parolla.app Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://parolla.app/
Submission: On June 01 via api (June 1st 2023, 1:57:00 pm UTC) from US — Scanned from DE

Summary HTTP 142 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 29 domains to perform 142 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is parolla.app.
TLS certificate: Issued by R3 on May 23rd 2023. Valid for: 3 months.

This is the only time parolla.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
34	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::ac43:d660	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:dcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
6 20	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:303... 2606:4700:3032::6815:242e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:6ae3:6657:23ce:d6ec	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	3.126.192.167 3.126.192.167	16509 (AMAZON-02) (AMAZON-02)
2 2	18.192.102.238 18.192.102.238	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
142	28

13 76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)

parolla.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:d660 (United States)

ASN13335 (CLOUDFLARENET, US)

api.radkod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:dcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.21 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:242e (United States)

ASN13335 (CLOUDFLARENET, US)

api.simplesvg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:6ae3:6657:23ce:d6ec (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

video.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.192.167 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-167.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.102.238 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-102-238.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	557 KB
32	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	121 KB
13	parolla.app parolla.app	329 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	251 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	5 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	5 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	160 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8155	864 B
3	radkod.com api.radkod.com	955 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 598	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 896	2 KB
2	seenthis.se video.seenthis.se — Cisco Umbrella Rank: 15456	12 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 870	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	842 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 773	798 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1866	298 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	121 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 587	363 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7698	624 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452	714 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	266 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3164	105 B
1	simplesvg.com api.simplesvg.com — Cisco Umbrella Rank: 104621	975 B
1	iconify.design api.iconify.design — Cisco Umbrella Rank: 16313	947 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	602 B
142	29

	Domain	Requested by
34	pagead2.googlesyndication.com	parolla.app pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
20	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com parolla.app s0.2mdn.net
13	parolla.app	parolla.app
11	s0.2mdn.net	parolla.app s0.2mdn.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	api.radkod.com	parolla.app
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	parolla.app
2	video.seenthis.se	googleads.g.doubleclick.net video.seenthis.se
2	um.simpli.fi	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net parolla.app
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	parolla.app www.googletagmanager.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	api.simplesvg.com	parolla.app
1	api.iconify.design	parolla.app
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
142	34

This site contains no links.

Subject Issuer	Validity	Valid
parolla.app R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
radkod.com E1	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
iconify.design Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
simplesvg.com E1	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.seenthis.se R3	`2023-05-04` - `2023-08-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://parolla.app/
Frame ID: C6F2E28C73A43F05D78815B4C1F1463C
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Frame ID: CBC26DD03A9B8DB25CD6AB7D6FCACE89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&adk=1812271804&adf=3025194257&lmt=1685627812&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fparolla.app%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627812697&bpp=4&bdt=277&idt=277&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7824474476591&frm=20&pv=2&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: 565A9543CF810C371CF88FB491F27718
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: 91B0D6E26C88BAECCB46A39267091116
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
Frame ID: CC5CBA055ABF1FED0BD932D9E52993C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17
Frame ID: 816BF67EC03F9031E05D22577641F25F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B05B025E264843ADA79553E93D5D6C76
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54CED49BDB52D9BE570D818793F6876D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: BB4352C20D31741DC2153372F16EE88F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUeSNJ2X-KT_HJ4jyqJNYHVabOlYg6x__tlo2gM-ILm9Aqe3HBdTgrKk7PT_cx11cJmMBlahtt3D42TyLDXUIZ1ql3bIhrmCGkbtQdZ5lnNJLISmRGPq6MEtxS2tOwP6qJjGTbtu6JpSF_ea_NJedhpEs-P9V08Lg5lZbK3iNBMpZ2ei3U
Frame ID: 97D7414EC2C1610CD9684C7D2128F855
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 978BDEE958E9E8078251BC6D3CFBE206
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 537EE54A516AAA659FED801C4EA71F8E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09FBB162B3B738D1C1D87870F4B59333
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM2ioeMBMAE&v=APEucNWvg258nD4BrHeaOtm9IP2V5wrfOtLjVEwWTVkGnn0KXY4ezDGFyES2N-H8B7XXDjBC7Q2VjnfuMK86Bv1v6ecE7SJAbt7zmDB-jSr1lelZIg2AGqSEeK3kWOh31PJHXMSYA_fh5xq_N6q7Gpsj8yvVhWTvp0KMJK5l52I-8znHIsbp2fM
Frame ID: 663261A14ADB4543FF4C81BD3A63D269
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AE1A2D3F6FB5AC038CFF7915AA3312C0
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
Frame ID: A7F86186FDAC90C073063DFAFDD359E4
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09763E3B5E4BB3640D4FCCE5A30BE21E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 488E84669D82C9D3395A141642328C48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8939175BE37736315F976CBF46B32CED
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

parolla - Kelime oyunu

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

142
Requests

87 %
HTTPS

56 %
IPv6

29
Domains

34
Subdomains

28
IPs

8
Countries

1663 kB
Transfer

4496 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHijpnbf7hcnoLXPjwjBXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxsmOvrfuUIu0rvkyWQ86E&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMO-jjtcacpyWSdK8o1iNjc&google_cver=1&google_push=ATf1kGNs__KDbV-dJJ66zy-rK9-ViYnsUxsxMBLtvwqOmVriyywUq0KaU4Q1y37JN33WJqB44EnbUC0u1k9iuERcaUY__ZopcbS7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMO-jjtcacpyWSdK8o1iNjc&google_push=ATf1kGNs__KDbV-dJJ66zy-rK9-ViYnsUxsxMBLtvwqOmVriyywUq0KaU4Q1y37JN33WJqB44EnbUC0u1k9iuERcaUY__ZopcbS7

Request Chain 84

https://um.simpli.fi/gp_match?google_gid=CAESECYPVWcYwE_qmZ_ozu6W8KA&google_cver=1&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6JQE8TmBaqLfegaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6JQE8TmBaqLfegaQ

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECRBt0yY6hgwxACxZlkmqsw&google_cver=1&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Yd6c0q0Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Yd6c0q0Q&google_hm=eS1uQ0d1ZjlkRTJwSFNfLjRLeU5jM28wYWRfRXZQNzEwUH5B

Request Chain 87

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDHVsnFxcsQozuQzEH6wu88&google_cver=1&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh3_5_KqW8PCBIg8C-RsO--FNkRXyw3VUe21b8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh3_5_KqW8PCBIg8C-RsO--FNkRXyw3VUe21b8s&google_hm=KtU_w3UNSs2pzqTbwqlGNpI

