lmt=1701681994&rafmt=11&format=586x147&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=330&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=332

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5544d83ab12d5efbac61eebf629222dc9ecdfff1e9db493291a70bb4ad821ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F58 126 KB
42 KB 518ms
518ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=600&slotname=1606522141&adk=2158643156&adf=2080102769&pi=t.ma~as.1606522141&w=300&lmt=1701681994&format=300x600&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=555&idt=365&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=14&uci=a!e&fsb=1&dtd=367

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a303ba0b3a0639fd50713e48846de00151e6955de224d5e262975993d112982b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42768
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5973 22 KB
10 KB 509ms
496ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=250&slotname=2929667514&adk=3896112180&adf=3928351752&pi=t.ma~as.2929667514&w=305&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=305x250&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=556&idt=370&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147%2C300x600&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&btvi=4&fsb=1&dtd=371

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c43a63900e12b904e06308bd3e068f1478fbc84e5ae634cdfa82f739aa4b0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10037
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 75F0 196 KB
55 KB 303ms
202ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgAKinsKwlR3AA1iSWRaf06fHvxQka74AQ&u=%7CCUBL%2FITgtJelHn1cNtwq0w1cwmen5r5L%2BhxEbZel7XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TzLGUxQmyfiD-kUH1bSDx2cHw3-HxOzIBOwasxEquTz73QoL9kyNUNZYgNEVcErAirme93aI2W2Fdn30hhc_FrHXIPOYYbC3UzR2Zn5_ZUQw-LV59L458E2EAS3WstGATs3cahIwIme3-wqPc5gr3zwZ28S57r40wUQ-aQ3NS0b_hPYfquMhhVtqp7d6BbX0SM7ti2OPZyPdlVyjDuVsLRBxBPwrlAAJkBgrScXW2wIQdLR9w3SyS1B762_J8SYW4z-dgsuB8emlcwTNHpDFlceMxKgp58q6lNWFvEBHYnr-oaQK4l8t11fZKiegUWgaIMstqbqgvkulHlELp82NLT9ZrPM0HVeceA-JZIDkbKVSPkxIq_Aycvpi7SOTLqmxkT4rmt-sQxzwocWrGMXTOg2AG46YV0Cv_zrAMIPCvHuqKSznC34VZz391lsijiXnJhhSqVWi2if8laPj0Q8q7eGDgZgFqEbTHRSGjGigMka5RQbPesZqNMnGwc2_JOouGw1fF4v3Wkzp68g8kdtRAXihKlcas2q8kqeWuu1Bf9XUcBHkjrh8ItE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCno6lSpttZfuUKveoiQbJxLXoCMme0rFc9ZHevrEBwI23ARABIABglYKAgJQHggEXY2EtcHViLTQwOTM1NjI3MjYyNjA2NjjIAQmpAocWcjmKQrI-qAMByAMCqgTWAU_QQE3ZVu9jJKE0mpRtJVIuyOxVAUZd-Wji2vy4qFCh3qj7oKOneVrOeedhk9Z8a284aWyDVwnvJZfwCnflp1PG4Xjkrurn_amoQJhprSaOsaneqRBil3ykatFOyLj-7XQvXEYqasv1dXonabYhc6bBIQXiFQWt8ugGRzsgR-2Ik2-QbUvAJ68oJ5nchheS4YQ2Scc-rGh2RZS7aRNuN8Ga5mH_aDl4a-PRmyVhR_UyIrSX76Cj9nvS9d9gNwUejEFtWCKPP8T7TvXJGX3E7MjS-stUMwGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljHwsC2u_WCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xPbKEhYL6bqwHIr0QQtx2tXxwLw%26client%3Dca-pub-4093562726260668%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=450&slotname=1812150678&adk=251077296&adf=3380724228&pi=t.ma~as.1812150678&w=450&lmt=1701681994&format=450x450&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=327&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5382007c553a72ca2103ad6c1e80d421daaa75aaa97b0bed65e4cb13fb21529e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ETmXxarDBRRg4yfs0D4byH0QhwZ6geFm5dGt4ulBcTxJHHUdO_eMEa9GvEh8F1WZ8B-gxg_rNB419rGwdKUDjQ3BPTV1-Ra6iEVwclFrnPajNG9crgNCi93XBF1A_z9AT5hrG3I1HSQ8ZxCYvTUDF8e72vrGce88HYnT5lvme2ZrfMl4UQxoDWQlPufmDCjSQg6UW_HaC4PHFheQbZvTvbRbs4D3GfgMZMWRRblJaVaal19IgT_AeBBOmWUflkT3VfP3HA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67720223
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 14AB 3 KB
1 KB 182ms
80ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 14AB 20 KB
9 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14AB 202 KB
64 KB 161ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D316 624 B
246 B 96ms
96ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVAc19RO5EnOoNN6k8nfAoPnCZFO-4UBQebGOCaHJbD7YhUCiRTRhg32mVjZYVdKYvYzoiuN8MT0KHE0KxmQBUSbSgPi6WBRlO9bYYWiNYXfPMpeNh5FNq2TLUFH7AQwBDgUdTkUHd6ZMa0kERSMRWe90sPYPoF2qBBJbl1vI8gJ9g7Sjc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
expires: Mon, 04 Dec 2023 09:26:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C6DA 92 KB
32 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C6DA 3 KB
1 KB 115ms
82ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C6DA 20 KB
8 KB 92ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6DA 202 KB
64 KB 165ms
132ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DA 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1cDixifQ2fpMJF77PXSKAEJJRtXI4W9oQMGBiMnUre-jkclFOcmbExI40I90QaM1CbJn2Z_ymAHScOdPTJVzJCzY5fdR_s6_HQyqOifYcw37O__8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DA 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15131670201932645892&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 04C0 173 KB
53 KB 134ms
111ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgALZesEf61fAAaucSNSoJps6vu5TwRDWg&u=%7CCUBL%2FITgtJefjojw3A2ych%2B4LdFDZH4mrg1mWzccxic%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWKKpsogd4iqH1xVIDR5o_lDcmzExKjbWhDunsMXDY9BW6PKLnvu34cjyYYFDXZAKvgrWnvq-EBxWmAbuJzLEC_wCPcKXUXmJBHja_k83Ryz5svXwp6D7JAQkzbODkbbANu6FXv7wa7OlwuYQQlPIkUQsJVhcbx1ZBse7DreT3iNoUkoDvBnhAk__nnqw0bsz0SAVyUsSyqa2MA32xPEIh5nwOviiWg4m1QtnignOrXikVacXlVZ5fMi9pnxygX7q0Wg1sZD3FQXpXfZFPkR-_I8K48P3uEuEjet4eiL0vwnRU2Oy06xhp70VuzOpNEMujoIO-bcEueYobXHXoBQ3mu7-zoCexSHpovLF-4ybbmvAfmnBSSEncKUSYeJllQJGt2lgS0jYgDCiuigPVXvZM8GH9frO62t9Sa5Uln4jK_9L9RPkWNCqvYZWKXDoLvP0x7nNg9ieVrb9QIklAYmZ8ouVkfS0-j_YA8Uymt71DktHCM5o-EtGO7CkmbmgF6ah0XPu4FplxiVDHMx9Q7Cc7dqTUi5TIaQdjTuF3gw3AaLn1BSaBk9-WabRIh7hi2Kew&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFUAPSpttZevLLd_a_tMP8dyaCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNDA5MzU2MjcyNjI2MDY2OMgBCakChxZyOYpCsj6oAwHIAwKqBNYBT9CplqeBRFFKAwg7oYQ-GYrnf0z3WdEiMnpN5M4Ee1mMAouyhW_l8V0-sQCJM-iwMoMF-izOlHuuF54LgsgYNfcbknRLFj3FAfnwm7zctgf4ZnYZfulxLSHJcq4vvrRIKYRnwYb35Rg8u37CUtqjhTdKidS6F4cUcZANYh2t_fTJuuxzihRztxBuRr8H9_oWkaBbJy2cKM_jDJHZPlxUHndtoFHG3O4CQA8KFnxBQxuiPk-XcSpqRTUSDFx5GdSTmIzkSz60G2BUVh3r37XfpttS2aLEH4AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPrkwLa79YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12udiS6pduWnFJ80bfxMl4WWwFJA%26client%3Dca-pub-4093562726260668%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=147&slotname=1352985678&adk=2931861098&adf=780794530&pi=t.ma~as.1352985678&w=586&fwrn=4&lmt=1701681994&rafmt=11&format=586x147&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=330&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f4e91c7994ed21c074d998267595e3c799128e2bb3e5048e3c57beb91bacde9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lKIAqKrDBRRg4yfs-_WUB_2mPonZDYFPuZBVzXvgcsKngFj9Muh-sLR6m8yqmL2DPZFlDDq2VfhpSoG5YzDaAwXpsQbzqhFVs9YU_DMGkLOEs7RxFhEr1qdRrp-MyN9yUxsDc6IYieriZXf1Loc9y-mD_6RbrcaGv7yjyVAQ9SRksMKtErX5H68CfjIfrFChkEoGzg4kDlQGnBLWke3BQKQOCzPcMyxGCAhFHfv_M3763t5yTllBvk-iSqU1csl6CI111g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67312822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 18FB 3 KB
1 KB 106ms
83ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 18FB 20 KB
8 KB 82ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18FB 202 KB
64 KB 175ms
152ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5973 42 B
63 B 94ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmPEJIhM17kWIJE4ymmBo-1e6Q_0N5vgw8xFDbzBjYwSb3ZrRMKjhXX-YRZ22NKa0IZjc9YYotR2IFtxDzAoosDk3aTgyJfUBW5CUliFgTDfuWVas

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=250&slotname=2929667514&adk=3896112180&adf=3928351752&pi=t.ma~as.2929667514&w=305&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=305x250&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=556&idt=370&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147%2C300x600&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&btvi=4&fsb=1&dtd=371

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5973 0
20 B 93ms
88ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5707607431721158481&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5973 89 KB
31 KB 116ms
110ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5973 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5973 20 KB
8 KB 48ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5973 202 KB
64 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1F58 5 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=600&slotname=1606522141&adk=2158643156&adf=2080102769&pi=t.ma~as.1606522141&w=300&lmt=1701681994&format=300x600&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=555&idt=365&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=14&uci=a!e&fsb=1&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 07:54:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1F58 2 KB
903 B 54ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 21:48:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1F58 24 KB
9 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1F58 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1F58 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F58 202 KB
64 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 1F58 37 KB
16 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 22:31:34 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 160 KB
55 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

306d008fcbc110d74c8ceda9dd3c445600dfe0644c744db2160224da8ef409ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55931
x-xss-protection: 0
server: cafe
etag: 11226948489334237199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BB67 624 B
242 B 81ms
81ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNVF1drv71gR8kdAX3exTi5DUYYpKeOoShpXPpxxcq6qM7CfSc93obpNOMAkAgkfWbRIDru-A-UbJJL2esQwEIoJs6oX1i4f9-mt31Sru74AwvGfsXPh3ZBfUtSw2bS6yvAN1qvLUpqqebjPfY02q75ZZJtgGmoI-T5ZG0snXJWMTMDVKME

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=250&slotname=2929667514&adk=3896112180&adf=3928351752&pi=t.ma~as.2929667514&w=305&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=305x250&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=556&idt=370&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147%2C300x600&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&btvi=4&fsb=1&dtd=371
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

43 B
328 B

71ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVAc19RO5EnOoNN6k8nfAoPnCZFO-4UBQebGOCaHJbD7YhUCiRTRhg32mVjZYVdKYvYzoiuN8MT0KHE0KxmQBUSbSgPi6WBRlO9bYYWiNYXfPMpeNh5FNq2TLUFH7AQwBDgUdTkUHd6ZMa0kERSMRWe90sPYPoF2qBBJbl1vI8gJ9g7Sjc
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDG3I0M3RnBCwMw8W8BOms0msizWmAeOUyj3EvUOwy19zHtUH9xnFPSH2K7GAeN2dPXIvsQ%2FpG87SDGbNO3oaKbVpA3Scy25Qdzl39mtS%2BAnfe0jC2i07AR0A33jf%2FohI0q%2Bfx2HnV%2B%2Fcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830302379ba92675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D316
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2bSyzyzTdQVfDq5Wd23QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

43 B
772 B

84ms
84ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVAc19RO5EnOoNN6k8nfAoPnCZFO-4UBQebGOCaHJbD7YhUCiRTRhg32mVjZYVdKYvYzoiuN8MT0KHE0KxmQBUSbSgPi6WBRlO9bYYWiNYXfPMpeNh5FNq2TLUFH7AQwBDgUdTkUHd6ZMa0kERSMRWe90sPYPoF2qBBJbl1vI8gJ9g7Sjc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUJJ8tRgKzmA7kULmIBvsoeGXUwFXn%2BNaIYG6ubnDHuZ%2Fhmx0pT2W474Eb%2FlSRdJ3hVEaJSrAWcv6diS1RkVrgmI4wzfgNzJSV8rXR8lt%2FH6J52yAMJVz4sRSu3dYhPBfWdj1yfp8YsE4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830302387c0558f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

43 B
840 B

48ms
46ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVAc19RO5EnOoNN6k8nfAoPnCZFO-4UBQebGOCaHJbD7YhUCiRTRhg32mVjZYVdKYvYzoiuN8MT0KHE0KxmQBUSbSgPi6WBRlO9bYYWiNYXfPMpeNh5FNq2TLUFH7AQwBDgUdTkUHd6ZMa0kERSMRWe90sPYPoF2qBBJbl1vI8gJ9g7Sjc

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
an-x-request-uuid: 17d423ee-fbde-4faf-ba1e-1f0af2f5cf86
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D316
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

170 B
232 B

50ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
an-x-request-uuid: fbc23309-b800-4828-b695-c0f045a3410a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13445909753655054984/ Frame 1F58 2 KB
2 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13445909753655054984/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bcec999cf3ada800188746a2ee886467264cf80a8d8944d56b157f3a68d0b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:02:30 GMT
x-content-type-options: nosniff
age: 5045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1577
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 03:03:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 08:02:30 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/62695100475500620/ Frame 1F58 18 KB
18 KB 45ms
45ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/62695100475500620/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85cb881b05293f02aea6ee1943358cbd97c5eeca3d2743a985c4cbbab6a16d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:12:44 GMT
x-content-type-options: nosniff
age: 36831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18272
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 03:03:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Dec 2024 23:12:44 GMT