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHijpnbf7hcnoLXPjwjBXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMicVMZWGnKSJsphG9HF1Zw&google_cver=1

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

Request Chain 132

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNjyCYyg4RX_Ss5yQObxCA&google_cver=1&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-rELjhhRkctSPP7MiLNPC5yalq318IBRJlMr5d-234Shw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-rELjhhRkctSPP7MiLNPC5yalq318IBRJlMr5d-234Shw&google_hm=hYhDlbP6SBCPK8jeOA7nyg

Request Chain 133

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPjZZh7S-LF83p4ayRblUC6X1oyyYMwmPRjfkOXzgR_159Yo4WWIqQXcQrU HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPjZZh7S-LF83p4ayRblUC6X1oyyYMwmPRjfkOXzgR_159Yo4WWIqQXcQrU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T2loYW5NdlUxUTRJTnE1&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPjZZh7S-LF83p4ayRblUC6X1oyyYMwmPRjfkOXzgR_159Yo4WWIqQXcQrU

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN7gxT9eVtZ9WLeNse0r8O4&google_cver=1&google_push=ATf1kGOjSsGm4ovQUswlXUO3Qi-cBdyokmTewf5uSD81K7Czb9RnjqgI0FiqFmkkyGXUO3aY70l-eYLlmFjrpE-IAbQh-9Cyy5-9y4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkhpanB3QU9kbG9jWFFBcA==&google_gid=CAESEN7gxT9eVtZ9WLeNse0r8O4&google_cver=1&google_push=ATf1kGOjSsGm4ovQUswlXUO3Qi-cBdyokmTewf5uSD81K7Czb9RnjqgI0FiqFmkkyGXUO3aY70l-eYLlmFjrpE-IAbQh-9Cyy5-9y4Q

Request Chain 135

https://um.simpli.fi/gp_match?google_gid=CAESEMg2IyEv58bBwRr-fAKD4lw&google_cver=1&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tnltrof_a0pjFgDwVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tnltrof_a0pjFgDwVQ

Request Chain 136

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF3VvEZpTervJb6D1tVY9XU&google_cver=1&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF3VvEZpTervJb6D1tVY9XU&google_cver=1&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo&google_hm=HTePbV-BSsmzgbGpjGfUag==

Request Chain 138

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMxoFx05Tonc6ylsD43wrKc&google_cver=1&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQDhBKH64-fr-Peb2a97NDBQg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMxoFx05Tonc6ylsD43wrKc&google_cver=1&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQDhBKH64-fr-Peb2a97NDBQg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NzQwNDU1OTM1NzQ5NDgyMg&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQDhBKH64-fr-Peb2a97NDBQg

142 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
parolla.app/ 4 KB
2 KB 143ms
12ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ee6530c4470fda17dbe3a8d5eee22fc7a95a1d875c9496dcf0014fa794613707

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 173121
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 13:56:52 GMT
etag: W/"3e070675ea47de71eb3d12362b021915"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::rnn66-1685627812408-17ab6745751d

GET
H2 200 3ff6bb9.js Show response
parolla.app/_nuxt/ 4 KB
2 KB 11ms
10ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/3ff6bb9.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f924b8c19ad71a0333ff966c094e52ba3bf62c91a72a04c95a3ac9102d808f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rnn66-1685627812424-8ad039eba9b2
age: 173806
etag: W/"d11a9255409acd6a1b4380b178b81b04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3ff6bb9.js"

GET
H2 200 d7585b8.js Show response
parolla.app/_nuxt/ 276 KB
90 KB 38ms
38ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/d7585b8.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b0b0fb2cc65dfa9af19c3f6707a52d290d19d086366a25b24052880b91316f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::79ftr-1685627812427-670c57151d4a
age: 190151
etag: W/"4276c4f1a8dfc98eeaf63a3118b60204"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="d7585b8.js"

GET
H2 200 137d1d6.css
parolla.app/_nuxt/css/ 92 KB
36 KB 26ms
26ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/css/137d1d6.css

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

214b0ebe8682151225c9de44b388d48fdf38bbe8aae978887531b5b241cbd5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rrpgf-1685627812424-f08f8b48b4c3
age: 13896
etag: W/"f41048fb76fbb5fcd399d349ea959b3f"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="137d1d6.css"

GET
H2 200 83e84aa.js Show response
parolla.app/_nuxt/ 423 KB
124 KB 13ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/83e84aa.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d591cdef26f1ed39652b12a6a595c043b0d76be2ff1a2db5bb92e14adcd365a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::gflcl-1685627812424-b399261b3c12
age: 185800
etag: W/"b8ebd4be099ac6644325782339407e9f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="83e84aa.js"

GET
H2 200 1bd0a40.css
parolla.app/_nuxt/css/ 216 KB
26 KB 19ms
18ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/css/1bd0a40.css

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a0bef909f3af1dc8272d50f24c82d1b8b196858abd27bdaef57b2cca6c7462bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::wr7fm-1685627812424-04f4a8304816
age: 182854
etag: W/"927d67f45fa9571430b8c15fb2e4f59b"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1bd0a40.css"

GET
H2 200 9987337.js Show response
parolla.app/_nuxt/ 114 KB
22 KB 13ms
13ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/9987337.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4afb3df6447132eabd8a12534283fc1cdc44e0aef0171b178c5634f6c549678a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::lrbn4-1685627812425-a118c8e33e8e
age: 108326
etag: W/"c36fd7f7deb5f2f0cc6b183dd1500131"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9987337.js"

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 190ms
101ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5310998423283624

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a2f0791b9cb2aa24d9dc525b483aa1bafb3d50c08ea92d62cb80ddb6f6792d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Origin: https://parolla.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47354
x-xss-protection: 0
server: cafe
etag: 6674372335655008918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
42 KB 677ms
46ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W87WBTN

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fa689eb566a44f72df9da934dc74a8a6a98d5a75ae9e3fe9a02517ac46157965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42138
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 00e336a.css
parolla.app/_nuxt/css/ 2 KB
681 B 11ms
10ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/css/00e336a.css

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/3ff6bb9.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f463a71fd9a7addf6b6455fcca8fe872123c6fbf9a673c938a87d562b2afa490