GET
DATA 200
OK truncated
/ Frame 1F58 209 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e99c2f6bf48e0b7e5759aa363f1d57e5ddb52dbb9b2ae881b2bf83b435fbbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1F58 206 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 18FB 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6403bb15be4ac432d5941bb2196ff4e4351aa036e06630ba68b87a96398cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 04C0 2 KB
1 KB 211ms
83ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgALZesEf61fAAaucSNSoJps6vu5TwRDWg&u=%7CCUBL%2FITgtJefjojw3A2ych%2B4LdFDZH4mrg1mWzccxic%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWKKpsogd4iqH1xVIDR5o_lDcmzExKjbWhDunsMXDY9BW6PKLnvu34cjyYYFDXZAKvgrWnvq-EBxWmAbuJzLEC_wCPcKXUXmJBHja_k83Ryz5svXwp6D7JAQkzbODkbbANu6FXv7wa7OlwuYQQlPIkUQsJVhcbx1ZBse7DreT3iNoUkoDvBnhAk__nnqw0bsz0SAVyUsSyqa2MA32xPEIh5nwOviiWg4m1QtnignOrXikVacXlVZ5fMi9pnxygX7q0Wg1sZD3FQXpXfZFPkR-_I8K48P3uEuEjet4eiL0vwnRU2Oy06xhp70VuzOpNEMujoIO-bcEueYobXHXoBQ3mu7-zoCexSHpovLF-4ybbmvAfmnBSSEncKUSYeJllQJGt2lgS0jYgDCiuigPVXvZM8GH9frO62t9Sa5Uln4jK_9L9RPkWNCqvYZWKXDoLvP0x7nNg9ieVrb9QIklAYmZ8ouVkfS0-j_YA8Uymt71DktHCM5o-EtGO7CkmbmgF6ah0XPu4FplxiVDHMx9Q7Cc7dqTUi5TIaQdjTuF3gw3AaLn1BSaBk9-WabRIh7hi2Kew&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFUAPSpttZevLLd_a_tMP8dyaCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNDA5MzU2MjcyNjI2MDY2OMgBCakChxZyOYpCsj6oAwHIAwKqBNYBT9CplqeBRFFKAwg7oYQ-GYrnf0z3WdEiMnpN5M4Ee1mMAouyhW_l8V0-sQCJM-iwMoMF-izOlHuuF54LgsgYNfcbknRLFj3FAfnwm7zctgf4ZnYZfulxLSHJcq4vvrRIKYRnwYb35Rg8u37CUtqjhTdKidS6F4cUcZANYh2t_fTJuuxzihRztxBuRr8H9_oWkaBbJy2cKM_jDJHZPlxUHndtoFHG3O4CQA8KFnxBQxuiPk-XcSpqRTUSDFx5GdSTmIzkSz60G2BUVh3r37XfpttS2aLEH4AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPrkwLa79YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_12udiS6pduWnFJ80bfxMl4WWwFJA%26client%3Dca-pub-4093562726260668%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 04C0 2 KB
1 KB 169ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 04C0 308 B
636 B 208ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 04C0 293 B
621 B 170ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 04C0 43 B
348 B 171ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bQ-z9t6CE6D-1zVCyUDLT1rTLHQxHCIkx1vZaJobgjXPMXTdD83t8P8EHNLCfV4Nq9WckRz2AMA4p_NADz3azsriP5n6hvF2BL3SKPPLTs65dicmUCbCCDBFMq4vmXgUW2fIvcUoysEjHb6S-q5mQVgi4Ll8NI-IuIqYsHNhecZ-fCTJo9hXVrdQSNqcgLzbIdW_oV1wRBDKHBF759bznsQOfdqvubIF61YFrWYG7-FqmTqmvA8VST8DA6AohAuxgMkc4m8R2wBnG1pppB8uFIkeWhw1coFcBrPVnqaxGzG_RUxhm6ljR90K0dlZuWXw8e2zzMFuH8jYVXE1hZY0T2TcE08GG8fzuk372aXSyjZyLGTmaRz5P2z8Xh2HS2vKgWM0J2Z0eePSqiOdtXjUVsKldkBfDDpCH-ELJYf5OO10fh8I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1481567
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1F58 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dcb4e01a9774fd19828fda118658f422ba3ed5ff2be34712bd39caa5d566e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DA 0
20 B 82ms
81ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3850275371044&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DA 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3850275371044&version=m202311060101&ct=77&x=1&cor=15131670201932646000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6DA 20 KB
14 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTk3O0c-WDZtF3y5-byZnyS1Kz6kTcp75cRjyPTGaBC6UgzG0B0ITTC2NEGaRlNMcahsrgg_BVox2c0Hfh5_KTwWME19hLle_q7KwRrW6Z6GO4AJJPYkCgUTRIm30vFKF1lpgw3I61-dtB5RPqiJPwplYr5h1kkYiemxuhYpXfWS2duFU&cry=1&dbm_d=AKAmf-Bi_7_ezxIw4fNHopHNHUjTuk5c1JDBY0OohMMhgNEUqin9_VXCrYwMGSpuCRdDg7u3XI27068MWO5FfHihP8DgE8H7gNuGVxxFsiQc1BPbVluTuLnmef0_uIjAqZ_XV4Hr9jppyRCeRgycnkS-CEv5eOXgOVxDeF0BqADMRw5T4xeK1bOSUxYAFiHPqyO2I1wG-0ND3Gx_E7n5FShBQ4E4rheSRSMnukFsFJkMOmMl7aUlX62cKKuyrsZ8ohdIn8EdOlIw-QiCzMtz8BF_pDi41ZwsJfR54OF8DwMdrxDCVlzHtRzrKL0lNRyiaFKk_VafO78gzp-KmmPj1fBzENJNy5pp5X317h3n23gs47GgJIHM2twmizEyhBUhsshshqwveJTn9NiMkDWLk76wSuUVIQPseeCQpZYuWwBTDj2EA9bGZPoF5ZVQA14WQV-RmeoGRTfJzRY7i57V446_5KoG6ELc9Z20Csjbmu6aQODo555js6CdMfe7A2IY11L21d5-3Pi46X3tzcFcJ9OdvlWzHll9GB03LvALu5Q3dnCUQroDsjrj7-TB-D_m6l37jFK-3ncs7hOpBDh4sChaNNy0sR5yiAqfe5SMtvdddOnHmnUI8Dr7jytZ-xqKptu85zemeEP649pp2_yixnNi1xBSVCL27kUx8LFp7aks6Yay98-wx9A68gRUD17TiUHVbC0b44v5qPkQ2JmzZe-dJvv0B-WCmFPqnxVcQ7XhahJbHICl4gncrkmdkGkJWiVi7pgOLQfoz0qdCzyhDRKPMJyzVIV4BoKuwBYfMC-CRPjDAj0kBYtqbw6m3qGZcQTNnZ3Hkaj3lxEnAMPYhKKMWEM3UGIgDGRvcbroXQv4Qr5r0C56heSkLIJ8-Q3vT-hCuo6-3m8yQIHUK_8YCZCaz2_jsb51AVZX06wMlADbF_w_dl0h2snz3V5zpMM859rCGXZsx5Dzhdpgi6YlIOatt-DpwLxEU9x6TPJ1DxDNyPEdcNBS6oe2Z6zwRApQxJBvDupUD7s3ayRmImmNHpRt-5nB2skO8s-TJl3E3mjVo0znSwvsiAI2yQGraDdWWeYd1LhqyLpdBfLe0qGHiUdrrpZSldvgFm-okPQgjiHXzDrXVb67HiSHHJrW-Zq8EiJc4BvE7CzvEtRW-J0HVmA1UwwTNaVxpLXeJ0-D0ukJgpjPzrKe1cKwfR3Yw5IOTGpTI35mCWVidn-YYKjk1aewowXqV8TEUC0Vn9aNoIwlGXkCJVJRT1IKT77dhUWHcoNCuXvyLmx4Dvwm7o5SzbwBuRPKFN7vksNrT-9trPT8cMWBUiJ366yq6xUjjlT5piwfCnf78uxPJOE2TvaJbfGM3LA1MzytxjN98P5nOkJ5ARQdclRilpjolCC_cG3LzxcqXAOYAo1uMXtwNofCfo-2nql9mAhTrLWkYpFAeb4hqUWj3MxpCJV7Vd4q_X3JnknGuS3768FK4X_gs-0CWTX9a7nYxItvRPgFZo2wcyKSxVHrhnVF9wNg4kmG9tr5IA7qJ9WpM-UvhHYQlesYCQpCg1auYj9TNx0Gd1nD_-tgu4OuOTA0HnH2BqiMx2h79nXxxIAJUg1tbdoJi1QH-hsEC77AOmXqdQ_3tNJnREZsjY83ivlLOc-uj2P22ay6cVR_rWtXEJijXk9oQM5WHnlTgqrmaWQJvVIsGcCV1jQaKgSAirGBNmah3pzkssmNxpqzTfxsd5GKwZn9d38lcIKLPF-PWhmMkEw6bEPn-xmJXsNHytOSB9kETniK94icURkn42BYLSCTbWGnS9cJ-cbAxkVRXDKnt4heSPtBG45xINr4nyUN7G3JMhqE3JMjaB6F_Z2Km-nQQ1zzEUc3O8I_0ISrpZqgSsC7H9of-UM6nQfOGED3GOMuxwf436HKqJqHkddwssrYo8BEbCPdRfmrEyJmVgSQrk6U8Td4kPobH-dhL_E3OA_2LZCQYRUtqipthA11aMGa7IPH0Pz-PsNUG8P8wdg8gsbY3F1FvUkP9OVtE_cSIVcJ4dLtt_ldhDrwLGLWi4bkb1j9APdxuGbbemVshLNdyO3tteHt6_03tOD9ejW4IzGRyI62a8XssYfU80MPXmPaQa5jnE2Ym1asN_L_iSzNPMb-lI7a1hgKM4gT_YlriMW3gyGfKeKMzOmFVoLZq4B2ttDSHWC48OXG3OMdBaBHa5mJCCClVYCZ3zTfOIMxXcYjtei9pYaKuBHJSlfbXFvz45Q8UzKb0cQHZEnCHo6a6DRyy88rQqIQkF0-XTB0jyZoDqrOwFAOb1T9JDZJQIfUBFEQF1ip3cb4xjrNZj_siswvn2whp8R_7881HmAmvw2_Smu8KD1drRwWQmAtnF4ZkdnXurbFOnAZJYLn4OdW9xp3UDFNtsZxE3qbp0LtxXU44pdyaPQKBIOIchXQEmjWcUkQ5MTGMjk5mmJ_thZrolGPFJhLmWGmgX-jwtA1sq5eUjZShCxt84iO2feSGrKo0Z9Mx5nozpftNMQk533WkOLxiValrSqibk87Vl2Pfu7WtDnpPNVnZ6LlugYdc5nOugyAv5ipzpjSFhKAA1pSGXKAxB58fsXj6uxqLqnxNLOHHT1nexivV1LHgtcC9WJPXo_0qBv6KqLpJshOcpwR9F6HFG2hVy82m8HbLcRz9-1YURmAopmT2DjKIns_8ky0O9qn83WOaSzT14yeVXWMRxJpHseEJBQ1-_qx0En3H7-55T7yJjuwyVCV8NpA9WDGeTzX1-i-qXJzOhJaMF-gFnxxJJiYaHWdwF5i30DWo4pHL3avRRUFare9NsnuWGDAm_C4GrUFWAtyzPwnor_YvHFULwGBGkIz-hW1fPGE8jwdGRDdVa_w1SucVRCrNt6LzTZ9Bcpy2Rgm0HBJZfdwXXY4K6ts4zS5ci2QOv-WlMdLrL9hIf_aPBiVq7WI-rMHF2FhzFqm58t7CP2D9A2Qy4pWvBpqwFmgJhjdF-_Ba6IBoKPPC-VIC1zCgJhghyG7NsHq3-WdLOjZYWOhbvz7sAfzOMopqxvfDexwNb6wa7KIZgikbQta3Arz1HqQf4yvKHvFciQAEizTN-ArQrZebKt6IwDkw0vhClUhBa9g_epofpxqv9EtNStQdsjS8jVwCE_sNeKoxpd-Wirp5_SHjsnSfjlzvt2pY39k_HZcUktfN0H2b96gjGyKT7Kcx6-IJPNs6ebjQ6jW1NH3UywnCnm2Ia81dq690NuWi2w6XvVbQuuvsdDZ7cuAtZ2IdSxUoU_201Ce8mISDJ6sC2ujEuthjTLa43Tqs5XBNLnXl35IKqX4W9zkBtdTdN3KdOQJe4ivmpQ9Ws9VlOUu9YY2JqBWYVWGPMs1wXkswgUb88uir9VuPvZhLJLOputkYfoct4Qltf-tvDY7Ta_n9XGZpz0wzAbnqbIl88me2HcnFRNxFgIjFlNznOKpMMuzwUo_gtiCOkAlNgEOxwtOIycr7T862_COgxK4-MUki9V5PxaQb_vMJhuoJkrKf_0QgX-KBZ7SQBFHW28Zdgruxk1pECTiEDsfeG9sLldTjh121ko8jdP-czgkonvmxJs8KfYWiDHBB6CfU9o5RMtH01YluMxAT1aRvCvTmHRJQfbBZdyhM5or0tpcvzjtxiYZ7yJyWRbiDzQLc3sOf6L-rX_yeG5KJrsDYFmYs1g_jwV4_eU49w2UIFFsimmW8Z0SOPPdvwXjxUOgQmrp9TPn4NwB2A8R7-ClO7GUEnavD-2hPmgYijtksVK-pfmNo63i2LPW01s3hQYMM9SLJ-tAzAvO5u6U_EYFqf1R6XIUumVOhRA&cid=CAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ds=l&xdt=1&iif=1&cor=15131670201932646000&adk=2124396030&idt=187&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d541f459ebc6d4b3c66945190e6589373eb8aee13964ad7af5d49e47f7261c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 14AB 215 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b337c1de66f6c4b290ec70e1329a155ae9faf315fb35eaedc180198c30efeef6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BB67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

43 B
340 B

70ms
69ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNVF1drv71gR8kdAX3exTi5DUYYpKeOoShpXPpxxcq6qM7CfSc93obpNOMAkAgkfWbRIDru-A-UbJJL2esQwEIoJs6oX1i4f9-mt31Sru74AwvGfsXPh3ZBfUtSw2bS6yvAN1qvLUpqqebjPfY02q75ZZJtgGmoI-T5ZG0snXJWMTMDVKME
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi2uQPPyoLBKHbd5bWzogCvmAjHukMvv43H9%2FGDtDVKaHuo7UnBqHDCZdU6B1ijMwD01i2%2BFxkYssJFsXrvQBTVBFb0dI13AbM02tGEnm4l%2F%2FRM4Q%2FXmJKbctmvfkfenoua7kgTunYSS%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830302379bb22675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BB67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW2bSyzyzTdQVfDq5Wd23QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1

43 B
739 B

99ms
99ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNVF1drv71gR8kdAX3exTi5DUYYpKeOoShpXPpxxcq6qM7CfSc93obpNOMAkAgkfWbRIDru-A-UbJJL2esQwEIoJs6oX1i4f9-mt31Sru74AwvGfsXPh3ZBfUtSw2bS6yvAN1qvLUpqqebjPfY02q75ZZJtgGmoI-T5ZG0snXJWMTMDVKME
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbzLuaa0DCnPcwRygwiV%2BQjXLySyMny19rM%2BIr%2BnacsseBogA%2BwEv1JXXCMf%2BtrIJIo7VRPbuB3avu8ZAmMLDUmjpXnP2QmXAwV0C61GpdoHHHKD%2F4Lf3dctf2k%2F4ju2oZR5HbkOJGPBCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830302387c1c58f0-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOl5HE5Cu_Ux89eZC1seCVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BB67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

43 B
840 B

39ms
39ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRDz7F4Y7rfixwEwAQ&v=APEucNVF1drv71gR8kdAX3exTi5DUYYpKeOoShpXPpxxcq6qM7CfSc93obpNOMAkAgkfWbRIDru-A-UbJJL2esQwEIoJs6oX1i4f9-mt31Sru74AwvGfsXPh3ZBfUtSw2bS6yvAN1qvLUpqqebjPfY02q75ZZJtgGmoI-T5ZG0snXJWMTMDVKME