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rrpgf-1685627812558-7bdcc2ef2ea0
age: 106924
etag: W/"9c77e1b8c576a9e24fd4c49f1ab3fefa"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="00e336a.css"

GET
H2 200 c2b2c1d.js Show response
parolla.app/_nuxt/ 21 KB
4 KB 12ms
11ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/c2b2c1d.js

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/3ff6bb9.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bf66c270bf62a8676a40b751c373626f3640262c73787f958ebf538de7eae500

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::gflcl-1685627812558-d1bfeb43cf3e
age: 167557
etag: W/"2492129677527c68acfba434610e86c4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="c2b2c1d.js"

GET
H2 200 0a9a5ed.css
parolla.app/_nuxt/css/ 29 B
158 B 16ms
16ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/css/0a9a5ed.css

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/3ff6bb9.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fee74d47ba933ca10f0ebc062233d78c5fb9259373a7908fd6cc1697f3d889b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::qt6mz-1685627812558-c21d02ac147b
age: 170025
etag: "3dcfea596769ad8a36406051899d1081"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="0a9a5ed.css"
accept-ranges: bytes
content-length: 29

GET
H2 200 25567a6.js Show response
parolla.app/_nuxt/ 507 B
642 B 13ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/25567a6.js

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/3ff6bb9.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5caeb3534668a881fb0b19dae79e8370a7bdf70028ecc04fb4603f798d128420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9268m-1685627812558-65f2153f6d05
age: 167830
etag: "c86449f0b092be5af4dfeaf71daedea7"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="25567a6.js"
accept-ranges: bytes
content-length: 507

GET
H2 200 4e18640.js Show response
parolla.app/_nuxt/ 10 KB
4 KB 12ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parolla.app/_nuxt/4e18640.js

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/3ff6bb9.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cbaa993039298d30559bcc3e4b3f6621013b9f67790f947fa34d680d8e9619d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::qt6mz-1685627812580-47456cbfdbc7
age: 178469
etag: W/"7eb1adb33b52db99cef5b7308bc96bcb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4e18640.js"

GET
H2 200 me Show response
api.radkod.com/parolla/api/v1/auth/ 44 B
572 B 458ms
418ms Fetch
application/json 2606:4700:3030::ac43:d660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.radkod.com/parolla/api/v1/auth/me?fingerprint=2540186279
Requested by: Host: parolla.app
URL: https://parolla.app/_nuxt/9987337.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash: ad3349c3f46d8209d2968f8f3684bc6eb5410a209f5a980ae8d8ce19202c56d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.18
x-ratelimit-remaining: 59
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0XHjwlGMxKD2WbDgNlSNjUTCbpjznCGoVyAdQtfpzExfwZ5%2FgdSKdP8rX9CXDUifMXpZmUQxVGkvanR4jewIfzyRu5iSKyS6f5qjvu%2FbZRAeDMyUBlAPhtpFbrBFsiRMnPd59KnJ2veQk1MBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 7d07f664f83ebb8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 351 KB
118 KB 180ms
102ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5310998423283624&plah=parolla.app&bust=31074967

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5310998423283624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0975b70526ef9c500cfc6e90e529f572feb2c206cd8cbf6090316e4360c44e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120671
x-xss-protection: 0
server: cafe
etag: 6950686576846410708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/ Frame CBC2 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5310998423283624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:06:55 GMT
etag: 15057649708203361565
expires: Wed, 14 Jun 2023 20:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 126ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=parolla.app&callback=_gfp_s_&client=ca-pub-5310998423283624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5310998423283624&plah=parolla.app&bust=31074967

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7eeb4984b0f34cdbada2d23dca9c84ecba9ad8369f37095ab85bd1ff194c466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 144ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 375ms
45ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 565A 124 KB
39 KB 458ms
458ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&adk=1812271804&adf=3025194257&lmt=1685627812&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fparolla.app%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627812697&bpp=4&bdt=277&idt=277&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7824474476591&frm=20&pv=2&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c24e85731456a2c86a4aa9d682ccff330a6de66137f0af0a76ab929fca1a6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39746
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:53 GMT
expires: Thu, 01 Jun 2023 13:56:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

PUT
H2 200 me Show response
api.radkod.com/parolla/api/v1/auth/ 100 B
383 B 488ms
487ms Fetch
application/json 2606:4700:3030::ac43:d660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.radkod.com/parolla/api/v1/auth/me
Requested by: Host: parolla.app
URL: https://parolla.app/_nuxt/9987337.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash: 7dd1bf588819ff6934d8e881f9d1613668cda3ebe78ad5c5d92be895f06803cc

Request headers

Accept: application/json
Referer: https://parolla.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.18
x-ratelimit-remaining: 1
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgjyMn8ZiXcwYycrF4iC2OmzkVqwx%2FxDFbzPyRgoVJY5koWCbxytmyMA%2F%2B7m4%2BF3KeyS7ajCnqgb2jQwO5JyoyoJymhyWRZGq6oyMXwT%2Fng0Th03FnOMaRhBALseUwqb8YCAJsd%2FBdfTsXC27g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
x-ratelimit-limit: 2
cf-ray: 7d07f6697fdcbb8b-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 me
api.radkod.com/parolla/api/v1/auth/ Frame 0
0 294ms
294ms Preflight
text/html 2606:4700:3030::ac43:d660
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.radkod.com/parolla/api/v1/auth/me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.18
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://parolla.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: PUT
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7d07f6679ca8bb8b-FRA
content-type: text/html; charset=UTF-8
date: Thu, 01 Jun 2023 13:56:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7FWmfx%2FODgxRtq1COW1gqUDgXNsIsLMUHEDWCWsWtpPZcM%2Fo4rLVXISLYP5dKuKTWlqj8Np6YpKLNhEfeJHmQUS8Rme41z2gSq%2Bi57adtaMO2ocPU%2BMfYCQcLOdBWWM9qtxDWdZpDpxXuydnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-powered-by: PHP/8.1.18

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
79 KB 52ms
51ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-149SL74TRQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W87WBTN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f819c36a2365529cefe9b90205eb0e64908cbc02346260c6c81dfd0ba06f404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 13:56:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 301ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-149SL74TRQ&gtm=45je35v0&_p=41615808&cid=539784636.1685627813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685627813&sct=1&seg=0&dl=https%3A%2F%2Fparolla.app%2F&dt=parolla%20-%20Kelime%20oyunu&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-149SL74TRQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://parolla.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
87ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230530&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7709f20b7d8240eb7d46b6d2a39b27531f6cfcf5a43981a47ddf2c3ce7f42906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11232
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 152 KB
52 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/reactive_library_fy2021.js?bust=31074967