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
an-x-request-uuid: e8e69034-fc7f-4774-9e45-28d37e34e73e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUtIgdmacIZh0uvDRYT0o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB67
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
an-x-request-uuid: 9fb67db5-82e6-4d70-9545-b2bd88a0a716
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyOTEwMzUyNTcyNzE5NjcyOA%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 04C0 12 KB
6 KB 135ms
80ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 04C0 26 KB
26 KB 216ms
131ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=290&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=324&rid=4&s=dgWkLVLws9Xaiu17fEA436Xn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fc7aa163c9fafe2b63cc0b1b8d42a13ab2eaf71bb412d1a2621ff1c5b0fb6381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 26811
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 04C0 8 KB
9 KB 194ms
109ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Mon, 04 Dec 2023 12:47:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 04C0 14 KB
14 KB 167ms
82ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F13172_102.jpg%3F1651143890_2&v=3&w=800&rid=4&s=tr7gKBTDV5ORjmPqmE_EjVeN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1b502fd23113bb7e1be74c1b7584639b438f6516a8477a63e134bdd349756870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14268
expires: Tue, 05 Dec 2023 07:16:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 04C0 16 KB
16 KB 183ms
98ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Mon, 04 Dec 2023 21:55:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 04C0 0
128 B 139ms
47ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=lKIAqKrDBRRg4yfs-_WUB_2mPonZDYFPuZBVzXvgcsKngFj9Muh-sLR6m8yqmL2DPZFlDDq2VfhpSoG5YzDaAwXpsQbzqhFVs9YU_DMGkLOEs7RxFhEr1qdRrp-MyN9yUxsDc6IYieriZXf1Loc9y-mD_6RbrcaGv7yjyVAQ9SRksMKtErX5H68CfjIfrFChkEoGzg4kDlQGnBLWke3BQKQOCzPcMyxGCAhFHfv_M3763t5yTllBvk-iSqU1csl6CI111g&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 04C0 2 KB
1 KB 85ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 04C0 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14AB 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFIMNSpttZfuUKveoiQbJxLXoCMme0rFc9ZHevrEBwI23ARABIABglYKAgJQHggEXY2EtcHViLTQwOTM1NjI3MjYyNjA2NjjIAQmpAocWcjmKQrI-qAMByAMCqgTTAU_QQE3ZVu9jJKE0mpRtJVIuyOxVAUZd-Wji2vy4qFCh3qj7oKOneVrOeedhk9Z8a284aWyDVwnvJZfwCnflp1PG4Xjkrurn_amoQJhprSaOsaneqRBil3ykatFOyLj-7XQvXEYqasv1dXonabYhc6bBIQXiFQWt8ugGRzsgR-2Ik2-QbUvAJ68oJ5nchheS4YQ2Scc-rGh2RZS7aRNuN8Ga5mH_aDl4a-PRmyVhBfcTsDQEP50FJlwIef-Jkws5hvdndjoNiwzG6Ad2B1HcdAJG2iKABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljHwsC2u_WCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDkzNTYyNzI2MjYwNjY4GAA&sigh=-5p_1Je86_g&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNH0j7LapDgtDCKJKPt6wIA7tAKK1ORE7aoi_4vpxlPgDWUIGgPyXWfMgzC3y5ompMIW9DjtLmDds7tnURb17ZQeBuMvuW5CuPQlcYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=450&slotname=1812150678&adk=251077296&adf=3380724228&pi=t.ma~as.1812150678&w=450&lmt=1701681994&format=450x450&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=327&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 14AB 0
126 B 152ms
49ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RMIDwgOdg2ICAgAAAH9pcbxxQIpWEEqbbWV86YXMMX6dty3HAAASAAAKCkFRVUJEd0VCRHc&wp=ZW2bSgAKinsKwlR3AA1iSWRaf06fHvxQka74AQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 198322
server: Kestrel
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5973 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5557012472593&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5973 0
20 B 78ms
74ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5557012472593&version=m202309260101&ct=76&x=1&cor=5707607431721159000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5973 82 KB
38 KB 93ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgm1P21S06ZRpGDf_zl-QVLbxFUlZNeUFrtKki-fULj2VPK_VxXXZv-1pMO8SaL9DS6bQdija6llxJDaZNqEkyFjHgyg&cry=1&dbm_d=AKAmf-DgEZzdf6Uolo9QOJt2gVL_86-7hiFNaOghDcF6tvv9Q6Hi6P2mMv-arhu9snjV3_QC3m9Xbk0wNDxs18ku2PskM9qyLa9Ivu3Zl50ZNPprfpnKVde5F2RMRBj9Kk0nk0Vg7ExkDA73vIcLDFQduzGESE0BU-K_RM3zvkSFvjM9iLJ0cynABuYPu6gzcVAWy7pq54w6nrdQglqxlJDeBnyNqmShpDBG9udM5jqiwjDuiW71xiDlEUcbSdOzXxwUlKbqmdPAfaTQTyBn344pK7shSI8w65EOCZgKYp2M79nNdpJwPeqAxHzi_g5Ni8s-T-yVqPFWis3Mybg4J4YnyV-bCJeoWW9FOPcK-xD8GLLllRoSYf6J31DeA2kDtXi3_cGUmHuzdYTm5IM1t-ykY4dnWGt5E4sFKtGufj8UqEKJKpM29bpik4-KUKjz7KTWfQTrjaWMlUiWzcuFhfwut8lPUgd82sSIUe81E_9cE_eSXdLmbCNODmnrow9g_hV_wFSSr73V-ocG00OK6TyhuSGfa_GrJ8iLjys404s_1d4MECNU4FsGOL-Tsun8GWDZ_urW8a0NW6wLnI0xy9WfdlVec9OTb6owUyqjBhQPsBEbc7YLsoEBT8PNPhqD5p9fdqCf4qXzvZ4Ns7j-loPrGREEaU_bpvOfy4K9W6bOhzN01ygtaRIporX5CMQrAyT7rli5Rr0VAA80dziqgaNcLlfL8oAqsmmfX0Mws9ajuul00bGd87vk5dlfmLwObgPP7jcYWrUttoYYm2MGP86dZVOniQl3hTgS-94vTFdg-1CO6QZUp4i3OGUfs2DsnmsY-DOMApSmjhpsFOufTF9qqvy3nwOwpe-bx57PUenQ13DpbmRjR2OwxscpHVRQ3uG3uw1aMEP6_sV_wI8b3O2uAC-XyzAOtXCRVCxMzfI4kSJYQ5yq7ttWit2RETedyhGGihylO2nCCOGD2LUHDB3BPxfvIJwUy29JXEUR0dSzLAMYrbMxyYie5U3Nm8WuMG-sY5cxq3cChr8kdRB34xwid4LoqOfzHa0vjo4o3hwmZHG_u98dTjV_RQcDZ-QqnpSDLJEM8EytEDDnTefnC9mzfRsMueG2MrvsPPyxXzKs0YyL5vYUJWA9UOY3P5rpR9BDgD-dT_DYfLjx_MXKQEmMkEHBl8GDK_ejtRGEpHKyZFpMhDFwL7zXbtfB5CkcKlUs3aarmXCWdKUB4CczQzeKIXNxF5wAVVLyFaNP1tUqX-hwwasf9eNUWgXs7Em9dfjA8HpQnldkEKAPAf5uELkw1Zf9h0xcS9-hDlha9fvNg6BHPO1kvsriNgydBFBXBVP0_jpB0djVyix_xaZGfxwdDdnE9q7zqcqEr7rHev75u9XRcO-X9r7SrcDU60PXbsqiAMukurWiTxdlpsrlvdPf0tfTHMckXsM_S6DRw9xn018ZoYvCKRBLOZs1FxBXRVgWkEGJCH4FgSPD5VNv5ildK4qZls7i7ZYWY7ShcEAT2QId0CAPdJ66wydFjMKy_scoR9K94oZM60_afhvyU3gDD3nt1EF5F8IK5YfGiJt1_XzrEY7Bf3cyE1kKtP86-xmslES6VWt9qnmFTqtssjwtirr1A_33op0TjHfgUvFs6C3fOEq0jnWtEHmIX7jjlDtvoQcVfhqcjGF_DuEHbn7dGE81zbHYLR-jTjuaY2bKBuwpCzxoWrv7e4bIFD5Z68NMp29cakbYaTekPxxdnblYZKJtS9xN09nnZM0BpRFRLaKFWSkUeBWEepMewyYNMWlYfftMDrZ1Z0T-4f1mWBZVm6gRYXQLi59TzpqUjorm0rL6guk1TLioLyLQHGKH3pOM_SSfau5f_Yc2iPHpMEFhHphWqpvQLhP2uyyvB5CQLFINbeTlUc89lmn2ie_ZxqEaHSkjdCkebaLUtdTbHPiaOw9B5VtXD5Jjr8vQ0T-OB4uSq9rdqQNiBTw0vmY9SnzkebRQiNj185O_fUCM3fUzqRooM-Bkvfu1EeuC0CGG7oxNPVfWE8GQIitHtBGr8NX99IgdJSEIb-UaE1uBNmjzGPhg7gNqQkMEiCJ0MgGwoL14TShlpBWJOZL7NLGkVCG0hq58j0qvvBWok3d4k8ekauI1cVx5TK6WE-I0_wV6YmcHIk4yWD1H94C9EYrSFqNyIIWhoEpHIYg0CwL7wpqD8ghTizAhoJ4BaQg2qzUVVSQTAEYYGipoqe4YrCd8D_qz8ANJ3MVVyZUsX22YNfRceWSdwoD3R8Qf55qo9IBHSRLHwUE217_xi4zrnOYPCIhiJVshMjmil3hclwKclLDeXSGbaJMiJpMe5-31Ikg5t2inzcjCB9SYemuKVF608i33-9l-aIlSfPpnH8ZCLhfr6KBLQ2jfrTqOUBGa1xmCDQaWRJfgGDXCst89NKTUdsRh5R-vxFhflf0gi_HKq_M_53CZbt88iop5mi4Oi2mr0gnTZyZKNvKj8-ClNECTeMgspl-drtjpPC5ruFUd2KS-H66dlOfM2NMt4lEvY-MYGY94E94yDyxgLk2eYIf565-oSYCdN2r-nut5QjYKoPszXcoxboykXosHPzj43qrN5QC9nqt_IIpx-sCYqQstGmbDd1JTKicqlGMjeE3VKhko-jvVS8fAs6yyAHa_dpWjb9aKdQafrzjLdZWs981433_dnPfaa0RL0Lg6xrOL0WykmURhNbVvI1Ok4Zf7qNZj9zZlRrPDmOtw7Jgcbd5gYGCXtDt75rnfz9XHxLVEClhvXOT7Qz-2dEujgCYvBMAqP1wpV6t2JVCyOxq79ueLaoLzxCCJvq2_kvyY49HobcxFmO_Eg3_JL48dLnv-jjNcf61CLcyPYj0OKjUl-65zwg2g7Lvq8Prkb3D-XtLIzTmWQ0qDjx6MPIp3-yvX022pYBhxqYrk4zE8ojkxsJS1VSmT1h_xpvaGYRiuzskJzUfQnbt30jDvD2GNT58bF5gVsugdN9jjjgjQHenUKs9sKX2a3E0O9DBv1IuepYBsXPzcwfXK9FTru8zOairZdYKxIrMTovQmPBSbrbRw9oViuVc6VAuWopu48eYpNDAY7jXMn4kuV4JW84VLpYof7RR3FbYsL2vc5hPZwRgdIO__vwfh5x-wEAris8D95fBmzSTzYmz3KaTgqAoWwzFHK97Qn6NL6RXTDvYcXN7F28oLAfbIA01qH2hd6_aIus_2verK51IkR_LdupTgcZKd-Mpbqs-jvQ0s0rm8MZrCJsxPncW0XjjETQieS9lZcZGYcxBmbUG2h9epMYsXYOWyGDQcezLaGN3wOU1Mn-gJoMuSq2snetkdRdbfaeiBPS3Nnk8FHTQUIhUZ9mqYqGzuzkJ4w4vfcW1pAZtYUCqq6dkUwz9XHUuRbjckyy8YFyB6nXTosPhuuuJx1S_3mmw3wGA7M9-tijFXNqmccKVeUkDK-eMOI7LxQND94Y7oW4P7aKf1R_smwJ9qsDmfpiLav-etD_1I7LQ3eZot0ifOWXG9dYpXtMkJxezC17bvzslzDwQsLR9fjxtXz6j29gJnI5gsr9JqSE5u6yLij5m9eCtg5sFqmSVBe_LQ&cid=CAQSTgDICaaN5vitcX4wSG1Z45ePp6bbSaDb8oVxH6gwJTYVtn6jvkH3lvxO2x-fhRDHq2Kd8czKvMz9NAB7e3No0Y2_yIqCrkTWCLKFt3LtABgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ds=l&xdt=1&iif=1&cor=5707607431721159000&adk=3047537735&idt=138&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9a60cc4f3434cc354b2b0cb1b9192d5d7152933c052a09bace35e8bf4d5840b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=250&slotname=2929667514&adk=3896112180&adf=3928351752&pi=t.ma~as.2929667514&w=305&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=305x250&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994318&bpp=1&bdt=556&idt=370&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450%2C586x147%2C300x600&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=957&ady=1658&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&btvi=4&fsb=1&dtd=371
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38535
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 75F0 2 KB
1 KB 49ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW2bSgAKinsKwlR3AA1iSWRaf06fHvxQka74AQ&u=%7CCUBL%2FITgtJelHn1cNtwq0w1cwmen5r5L%2BhxEbZel7XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TzLGUxQmyfiD-kUH1bSDx2cHw3-HxOzIBOwasxEquTz73QoL9kyNUNZYgNEVcErAirme93aI2W2Fdn30hhc_FrHXIPOYYbC3UzR2Zn5_ZUQw-LV59L458E2EAS3WstGATs3cahIwIme3-wqPc5gr3zwZ28S57r40wUQ-aQ3NS0b_hPYfquMhhVtqp7d6BbX0SM7ti2OPZyPdlVyjDuVsLRBxBPwrlAAJkBgrScXW2wIQdLR9w3SyS1B762_J8SYW4z-dgsuB8emlcwTNHpDFlceMxKgp58q6lNWFvEBHYnr-oaQK4l8t11fZKiegUWgaIMstqbqgvkulHlELp82NLT9ZrPM0HVeceA-JZIDkbKVSPkxIq_Aycvpi7SOTLqmxkT4rmt-sQxzwocWrGMXTOg2AG46YV0Cv_zrAMIPCvHuqKSznC34VZz391lsijiXnJhhSqVWi2if8laPj0Q8q7eGDgZgFqEbTHRSGjGigMka5RQbPesZqNMnGwc2_JOouGw1fF4v3Wkzp68g8kdtRAXihKlcas2q8kqeWuu1Bf9XUcBHkjrh8ItE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCno6lSpttZfuUKveoiQbJxLXoCMme0rFc9ZHevrEBwI23ARABIABglYKAgJQHggEXY2EtcHViLTQwOTM1NjI3MjYyNjA2NjjIAQmpAocWcjmKQrI-qAMByAMCqgTWAU_QQE3ZVu9jJKE0mpRtJVIuyOxVAUZd-Wji2vy4qFCh3qj7oKOneVrOeedhk9Z8a284aWyDVwnvJZfwCnflp1PG4Xjkrurn_amoQJhprSaOsaneqRBil3ykatFOyLj-7XQvXEYqasv1dXonabYhc6bBIQXiFQWt8ugGRzsgR-2Ik2-QbUvAJ68oJ5nchheS4YQ2Scc-rGh2RZS7aRNuN8Ga5mH_aDl4a-PRmyVhR_UyIrSX76Cj9nvS9d9gNwUejEFtWCKPP8T7TvXJGX3E7MjS-stUMwGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljHwsC2u_WCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0xPbKEhYL6bqwHIr0QQtx2tXxwLw%26client%3Dca-pub-4093562726260668%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 75F0 2 KB
1 KB 89ms
84ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 75F0 308 B
636 B 50ms
50ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 75F0 293 B
621 B 50ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 75F0 43 B
347 B 43ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=V4PeG96CE6D-1zVCyUDLT1rTLHTIYwYvTkZiw6VNOOKjfe-xnZ9JVWXfAHdWThxQTJ5TLfxPKAGUjGi3FI73Qpp4cecUWIsXLaxKwUX1MRB4Jku7z7QmPu4KSuYu8kKPALEBqr96C9kJtWlkFIo7L0eOKDYVicrOgouUOWdxdHxj0n8JXa62TYzUrNmghvU_B_UrU2eqnnZZokczGN-KNjyu1TCLafFt96m-fOgu5EqDecpuNP8EmHJYU59Kzs3PJfvntBGlPCF37ak6u-x0woaOjQqtqErSGF78gnRSTMRj7b7g4A2-cyZmfuM2PFdlcFgI0DuKN4FuCRGBiEgH6GZorXO9bcw5mqnNgRjHXMZl7tobh6tUbpkIrGF0SEwILRj28wXChkuofssF6wRXwmwNWILeHfR98eHDPjoJKFngxu_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1711123
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 75F0 12 KB
6 KB 47ms
45ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 19 KB
19 KB 132ms
129ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=226&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=896&rid=4&s=lUZlghqlnuDggAAW2TVC8Bx8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb4bae683b1332864269cbd633e0d54f747355d301a094bfd470b9fc30199222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19142
expires: Sun, 03 Nov 2024 04:28:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 10 KB
10 KB 120ms
118ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f844a694de00e43f374e97c780f362c274bd6084665c9d7a523250054b890300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10210
expires: Mon, 04 Dec 2023 12:47:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 15 KB
16 KB 118ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11243_102.jpg%3F1636726245_2&v=3&w=800&rid=4&s=qWj9cjV26ahAFgWh3PQ3QKcO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ca0df17605a8a90a730027689ff9ca0914e193c93723a0ecaa741c76cb02862d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15784
expires: Mon, 04 Dec 2023 14:28:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 10 KB
11 KB 140ms
138ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F4123_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=EMf7Q7icODySE6pGeqSq5Vg9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

68af3635b0864e3ca5567570ace0d6bbd54e363290e31f5ad4d821b8ad1ebb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10566
expires: Mon, 04 Dec 2023 21:55:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 6 KB
6 KB 152ms
149ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F4125_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=EapG4PVYuphZm9EPyITMTTrV&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a2aa2099ba967564f7feae45cad5677b7d46cf98f6c1b13b60eca289e04ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5646
expires: Fri, 22 Dec 2023 22:14:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 15 KB
15 KB 147ms
145ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F5413_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=TE_lzCSHaTbV33ZphnFmc8vk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15302
expires: Tue, 05 Dec 2023 05:58:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 15 KB
15 KB 157ms
155ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F5414_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=kEj7Aws3MI4zCzQ08DkTd268&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c9cf4b8fc6aaabce3465eb341972870714d73b3ab82f6b48c24e70a29b4db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14902
expires: Tue, 05 Dec 2023 07:50:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 5 KB
5 KB 167ms
165ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F13428_102.jpg%3F1652957983_2&v=3&w=800&rid=4&s=OE7JFAjfcngfDaHSWyeT6-zi&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c8a1c6175ebf8c196ef21fdc80868ab33ead86928b41d24f49e31ce57c077a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4990
expires: Tue, 05 Dec 2023 14:54:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 11 KB
11 KB 181ms
179ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F13425_102.jpg%3F1652957930_2&v=3&w=800&rid=4&s=0Vf71Ghpgp1l55fhXuQdO6ie&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6bc63482e03a6f6ddd5fbfdb972d98188e9c047bc8e5dd11f676abbcb660e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 11286
expires: Thu, 07 Dec 2023 17:14:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 19 KB
19 KB 173ms
172ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19086
expires: Mon, 04 Dec 2023 21:55:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 12 KB
12 KB 161ms
160ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F2206_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=-1CfDmjq-O9CAaAbn13DmNYH&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