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7a314fd018bf266643f8a41322ce770a34477a9357cb21391d3f99b478b80bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52800
x-xss-protection: 0
server: cafe
etag: 11374996229803094943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 309ms
98ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 49ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 46ms
45ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/ Frame 91B0 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 22:04:17 GMT
etag: 15057649708203361565
expires: Wed, 14 Jun 2023 22:04:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 91B0 4 KB
1 KB 131ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 12:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 91B0 2 KB
945 B 133ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 19:50:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 91B0 22 KB
9 KB 126ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:50:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 19:50:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 91B0 3 KB
1 KB 133ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:23:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 91B0 19 KB
8 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 20:06:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91B0 171 KB
54 KB 378ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:54 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 91B0 32 KB
14 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/954780991372749065/ Frame 91B0 32 KB
33 KB 156ms
74ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/954780991372749065/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c1e35a34a9ed23d8bcf6ff05c3d403dc95d280673cf65ea764b47057e55c52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 28 May 2023 00:58:45 GMT
x-content-type-options: nosniff
age: 392288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33258
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 15:04:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 27 May 2024 00:58:45 GMT

GET
H2 200 13143784887346510895
tpc.googlesyndication.com/simgad/ Frame 91B0 637 B
986 B 132ms
50ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13143784887346510895?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c1c16668ae945c76d0fcda74b55dc724121c24c019865666c4e5451f008aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 11:20:54 GMT
x-content-type-options: nosniff
age: 441359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 637
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 16:18:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 May 2024 11:20:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
46 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5310998423283624

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/d7585b8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48633bcdbba46bcfcf59747720f29e139ab1190e0c8187017e8bc4b75e3c2f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Origin: https://parolla.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47353
x-xss-protection: 0
server: cafe
etag: 15330801430097279805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 pattern.e08604b.svg
parolla.app/_nuxt/img/ 56 KB
17 KB 16ms
16ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parolla.app/_nuxt/img/pattern.e08604b.svg

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/css/1bd0a40.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2dcba89ea71cc50ff7c4ea47e15cbd8d138dac61adea1b37ce62c3a647208593

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/_nuxt/css/1bd0a40.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fj9d6-1685627813899-249b757af711
age: 190149
etag: W/"e08604b61f2d737c404094e16f3d1477"
x-vercel-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="pattern.e08604b.svg"

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
624 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap

Requested by

Host: parolla.app
URL: https://parolla.app/_nuxt/d7585b8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ca77618b114e3aaccfcf91ceee546e90a01b28d05f76a1d9d1cc3a38a70c7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 13:19:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 13:56:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 48ms
46ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=parolla.app

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC5C 26 KB
11 KB 622ms
621ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aceca4c08e24e0620ab53a65e183255ac56dc505dc195c3e0145e8387da65c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:54 GMT
expires: Thu, 01 Jun 2023 13:56:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 816B 28 KB
12 KB 1017ms
1017ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

364c0e507437aeded7824c74ae91bdfacd00030c45cb4d4fb3d968ee997fe675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:54 GMT
expires: Thu, 01 Jun 2023 13:56:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tabler.json Show response
api.iconify.design/ 487 B
947 B 1055ms
17ms Fetch
application/json 2606:4700:20::681a:dcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iconify.design/tabler.json?icons=world-cog
Requested by: Host: parolla.app
URL: https://parolla.app/_nuxt/83e84aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23072cc3389d55d4c1ae15e937802d18ad5223b6c7704b7f25bd467312b210a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlipJc%2FqdxNzrno9veOsDbWXEw%2Fnu4d0TgAXqbZisnXEcPi66ddTkOBoyylp4T7c8aF8ZakfCDhmDKeV%2FAhJeencouQBMtt8IKCZaHZbn4vjXCN7pEDXjilZUTV2vQwXekwCNk4pi0CVd7gHgQbOCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
cf-ray: 7d07f673cbcf903c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v26/ 33 KB
34 KB 122ms
41ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://parolla.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:52:08 GMT
x-content-type-options: nosniff
age: 425086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33868
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:52:08 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v26/ 33 KB
33 KB 172ms
93ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://parolla.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:52:08 GMT
x-content-type-options: nosniff
age: 425086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33868
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:52:08 GMT

GET
H2 200 iJWKBXyIfDnIV7nPrXyi0A.woff2
fonts.gstatic.com/s/rubik/v26/ 17 KB
17 KB 157ms
80ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nPrXyi0A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a509ef51ff946a2ac6aa960d5b6446c767c35bc12b7afe61edccb789745e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://parolla.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:54:00 GMT
x-content-type-options: nosniff
age: 504174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17512
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 22:06:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 May 2024 17:54:00 GMT

GET
DATA 200
OK truncated
/ Frame 91B0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d05e2c0dfaf3018083572a421d5500062e52e016390e6b5f6cc3da0eba9d8e19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B05B 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:29:17 GMT
expires: Fri, 31 May 2024 13:29:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 54CE 783 B
1 KB 132ms
44ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65afeec5bdf37e202addf538417030ee65cdeb95a16001b14acf736e2acb2283

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UlWyCeJEHPXGC_mdgO5sMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://parolla.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UlWyCeJEHPXGC_mdgO5sMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:54 GMT
expires: Thu, 01 Jun 2023 13:56:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame B05B 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 08:22:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 91B0 0
23 B 82ms
81ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COijJpaN4ZKjpAcOmtgeo-JTYCani0PNwz9Lj77IRv6_Uk7oCEAEgjvWImgFgleKQgqAHoAGUgaSiKcgBCagDAcgDywSqBMQBT9D3DJq2XvMQ0tdAhlbTtAb2UnvvIuu7ddq244KC5e1BG4m_SdEjW0kq3-uMCpEqbpjuErHKlTD7pxa8pETsSYQKOr1ErUzJKv5nYK7nL7CHID2JDcQ9XEC6DAH_9k7Tseah7HGbp_jiRQgdtqU0SslZqrbgAnQWtctKVvzPNDT-QNuSnkbEhXJmzbTSajAIyMwW6oG-nh7wEeZdaQOcXG3RJckHFYjjgwItMDK06EoeSsVeygU6eVaxM8WKXglv8g0zisAEt9qgi6YEkgUECAQYAZIFBAgFGASgBi6AB5S59IEEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgOQD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNTMxMDk5ODQyMzI4MzYyNBgA&sigh=wlW2Xg6ghaY&uach_m=[UACH]&cid=CAQSGwBygQiDa3Y8MTlX7_xEo085NQuvneC6OUr3vhgB&template_id=484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 13:56:54 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame BB43 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 08:22:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 54CE 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230530&jk=2260760942501833&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B05B 0
10 B 36ms
35ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yBUiRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 97D7 624 B
242 B 81ms
78ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUeSNJ2X-KT_HJ4jyqJNYHVabOlYg6x__tlo2gM-ILm9Aqe3HBdTgrKk7PT_cx11cJmMBlahtt3D42TyLDXUIZ1ql3bIhrmCGkbtQdZ5lnNJLISmRGPq6MEtxS2tOwP6qJjGTbtu6JpSF_ea_NJedhpEs-P9V08Lg5lZbK3iNBMpZ2ei3U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 978B 78 KB
27 KB 198ms
197ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 978B 3 KB
1 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:23:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 978B 19 KB
8 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 20:06:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 978B 0
0 45ms
43ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtXiL8tMZB2NxOo3bEzNb1j1d5OJ3E_dVkKFuWzAIkzEjCR45hjY5LkOaImFw-T4jxMGktZc2GKQ5Mlw8nU3HU7iIoZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 978B 171 KB
53 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 978B 42 B
63 B 73ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLkBLonKyEKcQzWNAtUzmirH6ZSTSFxJTiTkTvnWVGMeM9Wy7jaBBclTaQ2aPTugc2ctEIMsbpCiLCk8uTwOhzr3oaXd01h-9qHNhjd2YK33p4NeM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 978B 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6337455274575498788&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 97D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUeSNJ2X-KT_HJ4jyqJNYHVabOlYg6x__tlo2gM-ILm9Aqe3HBdTgrKk7PT_cx11cJmMBlahtt3D42TyLDXUIZ1ql3bIhrmCGkbtQdZ5lnNJLISmRGPq6MEtxS2tOwP6qJjGTbtu6JpSF_ea_NJedhpEs-P9V08Lg5lZbK3iNBMpZ2ei3U
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 97D7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHijpnbf7hcnoLXPjwjBXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUeSNJ2X-KT_HJ4jyqJNYHVabOlYg6x__tlo2gM-ILm9Aqe3HBdTgrKk7PT_cx11cJmMBlahtt3D42TyLDXUIZ1ql3bIhrmCGkbtQdZ5lnNJLISmRGPq6MEtxS2tOwP6qJjGTbtu6JpSF_ea_NJedhpEs-P9V08Lg5lZbK3iNBMpZ2ei3U
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOmpVbSTy-JZv3bpKTgJBag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 97D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxsmOvrfuUIu0rvkyWQ86E&google_cver=1

43 B
1 KB

36ms
36ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMxsmOvrfuUIu0rvkyWQ86E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUeSNJ2X-KT_HJ4jyqJNYHVabOlYg6x__tlo2gM-ILm9Aqe3HBdTgrKk7PT_cx11cJmMBlahtt3D42TyLDXUIZ1ql3bIhrmCGkbtQdZ5lnNJLISmRGPq6MEtxS2tOwP6qJjGTbtu6JpSF_ea_NJedhpEs-P9V08Lg5lZbK3iNBMpZ2ei3U

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:54 GMT
AN-X-Request-Uuid: 460974ee-dc40-4aef-aa3f-29d81199ec15
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMxsmOvrfuUIu0rvkyWQ86E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 97D7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

170 B
244 B

203ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Jun 2023 13:56:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e8a37888-c355-4b32-a431-405e40a50b8e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tabler.json Show response
api.simplesvg.com/ 487 B
975 B 292ms
21ms Fetch
application/json 2606:4700:3032::6815:242e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.simplesvg.com/tabler.json?icons=world-cog
Requested by: Host: parolla.app
URL: https://parolla.app/_nuxt/83e84aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:242e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23072cc3389d55d4c1ae15e937802d18ad5223b6c7704b7f25bd467312b210a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hydxao6I3OyY263vCsrwjR7VBLMbrI%2BRQxRSR2yW%2FBjykLBj8aKGe1kThh6RsDbzqNEF3%2B6aZX4HMXAH%2FvUEDTane6QbFq8PZsqXWBXT0YzxU4LgH8O9zqZj9AmGYf3sxZAPFNMbTdmqYt1If6Pmeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800, min-refresh=604800, immutable
cross-origin-resource-policy: cross-origin
cf-ray: 7d07f673aab0914c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
alt-svc: h3=":443"; ma=86400