123478b8062bcb309e1e6ad36ad858c791d2e0a4bad96cad49a5076c0ceb4b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12028
expires: Tue, 02 Jan 2024 04:12:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 15 KB
16 KB 156ms
155ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9735_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=dHddWO44f3udNnFDXxVPIn73&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b5fc58c5f31dc2b90a6235d6c6063c6936509ba2d0512986022ef57673c55874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15756
expires: Mon, 04 Dec 2023 12:24:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 75F0 15 KB
15 KB 167ms
166ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F9736_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=096FPShgvu72rc3bFXjCLtih&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f4f9fbf78738ce71faacdc281ed16efc78b3d5076469b63bcc476ca68ae83e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15336
expires: Mon, 04 Dec 2023 12:44:07 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 75F0 0
127 B 46ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ETmXxarDBRRg4yfs0D4byH0QhwZ6geFm5dGt4ulBcTxJHHUdO_eMEa9GvEh8F1WZ8B-gxg_rNB419rGwdKUDjQ3BPTV1-Ra6iEVwclFrnPajNG9crgNCi93XBF1A_z9AT5hrG3I1HSQ8ZxCYvTUDF8e72vrGce88HYnT5lvme2ZrfMl4UQxoDWQlPufmDCjSQg6UW_HaC4PHFheQbZvTvbRbs4D3GfgMZMWRRblJaVaal19IgT_AeBBOmWUflkT3VfP3HA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 75F0 2 KB
1 KB 44ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 75F0 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 09:26:35 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 2701 9 KB
4 KB 44ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 8A39 9 KB
4 KB 44ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame C4EB 9 KB
4 KB 42ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 780C 9 KB
4 KB 43ms
42ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C6DA 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTk3O0c-WDZtF3y5-byZnyS1Kz6kTcp75cRjyPTGaBC6UgzG0B0ITTC2NEGaRlNMcahsrgg_BVox2c0Hfh5_KTwWME19hLle_q7KwRrW6Z6GO4AJJPYkCgUTRIm30vFKF1lpgw3I61-dtB5RPqiJPwplYr5h1kkYiemxuhYpXfWS2duFU&cry=1&dbm_d=AKAmf-Bi_7_ezxIw4fNHopHNHUjTuk5c1JDBY0OohMMhgNEUqin9_VXCrYwMGSpuCRdDg7u3XI27068MWO5FfHihP8DgE8H7gNuGVxxFsiQc1BPbVluTuLnmef0_uIjAqZ_XV4Hr9jppyRCeRgycnkS-CEv5eOXgOVxDeF0BqADMRw5T4xeK1bOSUxYAFiHPqyO2I1wG-0ND3Gx_E7n5FShBQ4E4rheSRSMnukFsFJkMOmMl7aUlX62cKKuyrsZ8ohdIn8EdOlIw-QiCzMtz8BF_pDi41ZwsJfR54OF8DwMdrxDCVlzHtRzrKL0lNRyiaFKk_VafO78gzp-KmmPj1fBzENJNy5pp5X317h3n23gs47GgJIHM2twmizEyhBUhsshshqwveJTn9NiMkDWLk76wSuUVIQPseeCQpZYuWwBTDj2EA9bGZPoF5ZVQA14WQV-RmeoGRTfJzRY7i57V446_5KoG6ELc9Z20Csjbmu6aQODo555js6CdMfe7A2IY11L21d5-3Pi46X3tzcFcJ9OdvlWzHll9GB03LvALu5Q3dnCUQroDsjrj7-TB-D_m6l37jFK-3ncs7hOpBDh4sChaNNy0sR5yiAqfe5SMtvdddOnHmnUI8Dr7jytZ-xqKptu85zemeEP649pp2_yixnNi1xBSVCL27kUx8LFp7aks6Yay98-wx9A68gRUD17TiUHVbC0b44v5qPkQ2JmzZe-dJvv0B-WCmFPqnxVcQ7XhahJbHICl4gncrkmdkGkJWiVi7pgOLQfoz0qdCzyhDRKPMJyzVIV4BoKuwBYfMC-CRPjDAj0kBYtqbw6m3qGZcQTNnZ3Hkaj3lxEnAMPYhKKMWEM3UGIgDGRvcbroXQv4Qr5r0C56heSkLIJ8-Q3vT-hCuo6-3m8yQIHUK_8YCZCaz2_jsb51AVZX06wMlADbF_w_dl0h2snz3V5zpMM859rCGXZsx5Dzhdpgi6YlIOatt-DpwLxEU9x6TPJ1DxDNyPEdcNBS6oe2Z6zwRApQxJBvDupUD7s3ayRmImmNHpRt-5nB2skO8s-TJl3E3mjVo0znSwvsiAI2yQGraDdWWeYd1LhqyLpdBfLe0qGHiUdrrpZSldvgFm-okPQgjiHXzDrXVb67HiSHHJrW-Zq8EiJc4BvE7CzvEtRW-J0HVmA1UwwTNaVxpLXeJ0-D0ukJgpjPzrKe1cKwfR3Yw5IOTGpTI35mCWVidn-YYKjk1aewowXqV8TEUC0Vn9aNoIwlGXkCJVJRT1IKT77dhUWHcoNCuXvyLmx4Dvwm7o5SzbwBuRPKFN7vksNrT-9trPT8cMWBUiJ366yq6xUjjlT5piwfCnf78uxPJOE2TvaJbfGM3LA1MzytxjN98P5nOkJ5ARQdclRilpjolCC_cG3LzxcqXAOYAo1uMXtwNofCfo-2nql9mAhTrLWkYpFAeb4hqUWj3MxpCJV7Vd4q_X3JnknGuS3768FK4X_gs-0CWTX9a7nYxItvRPgFZo2wcyKSxVHrhnVF9wNg4kmG9tr5IA7qJ9WpM-UvhHYQlesYCQpCg1auYj9TNx0Gd1nD_-tgu4OuOTA0HnH2BqiMx2h79nXxxIAJUg1tbdoJi1QH-hsEC77AOmXqdQ_3tNJnREZsjY83ivlLOc-uj2P22ay6cVR_rWtXEJijXk9oQM5WHnlTgqrmaWQJvVIsGcCV1jQaKgSAirGBNmah3pzkssmNxpqzTfxsd5GKwZn9d38lcIKLPF-PWhmMkEw6bEPn-xmJXsNHytOSB9kETniK94icURkn42BYLSCTbWGnS9cJ-cbAxkVRXDKnt4heSPtBG45xINr4nyUN7G3JMhqE3JMjaB6F_Z2Km-nQQ1zzEUc3O8I_0ISrpZqgSsC7H9of-UM6nQfOGED3GOMuxwf436HKqJqHkddwssrYo8BEbCPdRfmrEyJmVgSQrk6U8Td4kPobH-dhL_E3OA_2LZCQYRUtqipthA11aMGa7IPH0Pz-PsNUG8P8wdg8gsbY3F1FvUkP9OVtE_cSIVcJ4dLtt_ldhDrwLGLWi4bkb1j9APdxuGbbemVshLNdyO3tteHt6_03tOD9ejW4IzGRyI62a8XssYfU80MPXmPaQa5jnE2Ym1asN_L_iSzNPMb-lI7a1hgKM4gT_YlriMW3gyGfKeKMzOmFVoLZq4B2ttDSHWC48OXG3OMdBaBHa5mJCCClVYCZ3zTfOIMxXcYjtei9pYaKuBHJSlfbXFvz45Q8UzKb0cQHZEnCHo6a6DRyy88rQqIQkF0-XTB0jyZoDqrOwFAOb1T9JDZJQIfUBFEQF1ip3cb4xjrNZj_siswvn2whp8R_7881HmAmvw2_Smu8KD1drRwWQmAtnF4ZkdnXurbFOnAZJYLn4OdW9xp3UDFNtsZxE3qbp0LtxXU44pdyaPQKBIOIchXQEmjWcUkQ5MTGMjk5mmJ_thZrolGPFJhLmWGmgX-jwtA1sq5eUjZShCxt84iO2feSGrKo0Z9Mx5nozpftNMQk533WkOLxiValrSqibk87Vl2Pfu7WtDnpPNVnZ6LlugYdc5nOugyAv5ipzpjSFhKAA1pSGXKAxB58fsXj6uxqLqnxNLOHHT1nexivV1LHgtcC9WJPXo_0qBv6KqLpJshOcpwR9F6HFG2hVy82m8HbLcRz9-1YURmAopmT2DjKIns_8ky0O9qn83WOaSzT14yeVXWMRxJpHseEJBQ1-_qx0En3H7-55T7yJjuwyVCV8NpA9WDGeTzX1-i-qXJzOhJaMF-gFnxxJJiYaHWdwF5i30DWo4pHL3avRRUFare9NsnuWGDAm_C4GrUFWAtyzPwnor_YvHFULwGBGkIz-hW1fPGE8jwdGRDdVa_w1SucVRCrNt6LzTZ9Bcpy2Rgm0HBJZfdwXXY4K6ts4zS5ci2QOv-WlMdLrL9hIf_aPBiVq7WI-rMHF2FhzFqm58t7CP2D9A2Qy4pWvBpqwFmgJhjdF-_Ba6IBoKPPC-VIC1zCgJhghyG7NsHq3-WdLOjZYWOhbvz7sAfzOMopqxvfDexwNb6wa7KIZgikbQta3Arz1HqQf4yvKHvFciQAEizTN-ArQrZebKt6IwDkw0vhClUhBa9g_epofpxqv9EtNStQdsjS8jVwCE_sNeKoxpd-Wirp5_SHjsnSfjlzvt2pY39k_HZcUktfN0H2b96gjGyKT7Kcx6-IJPNs6ebjQ6jW1NH3UywnCnm2Ia81dq690NuWi2w6XvVbQuuvsdDZ7cuAtZ2IdSxUoU_201Ce8mISDJ6sC2ujEuthjTLa43Tqs5XBNLnXl35IKqX4W9zkBtdTdN3KdOQJe4ivmpQ9Ws9VlOUu9YY2JqBWYVWGPMs1wXkswgUb88uir9VuPvZhLJLOputkYfoct4Qltf-tvDY7Ta_n9XGZpz0wzAbnqbIl88me2HcnFRNxFgIjFlNznOKpMMuzwUo_gtiCOkAlNgEOxwtOIycr7T862_COgxK4-MUki9V5PxaQb_vMJhuoJkrKf_0QgX-KBZ7SQBFHW28Zdgruxk1pECTiEDsfeG9sLldTjh121ko8jdP-czgkonvmxJs8KfYWiDHBB6CfU9o5RMtH01YluMxAT1aRvCvTmHRJQfbBZdyhM5or0tpcvzjtxiYZ7yJyWRbiDzQLc3sOf6L-rX_yeG5KJrsDYFmYs1g_jwV4_eU49w2UIFFsimmW8Z0SOPPdvwXjxUOgQmrp9TPn4NwB2A8R7-ClO7GUEnavD-2hPmgYijtksVK-pfmNo63i2LPW01s3hQYMM9SLJ-tAzAvO5u6U_EYFqf1R6XIUumVOhRA&cid=CAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ds=l&xdt=1&iif=1&cor=15131670201932646000&adk=2124396030&idt=187&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY4MTk5NTM1OTIzMwogIHNlcnZlcl9pcDogMTcxNDc1NDI4CiAgcHJvY2Vzc19pZDogMTU3ODAzMDg5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame C6DA 0
867 B 171ms
77ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTY4MTk5NTM1OTIzMwogIHNlcnZlcl9pcDogMTcxNDc1NDI4CiAgcHJvY2Vzc19pZDogMTU3ODAzMDg5Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNzk2OTY0MjU5NzgzNDI1MzkwNApkZWJ1Z19rZXk6IDY3MjMwMDM4OTc4MTA0OTg5MDQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNTk3NDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMjMyMAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x7986be02ed25840e0000000000000000","13":"0x280728e6e7cb7d6e0000000000000000","14":"0xd31bd2fd9eff20050000000000000000","15":"0x620192f7bbc60d660000000000000000"},"debug_key":"6723003897810498904","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"17969642597834253904"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame C6DA 11 KB
4 KB 134ms
41ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701681994675424&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fc8648b5c21e960f83e53c4a6a99209502b33bc3cd846981818ddd1ac1bf8504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 09:26:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4188
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 1F58 47 KB
48 KB 145ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:35 GMT
x-content-type-options: nosniff
age: 41880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 5973 31 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgm1P21S06ZRpGDf_zl-QVLbxFUlZNeUFrtKki-fULj2VPK_VxXXZv-1pMO8SaL9DS6bQdija6llxJDaZNqEkyFjHgyg&cry=1&dbm_d=AKAmf-DgEZzdf6Uolo9QOJt2gVL_86-7hiFNaOghDcF6tvv9Q6Hi6P2mMv-arhu9snjV3_QC3m9Xbk0wNDxs18ku2PskM9qyLa9Ivu3Zl50ZNPprfpnKVde5F2RMRBj9Kk0nk0Vg7ExkDA73vIcLDFQduzGESE0BU-K_RM3zvkSFvjM9iLJ0cynABuYPu6gzcVAWy7pq54w6nrdQglqxlJDeBnyNqmShpDBG9udM5jqiwjDuiW71xiDlEUcbSdOzXxwUlKbqmdPAfaTQTyBn344pK7shSI8w65EOCZgKYp2M79nNdpJwPeqAxHzi_g5Ni8s-T-yVqPFWis3Mybg4J4YnyV-bCJeoWW9FOPcK-xD8GLLllRoSYf6J31DeA2kDtXi3_cGUmHuzdYTm5IM1t-ykY4dnWGt5E4sFKtGufj8UqEKJKpM29bpik4-KUKjz7KTWfQTrjaWMlUiWzcuFhfwut8lPUgd82sSIUe81E_9cE_eSXdLmbCNODmnrow9g_hV_wFSSr73V-ocG00OK6TyhuSGfa_GrJ8iLjys404s_1d4MECNU4FsGOL-Tsun8GWDZ_urW8a0NW6wLnI0xy9WfdlVec9OTb6owUyqjBhQPsBEbc7YLsoEBT8PNPhqD5p9fdqCf4qXzvZ4Ns7j-loPrGREEaU_bpvOfy4K9W6bOhzN01ygtaRIporX5CMQrAyT7rli5Rr0VAA80dziqgaNcLlfL8oAqsmmfX0Mws9ajuul00bGd87vk5dlfmLwObgPP7jcYWrUttoYYm2MGP86dZVOniQl3hTgS-94vTFdg-1CO6QZUp4i3OGUfs2DsnmsY-DOMApSmjhpsFOufTF9qqvy3nwOwpe-bx57PUenQ13DpbmRjR2OwxscpHVRQ3uG3uw1aMEP6_sV_wI8b3O2uAC-XyzAOtXCRVCxMzfI4kSJYQ5yq7ttWit2RETedyhGGihylO2nCCOGD2LUHDB3BPxfvIJwUy29JXEUR0dSzLAMYrbMxyYie5U3Nm8WuMG-sY5cxq3cChr8kdRB34xwid4LoqOfzHa0vjo4o3hwmZHG_u98dTjV_RQcDZ-QqnpSDLJEM8EytEDDnTefnC9mzfRsMueG2MrvsPPyxXzKs0YyL5vYUJWA9UOY3P5rpR9BDgD-dT_DYfLjx_MXKQEmMkEHBl8GDK_ejtRGEpHKyZFpMhDFwL7zXbtfB5CkcKlUs3aarmXCWdKUB4CczQzeKIXNxF5wAVVLyFaNP1tUqX-hwwasf9eNUWgXs7Em9dfjA8HpQnldkEKAPAf5uELkw1Zf9h0xcS9-hDlha9fvNg6BHPO1kvsriNgydBFBXBVP0_jpB0djVyix_xaZGfxwdDdnE9q7zqcqEr7rHev75u9XRcO-X9r7SrcDU60PXbsqiAMukurWiTxdlpsrlvdPf0tfTHMckXsM_S6DRw9xn018ZoYvCKRBLOZs1FxBXRVgWkEGJCH4FgSPD5VNv5ildK4qZls7i7ZYWY7ShcEAT2QId0CAPdJ66wydFjMKy_scoR9K94oZM60_afhvyU3gDD3nt1EF5F8IK5YfGiJt1_XzrEY7Bf3cyE1kKtP86-xmslES6VWt9qnmFTqtssjwtirr1A_33op0TjHfgUvFs6C3fOEq0jnWtEHmIX7jjlDtvoQcVfhqcjGF_DuEHbn7dGE81zbHYLR-jTjuaY2bKBuwpCzxoWrv7e4bIFD5Z68NMp29cakbYaTekPxxdnblYZKJtS9xN09nnZM0BpRFRLaKFWSkUeBWEepMewyYNMWlYfftMDrZ1Z0T-4f1mWBZVm6gRYXQLi59TzpqUjorm0rL6guk1TLioLyLQHGKH3pOM_SSfau5f_Yc2iPHpMEFhHphWqpvQLhP2uyyvB5CQLFINbeTlUc89lmn2ie_ZxqEaHSkjdCkebaLUtdTbHPiaOw9B5VtXD5Jjr8vQ0T-OB4uSq9rdqQNiBTw0vmY9SnzkebRQiNj185O_fUCM3fUzqRooM-Bkvfu1EeuC0CGG7oxNPVfWE8GQIitHtBGr8NX99IgdJSEIb-UaE1uBNmjzGPhg7gNqQkMEiCJ0MgGwoL14TShlpBWJOZL7NLGkVCG0hq58j0qvvBWok3d4k8ekauI1cVx5TK6WE-I0_wV6YmcHIk4yWD1H94C9EYrSFqNyIIWhoEpHIYg0CwL7wpqD8ghTizAhoJ4BaQg2qzUVVSQTAEYYGipoqe4YrCd8D_qz8ANJ3MVVyZUsX22YNfRceWSdwoD3R8Qf55qo9IBHSRLHwUE217_xi4zrnOYPCIhiJVshMjmil3hclwKclLDeXSGbaJMiJpMe5-31Ikg5t2inzcjCB9SYemuKVF608i33-9l-aIlSfPpnH8ZCLhfr6KBLQ2jfrTqOUBGa1xmCDQaWRJfgGDXCst89NKTUdsRh5R-vxFhflf0gi_HKq_M_53CZbt88iop5mi4Oi2mr0gnTZyZKNvKj8-ClNECTeMgspl-drtjpPC5ruFUd2KS-H66dlOfM2NMt4lEvY-MYGY94E94yDyxgLk2eYIf565-oSYCdN2r-nut5QjYKoPszXcoxboykXosHPzj43qrN5QC9nqt_IIpx-sCYqQstGmbDd1JTKicqlGMjeE3VKhko-jvVS8fAs6yyAHa_dpWjb9aKdQafrzjLdZWs981433_dnPfaa0RL0Lg6xrOL0WykmURhNbVvI1Ok4Zf7qNZj9zZlRrPDmOtw7Jgcbd5gYGCXtDt75rnfz9XHxLVEClhvXOT7Qz-2dEujgCYvBMAqP1wpV6t2JVCyOxq79ueLaoLzxCCJvq2_kvyY49HobcxFmO_Eg3_JL48dLnv-jjNcf61CLcyPYj0OKjUl-65zwg2g7Lvq8Prkb3D-XtLIzTmWQ0qDjx6MPIp3-yvX022pYBhxqYrk4zE8ojkxsJS1VSmT1h_xpvaGYRiuzskJzUfQnbt30jDvD2GNT58bF5gVsugdN9jjjgjQHenUKs9sKX2a3E0O9DBv1IuepYBsXPzcwfXK9FTru8zOairZdYKxIrMTovQmPBSbrbRw9oViuVc6VAuWopu48eYpNDAY7jXMn4kuV4JW84VLpYof7RR3FbYsL2vc5hPZwRgdIO__vwfh5x-wEAris8D95fBmzSTzYmz3KaTgqAoWwzFHK97Qn6NL6RXTDvYcXN7F28oLAfbIA01qH2hd6_aIus_2verK51IkR_LdupTgcZKd-Mpbqs-jvQ0s0rm8MZrCJsxPncW0XjjETQieS9lZcZGYcxBmbUG2h9epMYsXYOWyGDQcezLaGN3wOU1Mn-gJoMuSq2snetkdRdbfaeiBPS3Nnk8FHTQUIhUZ9mqYqGzuzkJ4w4vfcW1pAZtYUCqq6dkUwz9XHUuRbjckyy8YFyB6nXTosPhuuuJx1S_3mmw3wGA7M9-tijFXNqmccKVeUkDK-eMOI7LxQND94Y7oW4P7aKf1R_smwJ9qsDmfpiLav-etD_1I7LQ3eZot0ifOWXG9dYpXtMkJxezC17bvzslzDwQsLR9fjxtXz6j29gJnI5gsr9JqSE5u6yLij5m9eCtg5sFqmSVBe_LQ&cid=CAQSTgDICaaN5vitcX4wSG1Z45ePp6bbSaDb8oVxH6gwJTYVtn6jvkH3lvxO2x-fhRDHq2Kd8czKvMz9NAB7e3No0Y2_yIqCrkTWCLKFt3LtABgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ds=l&xdt=1&iif=1&cor=5707607431721159000&adk=3047537735&idt=138&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:51:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 5973 11 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5973 0
0 197ms
80ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuC50j1jlEi4VSdqJVklilVtwZtpD7GOngpUBkofRvSXpjbZf3svpTTNrCAZ5IcsIbKnu2Vl6punjehVN0SlhG77gJb2KDdiRlhAyFXkr5soi8nEeKz3XOPVR2axMRdOADVHKQVvF_WTM8NqfKzfmxSe7Syi5LtDhjIKQkmmolBH7ZrcRpNhdfWLrY7sZdgBDWT3Sem8hEUQx5OUrkql4saKW0LUlfzYms1ddb91SveOrHPUgEJLbATOXzX20GG-oMovjtQh_01grm-_3pHV9HVCR_iSc1EyLIyRWIRBN7mXS7_5YkpwMHYVJkD3Wgfm-JW4Tdqj6dL12f-kGGRcR1fpUPIvKsUTCGFX6cj9HnnpwdXvG-1kQxkAz4aAfpPqigXCsa6eFy-6NZscfyqK2i6TWhs_m9AgsaA7Ne4GnTAOzMn9beIM8DDUmX0RcjLs7IubhSkPsrHbuvExu2O_pOu5TrQ0OGqbJkD7oWhym6n66ZRK1Fuz0mEirvQE500pys4wmYCWwohObAM2xwBS9Yhp2Ho-BKmFrnlf9urLRXrFQ0H2p8slkYi3PP1_TjmCCkjOPj-73KBcgds9TEdiQKrLBezkJ7H32b15EJsKWVdqPotfMyUmsUFf_sCL1O5310EPfFzLFv7AacWkUEm3uaCIyE9fKkYG3e-byy8wkm30SOQ2964eOeOK9KG-fA-CKkao6FgNI-SfAwYIOomFdGavHrOmU9W1E0MDDnelXJnweIDWEUzQv6rdhswtj3SVnF-BwhxcwEUQghgMPuL9t9H9H__-zeZ81KJyTW6lkl0APTtAGJupZXYU7FbLW9mTHD0g958O_MwnviOlpyW4-d-wSPlCYgjdzutO2ZdFmg_rQ8jXXwRvsX5fobSqLvVUzgaekfzzgUGFQkOMQABj9oiu9ptYcItwlruBKUH52BC7reywsxoMgonP6gQExGJ16ngLj9shub4OuL2f9oaP4oWcoI9kugJgRWDhzCaTOnrjfSlc0jWiNSL5OSNEXlNyTHqnrOxuxOz2vcaj775gA6ZhG_65J64OUki-1sw--m7MLXrPYh9DeBSeR8CF8jpPLclpktQFzRTbFth3ojmLoFuxnxZPra3GVcdP6c8qEe03di1s67wFPa479Phs7bzyeBEIp5hLR88o0tdtcLYqwQclMOFd3QFDrsmreRvUwv1rGam4D2zQAInKf5BEvSo1Hy_VwqeGHm_Ds2AoMhHMW13rI2AVE9PKy6UYPnnMVP-EEfbn8eiZ_BtRxDqyQUnHQ-Ajwup4ZgLCB8DHZD4YIQI97FCIayzAos9drNRFNl2-6_4RHSCEF49p4eeJnAdoRFrCeswdd3KnJDmw4zmkMV8qpwOdDTPUShAkqb1mhmE6GphOD6FZKBBbGg&sai=AMfl-YTF19n0F6QlZQfNxCmg-Bh1XdhFCeeKZMGxU1MRKsHyRZImWtIQG4pE0FRZHEnNZ41vHSbpepKkGugADpnHD26CsH9fRvKTbrHhap7pT7hyXStXT8SzQGVCPUhMLmpGoJZjPfFBiq_CPYmi8LgHdLfFLD6sUKPANkoAAbAjY6Cix88Abbuh9jXpm02NKMoR5jzBSE47MrlBW3nPBYlyZ8rzhOVVPmQdLFirru6G-DRvbKnGCHZCQp6B4lgDirCY0vE9vjF64RO0H70mY7SM3EdeEYcXgV0_BsH6WfN59XQadiRqvYUPMnDCG5rM&sig=Cg0ArKJSzJm3ErOLqW93EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.09109&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5973 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 6776152058242730127
s0.2mdn.net/simgad/ Frame 5973 35 KB
36 KB 153ms
36ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6776152058242730127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c58f516190a76e61ec5578ea1e5f10f7c55ec3abc20b2728aaa9b6123e788e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:26:13 GMT
x-content-type-options: nosniff
age: 216022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36298
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 14:48:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 21:26:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2701 4 KB
744 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 07:37:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2701 205 B
514 B 40ms
39ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
x-content-type-options: nosniff
age: 125701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2701 604 B
696 B 42ms
41ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:40:01 GMT
x-content-type-options: nosniff
age: 132394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 01 Dec 2024 20:40:01 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 2701 16 KB
7 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:44:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 2701 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:46:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 8A39 24 KB
9 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AC3 143 B
166 B 47ms
46ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A39 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A39 20 KB
8 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 3421023492188478287
tpc.googlesyndication.com/daca_images/simgad/ Frame 8A39 70 KB
70 KB 76ms
76ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3421023492188478287

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7fee85925d9b07f1076e078bef231fc98491ea4eaefdc8734fdb5b0ce6f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:15:17 GMT
x-content-type-options: nosniff
age: 7878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71456
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 12:02:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 07:15:17 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A39 202 KB
64 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8A39 36 KB
14 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 11:56:04 GMT

GET
H3 200 3421023492188478287
tpc.googlesyndication.com/daca_images/simgad/ Frame C4EB 70 KB
70 KB 97ms
97ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3421023492188478287

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7fee85925d9b07f1076e078bef231fc98491ea4eaefdc8734fdb5b0ce6f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:15:17 GMT
x-content-type-options: nosniff
age: 7878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71456
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 12:02:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 07:15:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C4EB 24 KB
9 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1896 143 B
166 B 45ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C4EB 3 KB
1 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C4EB 20 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4EB 202 KB
64 KB 135ms
135ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C4EB 36 KB
14 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 11:56:04 GMT

GET
DATA 200
OK truncated
/ Frame 5973 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98823e44bc71690f0f2171845d3608f0caf8ce2b551defa6f5077f8cd7899713