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 978B 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2012899769282&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 978B 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2012899769282&version=m202301230201&ct=76&x=1&cor=6337455274575499000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 978B 85 KB
35 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDd3WXS_uferCasDbYTz83BnskgRFq17Jk7iWZ1WhLHHkMYrQxo6bMuNG-ozvSHxGVKZLROtS0VJVWOKPwgUtgNeKeWSlRoHyNOJB2UFcxTf_QCty0yOpW3xPb-_LDoYVxCXDVsIYvYJ21l36ZxQJYVopIRFpRrg2tv5RRnZEnei96h0I&dbm_d=AKAmf-BIB-_p_GgHCbCnACwdn22M50GPz3yBIQmjuKMS4kWZL9Y6-13GAbIyU_NnFWAITLhbaBuCowc5grh2ZTcbEMXksGB73Tn6LjQCz3IyQoPRRj0VGOMb41VQ2Q8KgQbY-wUwbMNviOYFNKkXYxG_0lpvAjyjafCOY2nzJu6AT1XAtpzVJ-Mq1rqUo_0hn2saZ_OJXtmTBZHVFKQKKC-VnHNAULWfvMw26-BaEB7JDfJRp0p9W-el_bcDFdGKd_zYAX3SbKfgJNJ4WgVOrbitriU6n5iweS9otgaiOxNkQ15GfEqL7Osm5ETgc_AT-3mZr3gAHsqENxSppLGGT1B9LTadFe5-Vid_SrNWn6iwQmyz-_Mq9N9PrlWbar3J29Anmk5e0DL8YfTRwhjyJyra2GGjfEXAiYbOnIN403HgYIpOXHbZTbrobnvTC5GV5c9uqNvPSZZph50BuhX-0lAOk0zX3Pdx7-WZmm7uBZh1EpX_mqRAtXZBd25GHhPi6Pe9X98TNddAxTCJO-ih_7RNSUvO6_fsTIRsyxHXER3b2M8h2xtncQvyv3_kMCPm5pl-9FzJ5W467tTXvxDZRcKRNRRqPPIS2a6JBs2v9Xm5qcPMELRf7QZ5QNqtC_-9VoXO3YP3-igFm1ufIKLhKTj9_y_e9L41PcZeovCuGzJn2halim8j6j1wXVVr9zgJifU0a8u8s9RMAjndx0IEKJtMqX8v8dH-JJFSQsAou0LBTAWVL676T1ejc8uJOiUrcmx-iY_UyzprhDLbc7R3gV3W2lwZx-F8uXvKUjuz-3L4AzcIuqBtj19dQvGaLD-nx7-0weuY8PUTbBpehj_YaViJgLupFFwdtgHz64IroUMkxbovGCrHnqNJvpVSZxFh8XLBhRrTretoe2hCQizSqk6KVrXAgqviKOl9gim1P9eQckQS3F_Ajw7h8hytCKan2WiUkGMpmNBr6N0DbG_iM3_LvP0MsBvZ82tyegS7vH1WGsA268hvBSfIVSYXTOwrhkF9fYTH4Ym6eysDhpGYsuosFkgQWDn2cOCDsx6bKs63XKCe2pzkvdKGpDGXdRZqpBYGClkKGtqSmrn00I4eI8C3mxYE0igUVHmavqJpOqgRwJmRw7NPlRrASP--YfglJD1XF6IKlIT5_2emHmUMPt6sd-UL4uuOoqkKPLw2GWHUkUZs1gZSou9RlWA-oV0Y_AhKvzx_whixbBqlKcyPHAsZOkTNkkl3hnyifa0jI4DQEE65ilIS_jvawo7my8NaRqot6RTdq7iolb6XVrCnS3wUqWtqsqHOzQnLnG11Gok7GxukaU-4rfelRGJrD4sBlOUmVJsVLeHfl1QGxwRLM5shV4Yyta0aEJTyVH2Mo88ABCIMljwacmA8-Dl3l9m5m_D_46eRHSt6-tj9ozCayo6l1BTr7rJE-R2RiCMHKe3x076k7D4gNvGFJUmW0Ja-g46OfWwef-BqYWo_XKJM520nYZ5qhUxyOjK_-i_nJrGaufGlW-NJ0_Yf9GDhHsviliQoDbruO0A6wIIs-xcOiVFj0wfGeLua88gNa9DMJ8daEBwemU1e6KkwNVgnaATcHOPYUL1tPxWl_lC3wZSmaCQKxd-ms5kkynNQjT3OxsviMLKrPu7374ChGyD5YnxRgINE_JRs8a4JqJiV2qp98eQob1PM3QFgumECpYGYkpXNBWG5hv2NX0MPNMLTKD8Ksk6J-vFpbMkT8aStkJm3a_B5-Hk_RkmWMRBUKIH30zygFH-wWv6z_dPLY3RYPd7I4CYH4eARTtLl4I9OCoypxee57Fe-jDiWIgsMMtflOwOcHIDK8xyG3CaJ00OM9Ic2qb2w0Txs5JdjyamaC-8iA2MHLaUsNzTMYq5dQhREaW1SEgk6LUjoyeFB55rVqZmUY0jELiNv9VuwGzBQK8W5ntOg1Nicl6IXAmj-_sFRCrB831ZlsDcNQUbhkH8PxaRTkpNEi6YGJgJLkimgVB39b_kpzNv2u5au3xmF2NN9sTuMSOS5e03Pi-DzTh1aS--RwjXmVi7theExNXbVYghPm1XY4mhaa7b8tFtsn3EjunScwR5lwY_rngpTYBHPm5ldDe7FKDOdTlbKQK-gxJAu0FGR4qseg7Dw151X_8pfOl7wUfmPEtE3SXp3pzxfrn2cRvCR7M9z8m-63pyZ22C3L7xbQtEm_JkG0zF5H3PJROG6N59SSYPRiqQYA5BUiyI96uteFQJaXbltpAH6dvYL-4_IC6vKxlrfFmpDmfopxAK9lPx1-PUYrdqvzxP_-a70d8bldE_V_3R-NQZ5kjfGihUduT94CaG5RjdfDNTGIXVbqMt4MYFjpE5Q8qRoy_oTBZ4PstTklbyY18zw_vY6bnBt6QGfqbHktgIoWLTi0NBSglRWI6ymPf-9xG3jXm_vB3vCykvRCe8LmEZb9ZQ9q7uxIRxAOJ5W_atPaJkfOnu2anR1yAJ8T_wdh0HeryZ8ih_15g2qgAchcmYY2QG-UAjqFy86gapHfJJYA7hkyn7V5HX3ZMR8auMCLcEd-0FMuUrr9RQkF5sUZr7V42yzpknOXsuvWbU1fV4mQKWEcN37sdqmIISm0O8vjqW7bVEwAk1orx_-kkl_hLTHIyAP7wtCmGuSmRRS6I6LrOKpMQS2KSZfRgdd2Mv6neItbndXJTwynJCwuD7pomiJs0cY98iMh8fxsn3HtaXQ8SzL_gRtXKHmCxm3yhrQaN9woHwx4UuCp0nHF4nTYYSMmw-fGwI1DoiesWOpI275z1FqGqZb3J78HESkvBiAKnUIPK8f6E59AZSj-OidEwmdrfeZv02-Zpl9Pe-bbaWBqjF1_a3f3_BF3OGIKBR_4jIQmTc0SD8mY1FBTLAnIl_Cy3UuaFxpgcsOAA_NeVPCoR_i3f3gMJKzs8oX5LRf7JGNuJjyKdHiNYqyqROKEAjq_zDFpK7pFZ-uucWp3A0oafAri8L8LWlD9FG-3rAAM6rZVO3JNtIbj6pc9hN5yaswauoeH1qYSBmI-Bt6VRbQf3XypWTqLdFjEj5Qm5Ku1Rgotpdqm224tX_1V7TfsaPnmpCNu9JBCdyyv16zS1l7rLuYfvw5jWpYnqnAk5EVvQ4WQiGGeLXCE0dQDXe-B6jnKVp9eRZf1ZULFvffJhqaNvMIwv4wnLwuTlvYhMcXaCEE_l5CJWU730lqxfnMqbD2P4d6DxEb1RrKMWIh2IWzulVf7DMxE-KNkiZ587Z6w5ywuvACOVCr3aktb2O9aPySSihtdy6ppSD9YiyVjTdW1py-OWba2dtxGG-jrrgr5XXvE1QS1nr5trDoqTlGeyu-dq1bJd5PdrRThXv2i5MZQQ2QjLxm1KrB90lPIf3xg7gemVvDy1kpcJMQ3ADKzfUycF1uqBPJQMBtmTbv6Rbh2phPenvyewjhESyyNYDiK_v0FXnjgrvCqGWTwjvy&cid=CAQSOwBygQiDWaO16cq5ezw16UwK3rOZjCbAzEryYZ8d-uhdX8R7bdnrZbwD3wmv2XlCF12ZcUh1t7q-mWYaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fparolla.app%2F&ds=l&xdt=1&iif=1&cor=6337455274575499000&adk=497053795&idt=206&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c349961a78c867928a30d3b1b41b4bbfc399a198e21775197f6a0835e393f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 978B 172 KB
61 KB 143ms
38ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 10:17:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 978B 11 KB
4 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDd3WXS_uferCasDbYTz83BnskgRFq17Jk7iWZ1WhLHHkMYrQxo6bMuNG-ozvSHxGVKZLROtS0VJVWOKPwgUtgNeKeWSlRoHyNOJB2UFcxTf_QCty0yOpW3xPb-_LDoYVxCXDVsIYvYJ21l36ZxQJYVopIRFpRrg2tv5RRnZEnei96h0I&dbm_d=AKAmf-BIB-_p_GgHCbCnACwdn22M50GPz3yBIQmjuKMS4kWZL9Y6-13GAbIyU_NnFWAITLhbaBuCowc5grh2ZTcbEMXksGB73Tn6LjQCz3IyQoPRRj0VGOMb41VQ2Q8KgQbY-wUwbMNviOYFNKkXYxG_0lpvAjyjafCOY2nzJu6AT1XAtpzVJ-Mq1rqUo_0hn2saZ_OJXtmTBZHVFKQKKC-VnHNAULWfvMw26-BaEB7JDfJRp0p9W-el_bcDFdGKd_zYAX3SbKfgJNJ4WgVOrbitriU6n5iweS9otgaiOxNkQ15GfEqL7Osm5ETgc_AT-3mZr3gAHsqENxSppLGGT1B9LTadFe5-Vid_SrNWn6iwQmyz-_Mq9N9PrlWbar3J29Anmk5e0DL8YfTRwhjyJyra2GGjfEXAiYbOnIN403HgYIpOXHbZTbrobnvTC5GV5c9uqNvPSZZph50BuhX-0lAOk0zX3Pdx7-WZmm7uBZh1EpX_mqRAtXZBd25GHhPi6Pe9X98TNddAxTCJO-ih_7RNSUvO6_fsTIRsyxHXER3b2M8h2xtncQvyv3_kMCPm5pl-9FzJ5W467tTXvxDZRcKRNRRqPPIS2a6JBs2v9Xm5qcPMELRf7QZ5QNqtC_-9VoXO3YP3-igFm1ufIKLhKTj9_y_e9L41PcZeovCuGzJn2halim8j6j1wXVVr9zgJifU0a8u8s9RMAjndx0IEKJtMqX8v8dH-JJFSQsAou0LBTAWVL676T1ejc8uJOiUrcmx-iY_UyzprhDLbc7R3gV3W2lwZx-F8uXvKUjuz-3L4AzcIuqBtj19dQvGaLD-nx7-0weuY8PUTbBpehj_YaViJgLupFFwdtgHz64IroUMkxbovGCrHnqNJvpVSZxFh8XLBhRrTretoe2hCQizSqk6KVrXAgqviKOl9gim1P9eQckQS3F_Ajw7h8hytCKan2WiUkGMpmNBr6N0DbG_iM3_LvP0MsBvZ82tyegS7vH1WGsA268hvBSfIVSYXTOwrhkF9fYTH4Ym6eysDhpGYsuosFkgQWDn2cOCDsx6bKs63XKCe2pzkvdKGpDGXdRZqpBYGClkKGtqSmrn00I4eI8C3mxYE0igUVHmavqJpOqgRwJmRw7NPlRrASP--YfglJD1XF6IKlIT5_2emHmUMPt6sd-UL4uuOoqkKPLw2GWHUkUZs1gZSou9RlWA-oV0Y_AhKvzx_whixbBqlKcyPHAsZOkTNkkl3hnyifa0jI4DQEE65ilIS_jvawo7my8NaRqot6RTdq7iolb6XVrCnS3wUqWtqsqHOzQnLnG11Gok7GxukaU-4rfelRGJrD4sBlOUmVJsVLeHfl1QGxwRLM5shV4Yyta0aEJTyVH2Mo88ABCIMljwacmA8-Dl3l9m5m_D_46eRHSt6-tj9ozCayo6l1BTr7rJE-R2RiCMHKe3x076k7D4gNvGFJUmW0Ja-g46OfWwef-BqYWo_XKJM520nYZ5qhUxyOjK_-i_nJrGaufGlW-NJ0_Yf9GDhHsviliQoDbruO0A6wIIs-xcOiVFj0wfGeLua88gNa9DMJ8daEBwemU1e6KkwNVgnaATcHOPYUL1tPxWl_lC3wZSmaCQKxd-ms5kkynNQjT3OxsviMLKrPu7374ChGyD5YnxRgINE_JRs8a4JqJiV2qp98eQob1PM3QFgumECpYGYkpXNBWG5hv2NX0MPNMLTKD8Ksk6J-vFpbMkT8aStkJm3a_B5-Hk_RkmWMRBUKIH30zygFH-wWv6z_dPLY3RYPd7I4CYH4eARTtLl4I9OCoypxee57Fe-jDiWIgsMMtflOwOcHIDK8xyG3CaJ00OM9Ic2qb2w0Txs5JdjyamaC-8iA2MHLaUsNzTMYq5dQhREaW1SEgk6LUjoyeFB55rVqZmUY0jELiNv9VuwGzBQK8W5ntOg1Nicl6IXAmj-_sFRCrB831ZlsDcNQUbhkH8PxaRTkpNEi6YGJgJLkimgVB39b_kpzNv2u5au3xmF2NN9sTuMSOS5e03Pi-DzTh1aS--RwjXmVi7theExNXbVYghPm1XY4mhaa7b8tFtsn3EjunScwR5lwY_rngpTYBHPm5ldDe7FKDOdTlbKQK-gxJAu0FGR4qseg7Dw151X_8pfOl7wUfmPEtE3SXp3pzxfrn2cRvCR7M9z8m-63pyZ22C3L7xbQtEm_JkG0zF5H3PJROG6N59SSYPRiqQYA5BUiyI96uteFQJaXbltpAH6dvYL-4_IC6vKxlrfFmpDmfopxAK9lPx1-PUYrdqvzxP_-a70d8bldE_V_3R-NQZ5kjfGihUduT94CaG5RjdfDNTGIXVbqMt4MYFjpE5Q8qRoy_oTBZ4PstTklbyY18zw_vY6bnBt6QGfqbHktgIoWLTi0NBSglRWI6ymPf-9xG3jXm_vB3vCykvRCe8LmEZb9ZQ9q7uxIRxAOJ5W_atPaJkfOnu2anR1yAJ8T_wdh0HeryZ8ih_15g2qgAchcmYY2QG-UAjqFy86gapHfJJYA7hkyn7V5HX3ZMR8auMCLcEd-0FMuUrr9RQkF5sUZr7V42yzpknOXsuvWbU1fV4mQKWEcN37sdqmIISm0O8vjqW7bVEwAk1orx_-kkl_hLTHIyAP7wtCmGuSmRRS6I6LrOKpMQS2KSZfRgdd2Mv6neItbndXJTwynJCwuD7pomiJs0cY98iMh8fxsn3HtaXQ8SzL_gRtXKHmCxm3yhrQaN9woHwx4UuCp0nHF4nTYYSMmw-fGwI1DoiesWOpI275z1FqGqZb3J78HESkvBiAKnUIPK8f6E59AZSj-OidEwmdrfeZv02-Zpl9Pe-bbaWBqjF1_a3f3_BF3OGIKBR_4jIQmTc0SD8mY1FBTLAnIl_Cy3UuaFxpgcsOAA_NeVPCoR_i3f3gMJKzs8oX5LRf7JGNuJjyKdHiNYqyqROKEAjq_zDFpK7pFZ-uucWp3A0oafAri8L8LWlD9FG-3rAAM6rZVO3JNtIbj6pc9hN5yaswauoeH1qYSBmI-Bt6VRbQf3XypWTqLdFjEj5Qm5Ku1Rgotpdqm224tX_1V7TfsaPnmpCNu9JBCdyyv16zS1l7rLuYfvw5jWpYnqnAk5EVvQ4WQiGGeLXCE0dQDXe-B6jnKVp9eRZf1ZULFvffJhqaNvMIwv4wnLwuTlvYhMcXaCEE_l5CJWU730lqxfnMqbD2P4d6DxEb1RrKMWIh2IWzulVf7DMxE-KNkiZ587Z6w5ywuvACOVCr3aktb2O9aPySSihtdy6ppSD9YiyVjTdW1py-OWba2dtxGG-jrrgr5XXvE1QS1nr5trDoqTlGeyu-dq1bJd5PdrRThXv2i5MZQQ2QjLxm1KrB90lPIf3xg7gemVvDy1kpcJMQ3ADKzfUycF1uqBPJQMBtmTbv6Rbh2phPenvyewjhESyyNYDiK_v0FXnjgrvCqGWTwjvy&cid=CAQSOwBygQiDWaO16cq5ezw16UwK3rOZjCbAzEryYZ8d-uhdX8R7bdnrZbwD3wmv2XlCF12ZcUh1t7q-mWYaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fparolla.app%2F&ds=l&xdt=1&iif=1&cor=6337455274575499000&adk=497053795&idt=206&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 978B 29 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 13:57:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 978B 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 20:07:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 537E 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
etag: 48472445140208031
expires: Thu, 01 Jun 2023 20:07:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 978B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc3e699b08befa12f361de73fb69431e6f362db974d762af6d71338602fe78da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09FB 22 KB
8 KB 38ms
36ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 537E 35 B
466 B 61ms
12ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBf42eHvpgzAC_BVk4HLcXM&google_cver=1&google_push=ATf1kGPKHAoa0wMdmSW3MVMNqRQnav-NbHSd3Own_jNRTp1MalWqffJgqDF7WBF4nOOUGRyoQkEkBd7h5ObUb3NH--K5BsMlsxkxnQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 537E 0
105 B 111ms
24ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGIg5kqGPt2LFH2nsrE0nk0&google_cver=1&google_push=ATf1kGPOBNeM5lMk8U9YsTV_wLBkPkfySy5HMFNovd_c0BkyBjQs4PtDZj0HHdOicjNB2tJ-ChvK04RVcaWhnb5IDIzNjoXPBb1O5w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 537E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMO-jjtcacpyWSdK8o1iNjc&google_push=ATf1kGNs__KDbV-dJJ66zy-rK9-ViYnsUxsxMBLtvwqOmVriyywUq0KaU4...