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 780C 24 KB
9 KB 100ms
97ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 040A 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 780C 3 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 780C 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 6031360035517493854
tpc.googlesyndication.com/simgad/ Frame 780C 75 KB
75 KB 108ms
107ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6031360035517493854?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkIYAkRiu8SvRykG157JPIlH9ye7w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa46a253d9358cc92cced6e65efc0661b6e7a54e054489ad583dda8e77587250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:57:27 GMT
x-content-type-options: nosniff
age: 1748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77050
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 22:59:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 08:57:27 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 780C 202 KB
64 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 780C 36 KB
14 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 11:56:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 18FB 0
19 B 84ms
83ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfPSBSpttZevLLd_a_tMP8dyaCMme0rFc9Z2Y93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNDA5MzU2MjcyNjI2MDY2OMgBCakChxZyOYpCsj6oAwHIAwKqBNMBT9CplqeBRFFKAwg7oYQ-GYrnf0z3WdEiMnpN5M4Ee1mMAouyhW_l8V0-sQCJM-iwMoMF-izOlHuuF54LgsgYNfcbknRLFj3FAfnwm7zctgf4ZnYZfulxLSHJcq4vvrRIKYRnwYb35Rg8u37CUtqjhTdKidS6F4cUcZANYh2t_fTJuuxzihRztxBuRr8H9_oWkaBbJy2cKM_jDJHZPlxUHndtoFHG3O4CQA8KFnwDQTowvtxHTIy6Yu-eLLXdF_OZLobKU7wA013ypKL1861HbE9yMIAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WPrkwLa79YIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwOTM1NjI3MjYyNjA2NjgYAA&sigh=vASmRHZner0&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNUb3vrRM7pI98bwMPQ4GV57VnsvCCpsQaLHt66r1GsGnjjY5XKnKlleehC9itMAqJ_3MKljDrEYUti7gex2-XRC5aMyvRp8_Q-BgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=147&slotname=1352985678&adk=2931861098&adf=780794530&pi=t.ma~as.1352985678&w=586&fwrn=4&lmt=1701681994&rafmt=11&format=586x147&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=330&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280%2C450x450&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=4398&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 18FB 0
125 B 50ms
50ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RMoEkwGdg2ICAgAAAIo3nhiOkpleEEqbbWWfwa1Wgl5ujGm_AAASAAAKCkFRVUREd0VCRHc&wp=ZW2bSgALZesEf61fAAaucSNSoJps6vu5TwRDWg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 189405
server: Kestrel
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 40F8 38 KB
13 KB 47ms
44ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:48:36 GMT
expires: Mon, 02 Dec 2024 21:48:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 44F0 38 KB
13 KB 46ms
44ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:48:36 GMT
expires: Mon, 02 Dec 2024 21:48:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BA10 6 KB
779 B 62ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 07:45:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BA10 2 KB
822 B 83ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 21:48:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame BA10 24 KB
9 KB 83ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BA10 3 KB
1 KB 88ms
84ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:05:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 08:05:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BA10 20 KB
8 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:02:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA10 202 KB
64 KB 143ms
138ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:26:35 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame BA10 37 KB
15 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8AC3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1896
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 040A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame C6DA
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

192ms
114ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 55982be674d7fcfc111238b40397ec9b05543264a0a00025c09b126831d6b29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 09:26:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 63520800047489604444994012528003
Connection: close
Content-Length: 1337
Expires: Mon, 04 Dec 2023 09:26:36 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 09:26:35 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 04 Dec 2023 09:26:35 +0100

GET
DATA 200
OK truncated
/ Frame 780C 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1afed35b85ed1b73232128f16a09da1dab922a576b4d530812fef656f8c2912

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 40F8 39 KB
15 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 44F0 39 KB
15 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 77ms
74ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1F58
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CT1bhSpttZevoLJHgZZCamYANj-2bnHT2k__p-BHAjbcBEAEglo7wLmCVgoCAlAegAb-F2eADyAEBqQKHFnI5ikKyPqgDAcgDywSqBNcBT9DQCXzcPom1Hn32HLkhq7asx5kj7EKh4rWqvG-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221571093852933352818%22,%22debug_reporting%22:true,%22destination%22:%22https://lnk.to%22,%22event_report_window%22:%222592...

0
0

154ms
75ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221571093852933352818%22,%22debug_reporting%22:true,%22destination%22:%22https://lnk.to%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221008091839%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228121929576835278913%22}&andc=true

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1571093852933352818","debug_reporting":true,"destination":"https://lnk.to","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1008091839"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"8121929576835278913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 09:26:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1571093852933352818","debug_reporting":true,"destination":"https://lnk.to","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1008091839"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"8121929576835278913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5973 0
0 80ms
78ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuC50j1jlEi4VSdqJVklilVtwZtpD7GOngpUBkofRvSXpjbZf3svpTTNrCAZ5IcsIbKnu2Vl6punjehVN0SlhG77gJb2KDdiRlhAyFXkr5soi8nEeKz3XOPVR2axMRdOADVHKQVvF_WTM8NqfKzfmxSe7Syi5LtDhjIKQkmmolBH7ZrcRpNhdfWLrY7sZdgBDWT3Sem8hEUQx5OUrkql4saKW0LUlfzYms1ddb91SveOrHPUgEJLbATOXzX20GG-oMovjtQh_01grm-_3pHV9HVCR_iSc1EyLIyRWIRBN7mXS7_5YkpwMHYVJkD3Wgfm-JW4Tdqj6dL12f-kGGRcR1fpUPIvKsUTCGFX6cj9HnnpwdXvG-1kQxkAz4aAfpPqigXCsa6eFy-6NZscfyqK2i6TWhs_m9AgsaA7Ne4GnTAOzMn9beIM8DDUmX0RcjLs7IubhSkPsrHbuvExu2O_pOu5TrQ0OGqbJkD7oWhym6n66ZRK1Fuz0mEirvQE500pys4wmYCWwohObAM2xwBS9Yhp2Ho-BKmFrnlf9urLRXrFQ0H2p8slkYi3PP1_TjmCCkjOPj-73KBcgds9TEdiQKrLBezkJ7H32b15EJsKWVdqPotfMyUmsUFf_sCL1O5310EPfFzLFv7AacWkUEm3uaCIyE9fKkYG3e-byy8wkm30SOQ2964eOeOK9KG-fA-CKkao6FgNI-SfAwYIOomFdGavHrOmU9W1E0MDDnelXJnweIDWEUzQv6rdhswtj3SVnF-BwhxcwEUQghgMPuL9t9H9H__-zeZ81KJyTW6lkl0APTtAGJupZXYU7FbLW9mTHD0g958O_MwnviOlpyW4-d-wSPlCYgjdzutO2ZdFmg_rQ8jXXwRvsX5fobSqLvVUzgaekfzzgUGFQkOMQABj9oiu9ptYcItwlruBKUH52BC7reywsxoMgonP6gQExGJ16ngLj9shub4OuL2f9oaP4oWcoI9kugJgRWDhzCaTOnrjfSlc0jWiNSL5OSNEXlNyTHqnrOxuxOz2vcaj775gA6ZhG_65J64OUki-1sw--m7MLXrPYh9DeBSeR8CF8jpPLclpktQFzRTbFth3ojmLoFuxnxZPra3GVcdP6c8qEe03di1s67wFPa479Phs7bzyeBEIp5hLR88o0tdtcLYqwQclMOFd3QFDrsmreRvUwv1rGam4D2zQAInKf5BEvSo1Hy_VwqeGHm_Ds2AoMhHMW13rI2AVE9PKy6UYPnnMVP-EEfbn8eiZ_BtRxDqyQUnHQ-Ajwup4ZgLCB8DHZD4YIQI97FCIayzAos9drNRFNl2-6_4RHSCEF49p4eeJnAdoRFrCeswdd3KnJDmw4zmkMV8qpwOdDTPUShAkqb1mhmE6GphOD6FZKBBbGg&sai=AMfl-YTF19n0F6QlZQfNxCmg-Bh1XdhFCeeKZMGxU1MRKsHyRZImWtIQG4pE0FRZHEnNZ41vHSbpepKkGugADpnHD26CsH9fRvKTbrHhap7pT7hyXStXT8SzQGVCPUhMLmpGoJZjPfFBiq_CPYmi8LgHdLfFLD6sUKPANkoAAbAjY6Cix88Abbuh9jXpm02NKMoR5jzBSE47MrlBW3nPBYlyZ8rzhOVVPmQdLFirru6G-DRvbKnGCHZCQp6B4lgDirCY0vE9vjF64RO0H70mY7SM3EdeEYcXgV0_BsH6WfN59XQadiRqvYUPMnDCG5rM&sig=Cg0ArKJSzJm3ErOLqW93EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=233&vt=11&dtpt=232&dett=2&cstd=0&cisv=r20231129.09109&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame DBDB 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 780C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChVm0SpttZdO6KdaDiQbBworQD_Kztc108fLu4rMSsJAfEAEglo7wLmCVgoCAlAegAcO8ipgByAECqQId0_3VgGWmPqgDAcgDyQSqBN0BT9BhFnWVa9cGzmiQLxHI4LmPjsA5Ip8xHaahSK_...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228517014382054125371%22,%22debug_reporting%22:true,%22destination%22:%22https://microba.com%22,%22event_report_window%22:%2...

0
0

152ms
74ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228517014382054125371%22,%22debug_reporting%22:true,%22destination%22:%22https://microba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22318938691%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225341020004456328625%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8517014382054125371","debug_reporting":true,"destination":"https://microba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["318938691"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"5341020004456328625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 09:26:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8517014382054125371","debug_reporting":true,"destination":"https://microba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["318938691"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"5341020004456328625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame EFF8 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 173ms
73ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 148ms
73ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44F0 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7MdVS5ttZZa5Ga699u8Pn6e6gAsAAAAAOAHgBAI&bg=!PzylPHPNAAY3kmNgF5I7ADQBe5WfOO-0x6XFdtJd7WQU3OWSChsep7BzkbyH-oUkav3TgQGupvwFHjOErQSN5nmar5RnAgAAAKNSAAAAAmgBBwoAYfQq36U2chav1w7MU1t8OMDlB0fZz0E886V0KT6lNIYRrEGeiVM17qcba1jPxXFFkpFErAl5yIEsq50qXfG9JSVLmIcWiHBiSrww8glXd4zxqiyr4KXk6K7jNmbxzmiVYgOZAuh55tY_xOSvR4T6cbqyVQ0o99TtgQucqrSdydfoxIaZgZ2B9o6zcXHBOeQ2T9t2AMHcmwIEa3LyemfP54Mecz3KdllY3PN5sNi_I3Vt-zYbjq9Ecm63aArxeViSWYk8YocDb8vpTZMBBdo12PELiyAEGUxme43JTL904UiB3edbnxSAIuGHGS4mSveiKxO7ZZ511M-IYFJXcN9yAe91wmfd4ZwaR_HD_kNcV2OnNVV--oWDTGAsY7rns1n-WwNIce-Uh71ydjc43PmELuby4T2PumH2mltzDSgiNkysZuuFuiHrjeqFNO2Gk8g4fatsJPOdr8GykdnH5D99fygh1zvoKqFQ79yAOgXXaMdpKxCL9AbRyEs_1Ki0YIXyS1kzGrLC8GzQAGzF_CMwyjx1EEnYCTTBCMZ7pXqr9G3iCbPSQfnTTtsjYxIKl0YSr-bR6fJNtURtHf-4m-LTdfwsLficfxPUUkIuZH0OUV1wf25UvMNLrhEwsMBC55ofpkiuiD88nXW-6V03jtoGXg62gkRH2Vk9lpQjsmUWF2VKF0FGL1nSHsxZ3UbtdHuhYaPPpF7CvBAuUsqCPIFhgCFRxHUPuULMolFxjxgonp926pcS3hgzlPvFUm5H8MjFN4EKdS0Gz1bX-AmpmrmCKVonkordVh0q-vgLzIwxnjFFeiASOIBS8NxRZQp1AXQs1-vqebGo6fsSlEL1DRHjTsqQncWzMFv6xCThDjSevvyMcUzBWK1XTOtATzp0KGD8eAO0XD1NwH5Ji9gEeM6gv5MuIKwNdyTtDvc9iNN0zJ0DOHX-y9dfELqVYOIQgPF3OY4WejSvmjlo7qQqLg_ACT6sjU6FYAjOFWBTFhJkr-HwF_TGvKlfFL9MIXdWK0TFXd5OYtok_LRHuPWbrP8H4LWNWObKLiW0zw3myWkgnRNCYAWgZ1Obd9oWwnSjQBQdN2FfwlVG7HSKOLqd25gfQcJrGTBnrrHeowgvpkY

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40F8 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BV-9GS5ttZcH2FeSD4gGwrrvwBQAAAAA4AeAEAg&bg=!4OOl46zNAAY3kmNgF5I7ADQBe5WfOFmcqwutk3vA_xNsp2vB2Cq2apD_IQfDTCrPrW1cccQIQfztw6XZSOeOVsxI4Po2AgAAAMFSAAAAAmgBB5kDGVPwXXy53QS2Y2e1JqNjSP7-t1vFheNf4gN0VPpeiLAnnSdTlHfSviA6i9n9XhbZt3IpHT8SS0XtziX6OjdfRx1QhmHo8Bo6sS-Wm-k7YD-bGuzTK706yo8K18zngoaAUWISUKdvaCz_8pnhWPD6KhpHE9JyPDmVu7z0UzJP5Fe5uKAZeYo7YPZ1XkditI022oNm-uuXSImu8HfLlDJwn3uP56Fgsv8tS_yWe_LKoPzxFTi4l49OpxJv_bLFzyOwY9s7Kn6lxJeIas5eQlQfXm6c_ou_qje2nD3_SXeuyBzKbaw6bLV0sN3vz9J-G0k8CV6USwu5KwAq22WAuYtZFxFVGIzzPpPhOzgQenpkGtv3n7zSnhTnXibf1iAyF3Ju3XKBfn8I6iVwx9OF6rGLEucC9lm9GWWjtEYnQSFhJH-0LqMjhvNThUlp1lzm7Cf0qyn8yx2rPP9h15uF9AuK2yiMXE1cTvnpOn9BK-GEqlkoe_canqCEVzgPFbZTB_PGxkw_9u3eX_f0xiWoiYAiXJx7-BBjw9RnHGXzPnWq7UPFGW1Ugd0CoxY9wNjQ1Lgrt5zz_1NG7l_vc3qzdqLrQXaZbco9yul_8roaRGiCx-e6u1iq-q_MBQl-zWgp8UTO9TN8Xt1bGQahfQlgcQ9_0SfhxdqP4xSbGHR1XrwJbjmyF7938oDMuGAkuLgSMa9QEis5yknHwsuMC9ZBcs-CWA3agLV4_Z_Vg07V0bYI-9ItEl4fOiirtA13NVg3NKt0Muz0EyyUZHQ-OjamXXW72cKJkVFbC27nxw9_NdMwy5KdzYNmad0VWayPtdmN4pP1avIPxaUlp-Mu2qOZhKa5WOfagTI_9T-xmlZW1vMqYMR7HzSrLJor0J-xnmfuKL3YjrsWPqFTUSMFVy6UVwQ_ZYwQmCbZq4haawez0nd2KPwZl5622UB2wbu5c5pSxuZ0yJqFwXaHzmBcUg4uPF7lzkVw-sLxV2Jq4qeNOJvs31QQIsyOTNWdSl3a2lI4DuuYC8A3SXxc0pldbeyEUOt4OcdbkL8Y2b_NW9s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C4EB 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d71c09f2ae1efff99f1ef684bd38025343d982f63c9457ba243e7d531b781023

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame E74F 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
DATA 200
OK truncated
/ Frame 8A39 219 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bba2cb1b0a1dbccd24f7215a3673d4e3f17dcb7ab65f57578da7ca77af6572d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C4EB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5xZMSpttZdK6KdaDiQbBworQD6ya9790oYSjkOMO8vLWssUBEAEglo7wLmCVgoCAlAegAYbX170DyAECqQKHFnI5ikKyPqgDAcgDyQSqBNsBT9CRIQ_7_idM_XCTcoFEJDQV8OtxALSV6qt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227157912674481316836%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...

0
0

73ms
73ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227157912674481316836%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227387941189621958977%22}&andc=true

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7157912674481316836","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"7387941189621958977"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 09:26:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7157912674481316836","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"7387941189621958977"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 04B7 51 KB
19 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C930 51 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 391132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8A39
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnPg9SpttZdG6KdaDiQbBworQD6ya9790oYSjkOMO8vLWssUBEAEglo7wLmCVgoCAlAegAYbX170DyAECqQKHFnI5ikKyPqgDAcgDyQSqBNsBT9A2ojHg2IkTPVNUFaBpfhI8614ytn5AJGD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213340094694821260099%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_windo...

0
0

73ms
73ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213340094694821260099%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211770628589215313601%22}&andc=true

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13340094694821260099","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"11770628589215313601"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 09:26:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13340094694821260099","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"11770628589215313601"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
73ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
74ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

htlp Show response
futalis.de/ Frame AFAD
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=63520800047489604444994012528003&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655

350 B
401 B

162ms
40ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 04 Dec 2023 09:26:36 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 / Show response
adv.office-partner.de/ Frame 1F16 930 B
923 B 120ms
40ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 04 Dec 2023 09:26:36 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 11 Dec 2023 09:26:36 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame F56D
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=63520800047489604444994012528003&actionid=879111&produktid=ratenkredit&dt_url=

0
606 B

154ms
61ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=63520800047489604444994012528003&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 04 Dec 2023 10:26:36 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Mon, 04 Dec 2023 09:26:36 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=63520800047489604444994012528003&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 53349
x-iplb-request-id: 50FF076C:C2E8_91EFC182:01BB_656D9B4C_8239BF5:55DF

GET
H2 200 link.html Show response
track.webgains.com/ Frame C6DA 2 KB
2 KB 288ms
167ms Script
text/html 18.135.55.196
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=63520800047489604444994012528003&nw=1
Requested by: Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.55.196 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-55-196.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: b84823b87d4f7ca775abeb90348f621953ffb3570db1b891ce372512097c61e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
last-modified: Mon, 04 Dec 2023 09:26:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 04 Dec 2023 09:27:36 GMT

GET
H2

200

activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3 Show response
5994599.fls.doubleclick.net/ Frame 295E
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3?

389 B
324 B

88ms
86ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3?

Requested by

Host: advancehappynewyeareve.com
URL: https://advancehappynewyeareve.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

5d897fc11b8dd66795cea7f8b4be0ff4ef610bc756224e40e3bb3ede93d88ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 04 Dec 2023 09:26:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 9E28 7 KB
2 KB 117ms
40ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=acdbc14b9b&subid=&uid=b2b62a90ab8afadc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7EEMSpttZeCcKfSoiQaF_KuYDKblvaBpvZOcp8kP8C4QASCWjvAuYJWCgICUB8gBCakChxZyOYpCsj6oAwHIA5sEqgT9AU_QWxRgve7eQ763DrK11EWyWdPIhXClYwpXDPf1sAQ0eUS52FSf9mE_2l6afeWGfcuLKR89ToomUN3XgZt_FcjR-ni7pXiU41pdzZuqkfnrBK30yNKWlVE8mldTeLgU72zpXr7pmodniSdkFMVwFN1yuyHcYECg8SGqMbAIW4-WMHGN1ATH2WJKCgVffZLiGeJBVsPYcRi9LNrqrNYCttLp0ZROR6W8Hv3rUzdqhzW2KCjVY6-fzRT7hrz4H8FN-OKod6UlJtOmHMXFDC2rCEuaPxtkIBL3MP9n7DTnflnoTO1IBv10gd22PsMnSd7_Xt144dcR99o6B4s0jCvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmMq_trv1ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNE5XsYMs42bsiXIq2tphxUuRdCkG5FpZJDMvSNcnHQzJGvDhhzTJqG-BtrYxABDD-4cwL-fVF-QlhpjDem4NZww0HlvXRxb9MvhgB%26sig%3DAOD64_2isapSxRNseMtop3NVOEby3YU0mw%26client%3Dca-pub-4093562726260668%26dbm_c%3DAKAmf-COZ8oJkZMLZQs7o_UctjYubD13jBrLrBNYcSH6RHuPcpIZnhQwBrshxfVd61o4l1_6B9cAoij3a_GISTBYd1HTTj7KuSNuOVdptHbYaI9v_F1PHRjOXoiEC-wGlMYW1Gc1C1BveQGXy8q-ScRJ05q6hd3THajMqbTc9lmOammMWOf_JwA%26cry%3D1%26dbm_d%3DAKAmf-CxcMXi9sCJ6Q_D_vYps4JXz5cNjhpcakVUpp4ebgok8ihJlZOzt39hnzQq2h5p1NV0KNnI8ZovXtln4zyLxBzULV9sD7iqv68lGCLuhp1Iypb_AMKPMBEU0ykfiscgexPLlbt4H-A8GG3hHuL92tTdPgZHJlXtnVTkqrFxqAPc53vLZxNKcDy5gyqLpB77aZXLa6PnoHoyDRYurKFJnQ3ow8kjdeC0LrUMwpYa21rrRbsmlo_ETtd6PAii8Iy0PO0QIiIanfICJn9NwoeSvQ6hC4Sgq6y_EnTgeySWF7GFjoGy4rDVTSz9pVzOUshYxNyV9ZIcghlUIRUqt1Xb8pdZs4uri8Z1ba-EHS6YVux1AZ7HEBrl4uLDuSMZ64zTZ56VadP7cSmakzqzYOo-i6Z6OMgu9gpjLfmwmKxI-JrUlJCt9zAK0qN6giWdr-yQtTIUK2FZZBAV5Ua8IrRBOYP2bTq1HSeg0fnqek8nscOKB1n0neZE5Aiw5b9gQ4DPilFf4tvfZ0uxwragXgbAvNKtKxR4Z0HuNpAJXkewazBdIIStZrg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4093562726260668%26output%3Dhtml%26h%3D280%26slotname%3D3465053827%26adk%3D3444974605%26adf%3D4189573665%26pi%3Dt.ma~as.3465053827%26w%3D586%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701681994%26rafmt%3D1%26format%3D586x280%26url%3Dhttps%253A%252F%252Fadvancehappynewyeareve.com%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701681994311%26bpp%3D2%26bdt%3D549%26idt%3D312%26shv%3Dr20231129%26mjsv%3Dm202311280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7248305282478%26frm%3D20%26pv%3D1%26ga_vid%3D91301450.1701681994%26ga_sid%3D1701681995%26ga_hid%3D377716936%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D341%26ady%3D1344%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44785293%252C31078301%252C44806139%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D718421590122238%26tmod%3D2125609563%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D314&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fadvancehappynewyeareve.com&random=8682632169407&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 77569cd17615daf4532357d464ee1c7f70b15c3828027adde540006ff41ff842

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2113
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 09:26:36 GMT
Expires: Mon, 04 Dec 2023 09:26:36 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame C6DA
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
665 B

144ms
65ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 50FF076C:C2E8_91EFC182:01BB_656D9B4C_8239C20:55DF
x-iplb-instance: 53349
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=63520800047489604444994012528003&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Mon, 04 Dec 2023 09:26:36 GMT
server: nginx
content-length: 138
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C6DA 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: decceb61790ac5cc52294e101c45bcd1bcdd132cc0313c85137208fa51b0d885

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4093562726260668&plah=advancehappynewyeareve.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advancehappynewyeareve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 9E28 5 KB
682 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 09:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 08:58:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 09:26:36 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9E28 13 KB
13 KB 119ms
41ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b55fc69323e7e446c5856fa0abc9de1e8f4f0bf22437290d323721a2d29d25a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 09:26:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12997
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9E28 16 KB
16 KB 120ms
42ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 60441be6ad298323e680887adcb39ea4c2a4dd39f40dc463a5ecdcf0ed18982a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 09:26:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16514
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9E28 17 KB
17 KB 120ms
42ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f836fc8884c14171f187b96e51dd983a1b7ae6bcddf641f9b61c5e78cd8102e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 09:26:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 1F16 175 KB
63 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03c63791d501bcbc40d8ac0abce637d23ba13c9667fd6e621674510a03362156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64126
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 09:26:36 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 9E28 0
150 B 118ms
40ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=63520800047489604444994012528003&a=95a20883&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=63520800047489604444994012528003&a=49614be6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 09:26:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9E28 14 KB
15 KB 42ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 404157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9E28 15 KB
15 KB 50ms
48ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:36 GMT
x-content-type-options: nosniff
age: 41880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1F16 274 KB
91 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bdc517a6d16899f4d9a46588730b480ae7fdebcb29b48818a9873322667dd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 09:26:36 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame AFAD 5 KB
5 KB 38ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3362405655
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame C6DA 53 KB
19 KB 167ms
45ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=63520800047489604444994012528003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:36:09 GMT
content-encoding: gzip
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 75028
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -rEMgejuno46nVl92sbs0SGxGjU6b8IF64pT4cK5S3XSyvMJ66zAkw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame C6DA 3 KB
3 KB 127ms
40ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1701682296&Signature=HXX34M6VrRH7eQQ5nCSxdZW5rrIVElpJQ1Fy646zaJTx3vG51auS-UzbMovekvqZcUHtnfcm7vCsScPlr2rvHTQ0Q58UgCmFvkJHyWBCLsPgxFIM3UsSz5IOd~FX~MwOK~q7ONbpCwP1Adl1pi1TQISUtOTxaqdcQVPxqu8RqWv3X2gJtxRzn9pN8WCkzE1hJ8oIr9iTo7QJ5wGiaYe~zeAaQOnBpXnU7Mv3X8TuipiS9J56IWjsHnFzVlvIMgYtnBN~OahFj~Hbv6kSsC8StzA9B47dwWa9pZgAJvRfFG1NtZIDSMRslzSw21WjTZnSAEB~4PWBHcO0vx7PQM0y0A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=280&slotname=3465053827&adk=3444974605&adf=4189573665&pi=t.ma~as.3465053827&w=586&fwrn=4&fwrnh=100&lmt=1701681994&rafmt=1&format=586x280&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994311&bpp=2&bdt=549&idt=312&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 04 Dec 2023 03:23:10 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 21812
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: WKD0_QVuj03cZ8V3uZe2eG3f7YohRQx1MpW6Sl_850Wced5SeeHytw==

GET
H2 200 dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3
adservice.google.com/ddm/fls/z/ Frame 295E 42 B
401 B 164ms
77ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTrpre79YIDFZRJHgIdyV4Mow;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2622908318924.3?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 99ms
99ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64d519e2cd316cc14b1dedc15fa10b4078cf24cfdd6a8c53a6f15631fb788d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F58 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPza8R23rvvrzHTOF3zWZgaBLv70vsDTWoWJr7QrT6b8m9NZ1lhVQVbLJhIw6LvdTbAU-XQHZv3hDRLvU9oW6QOlt1hUc1jTWt3lzsuJIwXPxLiXmsGnxDVYluM_UvjnjjxWXZ-77Mk2_hjjDVqRvRKhBCh00IqNIoMlPgMRQiNkwmyG6e3Pa9TIT7YBz4fXmnO9qBQQkpbaXuUUXy9xWTlcyoeweid0fz1wG6u89xixGG7iRXpHUDmfV9lLtH14iRyN10fhURq74RPICafGOAh9lzbw451K097v5DjMFuK3KYzlNwp_cjU7GEwpCjta7P_CCh3IYZTCUDfL9m-Q6hjycHeMSj_Wwez-RhDT6KOKTs79h73s9ghK3CmhATI63_eZN2gUH8AuKaWR3mYqfcuszyvbfjl4tlDHz-ppK76rXPONih9mC1vsSFJSC-4wgCVAhpdq3wzaWJw50K6B56Op-YL54pa3vDMNdZQ5fAiqPtzvpUxFU0lMTkNsg04vU0xI5YjG0lFoBfTPgu4LsZznBeLwurRIRNccRCC4iGqEuIffS-7mdZ2r7HfEBGFa7yHU3KXZyQmA2Qloi2Kt0UbzsjDSF8YFUJY9l6yEl3qYFfQWGlO11poY8K6mrt4RfACoiIaMliC0MXtmxbMgkVUWVBPzx2sGpnGkKocCgh9Nfzuc4DPcZ8Y76Roe8P5vrT9yPmGX6i_ibnoSYuJcCe2ssKDjFeI8pic_WFDyZ3vkNhXKaKW283MqzNqewmsp8Og6KbGXqeSCqHbqv3j3nTD4FZKfwiKqreU2rFRop-ebLbz6I7upXq87vylnp6cuZMNcqyDTBMQkEj0rCj3cIxXMK1KmlvvbRycHIrj1gedXlQK44XYLYgxUldIVungDe2CtGvRnUyXMfrHgcLzJzu_63lgTOSxp3g_ZJoAdAVSSakJk6ZKe0xjy1ShBnTNUOq2JzAHdZk1ViSGyI4cakc2dVkOBBoDC2__T6ow0whMRp1GQuaXPOM4W6NqoaHzeBp_MA5L8LQXe-zaC5-erFF0wlyM-9WIsC2zpAnV9k_3BulKF-xEb9ayDlUAQhHCoQmozxNSPKboHPmx-Vg72nKXw&sai=AMfl-YTVQyN98d4bpNwJYH4jybPcxb01mS0QAdvBUOtHkOH6aqFxHlBE8GR5jX-0mqtiaKLztk_0UZpgWXOKIUw_5yvSZiF0H9pan1VPUCwMyBoRIx875IjjzyazVxyjc2vpSTyWOJqx_U0igasW2UfZDWcfE4eQPzzjvZxPNKC3nc26YmQ5hegr&sig=Cg0ArKJSzNDHl_yPdTuZEAE&cid=CAQSTgDICaaNm7_gzfeAsOnw8qAY4zzt7-Y-S-ch99-WxTcFGQYVvML5y812KeWUr7twjDARl7I2CvVW6Oqm05m-DRr6DQbBG1FIg5AWYaam9RgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2158643156&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701681994685&rpt=1094&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5973 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5557012472593&version=m202309260101&ct=76&x=1&cor=5707607431721159000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 09:26:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71F1 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 08:05:12 GMT
expires: Tue, 03 Dec 2024 08:05:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 644B 829 B
998 B 51ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e41b5ccb3c9f23eb1bcb1c881bef10dcca22d9c643ed2cdcb821f4072a840f5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rk2UytDHb3dg4q_jfWXcwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://advancehappynewyeareve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rk2UytDHb3dg4q_jfWXcwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 09:26:36 GMT
expires: Mon, 04 Dec 2023 09:26:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 71F1 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 780C 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUYwuyOO5oCx9olSkqZID0O3vGpccEfG4oCc7yEcwie4wGO0Hzcvz9cqbtVZpXKKdtbAQfxj5UV0Ps4Ir5OWbk3W0mYMGz0OWTsjUnItLVckJG07raE0Pjk_GLmmTQytpQHoOP4qrdYZzK&sai=AMfl-YQ2rYQ-sMoEmoY24eJebh5TWFzIWOzEJKKM5tI-wq5tYrGA5KW6LkSAs5zPBqT8aLDkWdsKndCTsheiwidYdXlqoWrJ1SptAK_80B8nTquqUY_9bSPbIBP8vatRaV22DHkqKJ6oF4A4F8mlcHaEVdGAsa1PqXlRNRBW&sig=Cg0ArKJSzCc_EvSnIJPUEAE&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=140,816,1000,1108,1108&tos=140,676,184,108,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701681995510&rpt=311&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 644B 0
0 73ms
72ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=718421590122238&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 71F1 0
12 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-4F8hA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:26:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4EB 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwvOX_XIIT0M8wXZXGl6wyWwwMWrdTuAIMo5XE64aZEYxmmkhhgXp4N_gNlITbz71wkaNws38wpTE5Tc_rcEE8fCaKQJemVM4Ny-VNZSuaHuu2ltJaR6x53bwoxNeIQZigQDTMcdFwFktd&sai=AMfl-YSilwWXdQVlytsozA4FQXp8qMdKR-tkI6WKfTPNPHWQMF35RM-emMKSQ5p0LgzPCy_VnGUnU4nliFete0A5K3-jcEWa12Vq_pKPX5Fgqvnn9s3D7g-vDPjIDm6MMXFOIUKOkHkPb-aHke29A-LMbFI2jfkraMCUBho7&sig=Cg0ArKJSzG377TmNb6gnEAE&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701681995510&rpt=301&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A39 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGqAzPD113GjZj7J3OxAhUy2GJT_lLb5PNO0fUVhqk13v15W7Ka-6Ig6ozhkhjvE0AwmMWH80831du5w2FeDQgyd2lkm8yYBKmJgfeann_tu1w4L1dvY_UJgVF2QFx0opc7FCL2YDK4_I2&sai=AMfl-YQkFrijIUe34R91YcHW_Dfh3dZmZIxB6XLD0udviTlvdq7lN_n8ZEgflhZZhwxnuqQscI_z4C8LNyhp2UH2ds9XaTGnNwOsT5ynRri86UdKlqAFS8LXUODudbbbKl-R23y48pXW6SpQ-d3EYtTXb50pthLCFQpmXCq4&sig=Cg0ArKJSzDSv-3rzEQYdEAE&cid=CAQSTwDICaaNdHmy3VF8odfaHUE8uGprsjB2tB3U0p6myr9qIKLeJLLuG3aRps-87fbb8aze8iqckDhKcIJSkn7cQU98QsJJZhL2ETdphgfowUwYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701681995508&rpt=242&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame C6DA 16 B
209 B 93ms
93ms Fetch
application/json 35.177.10.97
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-10-97.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Dec 2023 09:26:37 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 214ms
50ms Preflight 35.177.10.97
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.10.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-10-97.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 04 Dec 2023 09:26:37 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=718421590122238&bg=!ubqluvXNAAY3kmNgF5I7ADQBe5WfOMBKlw3KN07uKpwkusraEE1wqdaJFFsoHBneIsupzobnj3t092v8DVuELAXa9wxSAgAAADxSAAAAAmgBB5kC2hcVNjX2o4WgN9LBdZ9tSuIbBBGZbDdGfCW8r09YmcIl-yBXvXSUx0shG8SLh-HVtIPFm2iYjn3j1BQgTZYK66gFffVNS_2gCzxyxZc8x4vzLB8WLG60icPuniNwDxSghPKjxpkvcaZDWacIPZWCA63i-ANfaFSrWv4tbGz-WQC1FWrpZmshi7eQjhl5kKKV4D8GyXWhjCueBzvHeU5Me0tmgStR1EOznPzZG7G7CRttywShn5aYV4cbz8-lkNP1nvskwxfeEJIZvFo2WYrgGACmZn8KE2gstEUcIEDo12BYGI9HWn4cHsYOriBfFDyshw6GTQ9rBpmCqk-R0ohm7cZ5WTY0nP6kuOJn8CjQKG2ZZakbPrRdDSBbVnwH0IXDoTWd6I9_kkrktIV6w4gAtOHTCKmDALS4oRcPKZ9_G90hdHoxsUUUlFgsEvBYJnCrpUizQelUEOnzKbqlRiJdk_OdfDC27DKWHfA1RbL-ZvdI8qeShw0tiz7FJ1hhNWRf3yC8rjv1MkIR47fg_k1a1sMSvAgErFjpPnCpDZrmrS-gdRptHyNjcyWRIuQlGnN4X0Zw899PLyo2F2prGEI4js2VU6UzSmBlj0859YqGr5P6JuZB1qYRm-0Sd2Refhf4FTDdM1_8ZsyMqQv0wNA7AA2D4aNnhhhwdfyX-xsZLSa1kjYrm8i6u26LKKnJLWxNPMqk3B6wy67XqhJELaMrCJqiSOF0_fYR4QeSfWNUHUWqre1ejZTi_hCm1XFQvRreGRbBsoA5U3kGPbQw2cH5DLHKql1QeOQYYSZF2LSNM87fwSqiqO1s5ENtAqQEXZQwW113qdPlcgEoqZ_I8NByIBJ-JwOu9SjzPkpkCPXUrc5EK15oPYOf2mzAoxzoqhKCGN4qL6PWXpoMoSGC_We742Fc40luKdZDek9Sxs3ssbGE2iEr6BA8U1-TNhWT2lTXDZ2BAa-r5_z-9CY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advancehappynewyeareve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6DA 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3850275371044&version=m202311060101&ct=77&x=1&cor=15131670201932646000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 09:26:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.advancehappynewyeareve.com/	1970-01-21 02:17:21	Name: _ga_1X2HQE9ESM Value: GS1.1.1701681994.1.0.1701681994.0.0.0
.advancehappynewyeareve.com/	1970-01-21 02:17:21	Name: _ga Value: GA1.2.91301450.1701681994
.advancehappynewyeareve.com/	1970-01-20 16:42:48	Name: _gid Value: GA1.2.465242185.1701681994
.advancehappynewyeareve.com/	1970-01-20 16:41:22	Name: _gat_gtag_UA_145882822_2 Value: 1
.doubleclick.net/	1970-01-21 02:02:57	Name: IDE Value: AHWqTUlyxoXx2Y5Qt10FE4phNmuOpIUwtcg8QBmzveEu3qw25ihJILCyLz3ZRCCT
.advancehappynewyeareve.com/	1970-01-21 02:02:57	Name: __gads Value: ID=d2a8a407a4933d4d:T=1701681994:RT=1701681994:S=ALNI_MbyfF8TF9eetP1tnGouHCTBWmSlUw
.advancehappynewyeareve.com/	1970-01-21 02:02:57	Name: __gpi Value: UID=00000d0328b427aa:T=1701681994:RT=1701681994:S=ALNI_Ma5V7_qrP0W4mhcw1UID-veh1qt4g
.adnxs.com/	1970-01-20 18:50:57	Name: uuid2 Value: 5029103525727196728
.casalemedia.com/	1970-01-21 01:26:57	Name: CMID Value: ZW2bSyzyzTdQVfDq5Wd23QAA
.casalemedia.com/	1970-01-20 18:50:57	Name: CMPS Value: 5237
.casalemedia.com/	1970-01-20 18:50:57	Name: CMPRO Value: 5237
.doubleclick.net/	1970-01-20 21:00:33	Name: APC Value: AfxxVi67twQymCOIMv3oUSRQkSyvxNHLsTX0ElDSLtofC_xuJnPqbg
.adnxs.com/	1970-01-20 18:50:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''rD1qV!]tbPl1M>e)ZlrFUfJ+tGXxo@<sf(tL>n)f_Ai0p9#ze`>m8ENc?2zQlO*]T3If)y3KL9D3I?+rJw-YN
.doubleclick.net/	1970-01-20 17:24:33	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:50:57	Name: 8lcfmzhxc8d6_uid Value: cdd2e9635550d77c
.doubleclick.net/	1970-01-20 16:41:25	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:50:57	Name: ar_debug Value: 1
.retailads.net/	1970-01-20 17:24:33	Name: ppb2172 Value: 3362405655
.office-partner.de/	1970-01-21 02:17:21	Name: source Value: {"webgains_webgains":{"timestamp":1701681996452,"clickCookie":false}}
.futalis.de/	1970-01-20 18:07:45	Name: raSIDb Value: 3362405655
pb.media01.eu/	1970-01-21 02:17:21	Name: DTU Value: 684F081D0F8B9A04F1BA67655B12C96B

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4093562726260668&output=html&h=450&slotname=1812150678&adk=251077296&adf=3380724228&pi=t.ma~as.1812150678&w=450&lmt=1701681994&format=450x450&url=https%3A%2F%2Fadvancehappynewyeareve.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701681994313&bpp=1&bdt=550&idt=327&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C586x280&nras=1&correlator=7248305282478&frm=20&pv=1&ga_vid=91301450.1701681994&ga_sid=1701681995&ga_hid=377716936&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=409&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44785293%2C31078301%2C44806139%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=718421590122238&tmod=2125609563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=329 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
advancehappynewyeareve.com
analytics.webgains.io
api.webgains.io
c0.wp.com
cat.nl3.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
i0.wp.com
ib.adnxs.com
imageproxy.eu.criteo.net
medialead.de
pagead2.googlesyndication.com
pb.media01.eu
pixel.wp.com
pv.medialead.de
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
s7.addthis.com
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z-na.amazon-adsystem.com
138.201.63.116
138.201.63.117
142.250.181.226
142.250.185.166
142.250.185.194
142.250.185.230
142.250.186.98
143.204.94.19
144.91.97.152
145.239.193.130
172.64.151.101
178.250.1.6
18.135.55.196
18.66.147.52
192.0.76.3
192.0.77.2
192.0.77.37
2001:4860:4802:32::36
23.215.20.4
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a01:4f8:d0a:2321::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a0b:4d07:102::1
35.177.10.97
37.252.171.149
49.12.22.42
88.198.250.30
94.23.99.218
99.86.4.36
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
03c63791d501bcbc40d8ac0abce637d23ba13c9667fd6e621674510a03362156
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d0966fca4860b7b73a155c8cae651f580e0fac7c89153122e515fc1ef499628
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
123478b8062bcb309e1e6ad36ad858c791d2e0a4bad96cad49a5076c0ceb4b86
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b502fd23113bb7e1be74c1b7584639b438f6516a8477a63e134bdd349756870
1bba2cb1b0a1dbccd24f7215a3673d4e3f17dcb7ab65f57578da7ca77af6572d
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
267c82df1e306daf3771ccae836dd5b2450ef21ba3145ad1e479225b48d32e53
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bdc517a6d16899f4d9a46588730b480ae7fdebcb29b48818a9873322667dd71
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2cc31667549ffd4158c649e13057689ab523aff3635adc89abe1caf3cbfc961f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
306d008fcbc110d74c8ceda9dd3c445600dfe0644c744db2160224da8ef409ee
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c8a1c6175ebf8c196ef21fdc80868ab33ead86928b41d24f49e31ce57c077a6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
46b9fea73bf2862085e4022c55ae4ffb5ea99c4344838134acd8f6fc1725914b
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e95173133504fad00f934bfbfc3d005e7542405419513b3bca148d90fa4f615
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5068f72239e3e23c9afb0d5e8a7fe9490ecdd0655ea2c2125728cb72f5068206
50e99c2f6bf48e0b7e5759aa363f1d57e5ddb52dbb9b2ae881b2bf83b435fbbb
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5382007c553a72ca2103ad6c1e80d421daaa75aaa97b0bed65e4cb13fb21529e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5544d83ab12d5efbac61eebf629222dc9ecdfff1e9db493291a70bb4ad821ffe
55982be674d7fcfc111238b40397ec9b05543264a0a00025c09b126831d6b29b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d897fc11b8dd66795cea7f8b4be0ff4ef610bc756224e40e3bb3ede93d88ecd
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
60441be6ad298323e680887adcb39ea4c2a4dd39f40dc463a5ecdcf0ed18982a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d519e2cd316cc14b1dedc15fa10b4078cf24cfdd6a8c53a6f15631fb788d31
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
68af3635b0864e3ca5567570ace0d6bbd54e363290e31f5ad4d821b8ad1ebb41
6a2aa2099ba967564f7feae45cad5677b7d46cf98f6c1b13b60eca289e04ca47
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc63482e03a6f6ddd5fbfdb972d98188e9c047bc8e5dd11f676abbcb660e2ea
6c43a63900e12b904e06308bd3e068f1478fbc84e5ae634cdfa82f739aa4b0b1
6c9cf4b8fc6aaabce3465eb341972870714d73b3ab82f6b48c24e70a29b4db79
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
751f32223168838c86cc0c466edf36daa844f913882b6057380a276cc773f7b8
77569cd17615daf4532357d464ee1c7f70b15c3828027adde540006ff41ff842
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bac686f3c57cc1915e8739f4519da1eb6f11febc62b1fc48fe542e8e17560b6
80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335
85cb881b05293f02aea6ee1943358cbd97c5eeca3d2743a985c4cbbab6a16d83
8bcec999cf3ada800188746a2ee886467264cf80a8d8944d56b157f3a68d0b23
8dcb4e01a9774fd19828fda118658f422ba3ed5ff2be34712bd39caa5d566e9b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
984a95e651942b29e70485cae4e804de8391c52040616e99d121f8081a4fd1d5
98823e44bc71690f0f2171845d3608f0caf8ce2b551defa6f5077f8cd7899713
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a7fee85925d9b07f1076e078bef231fc98491ea4eaefdc8734fdb5b0ce6f726
9a99bd06295606f644c2daf3d7340eb6df3f5196ce470faff4f9093db55b7fa1
9ae92e3ed374198381beada22df3a964f304a0a704f3581ea2795a1e4fd45107
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a303ba0b3a0639fd50713e48846de00151e6955de224d5e262975993d112982b
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ab9b425f4297c5ea074e19d2c31e5a1585fdabf3a8b1c63437c6add19f9cfe8f
aef03efa9f7020516997e583f38cffdcf7b382f90241c0fa45839f2d1df478ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b337c1de66f6c4b290ec70e1329a155ae9faf315fb35eaedc180198c30efeef6
b55fc69323e7e446c5856fa0abc9de1e8f4f0bf22437290d323721a2d29d25a5
b5fc58c5f31dc2b90a6235d6c6063c6936509ba2d0512986022ef57673c55874
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b77efcf50f1e40606dfe6e8442347285829b87a3b72dc7c690b0091c518b2ad9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b84823b87d4f7ca775abeb90348f621953ffb3570db1b891ce372512097c61e4
b8d541f459ebc6d4b3c66945190e6589373eb8aee13964ad7af5d49e47f7261c
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7
c58f516190a76e61ec5578ea1e5f10f7c55ec3abc20b2728aaa9b6123e788e82
c894de7286f1af5077f4d1e6bf255d883756d57a80855e30276f8e6fe17ebd60
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a60cc4f3434cc354b2b0cb1b9192d5d7152933c052a09bace35e8bf4d5840b
ca0df17605a8a90a730027689ff9ca0914e193c93723a0ecaa741c76cb02862d
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d1afed35b85ed1b73232128f16a09da1dab922a576b4d530812fef656f8c2912
d71c09f2ae1efff99f1ef684bd38025343d982f63c9457ba243e7d531b781023
d816458b15e8caa008d5a4d7e5936cd054342983cc03230cb2419f8fe386da78
da9589bf993f0b26a2bdf472efc72ed1950a2f75026abbe7c3d6d90464c83b50
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decceb61790ac5cc52294e101c45bcd1bcdd132cc0313c85137208fa51b0d885
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e284f113e4bcac5dff1505966a91a128687b12fae8d9c14e83d334a1f4afe6
e41b5ccb3c9f23eb1bcb1c881bef10dcca22d9c643ed2cdcb821f4072a840f5f
e4f6c6576d71bd557785071ed53634304d9d61580ab81bf6b21c0d5e910b71ca
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec57a929af01e96210beb73632be51c1c3d59590696e3d18d482c3183ffe8301
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6403bb15be4ac432d5941bb2196ff4e4351aa036e06630ba68b87a96398cf3
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4e91c7994ed21c074d998267595e3c799128e2bb3e5048e3c57beb91bacde9b
f4f9fbf78738ce71faacdc281ed16efc78b3d5076469b63bcc476ca68ae83e5d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f836fc8884c14171f187b96e51dd983a1b7ae6bcddf641f9b61c5e78cd8102e2
f844a694de00e43f374e97c780f362c274bd6084665c9d7a523250054b890300
fa46a253d9358cc92cced6e65efc0661b6e7a54e054489ad583dda8e77587250
fb4bae683b1332864269cbd633e0d54f747355d301a094bfd470b9fc30199222
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc7aa163c9fafe2b63cc0b1b8d42a13ab2eaf71bb412d1a2621ff1c5b0fb6381
fc8648b5c21e960f83e53c4a6a99209502b33bc3cd846981818ddd1ac1bf8504

advancehappynewyeareve.com Open in urlscan Pro 144.91.97.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

244 Requests

94 %HTTPS

45 %IPv6

27 Domains

45 Subdomains

44 IPs

5 Countries

3201 kBTransfer

7912 kBSize

21 Cookies

2 Outgoing links

Redirected requests

244 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

advancehappynewyeareve.com Open in urlscan Pro
144.91.97.152 Public Scan

Screenshot
Live screenshot

Full Image

244
Requests

94 %
HTTPS

45 %
IPv6

27
Domains

45
Subdomains

44
IPs

5
Countries

3201 kB
Transfer

7912 kB
Size

21
Cookies

244 HTTP transactions
11 data transactions