170 B
188 B

55ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMO-jjtcacpyWSdK8o1iNjc&google_push=ATf1kGNs__KDbV-dJJ66zy-rK9-ViYnsUxsxMBLtvwqOmVriyywUq0KaU4Q1y37JN33WJqB44EnbUC0u1k9iuERcaUY__ZopcbS7

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230071-FRA
pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1685627815.977649,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMO-jjtcacpyWSdK8o1iNjc&google_push=ATf1kGNs__KDbV-dJJ66zy-rK9-ViYnsUxsxMBLtvwqOmVriyywUq0KaU4Q1y37JN33WJqB44EnbUC0u1k9iuERcaUY__ZopcbS7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 537E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECYPVWcYwE_qmZ_ozu6W8KA&google_cver=1&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6JQE8TmBaqLfegaQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6JQE8TmBaqLfegaQ

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Jun 2023 13:56:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMRgqcP5UvOWuNLtgFuWz20TcLky3XUjr97nlWO1Nndef9FWO77n4zYqdPZyn_YjrzQDA0BJiLLrZnyCJ6JQE8TmBaqLfegaQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 13:56:55 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 537E 70 B
266 B 119ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKKtyf532WhU5c8p8zUxlO8&google_cver=1&google_push=ATf1kGOz9FhyWzTVx2nqvpM6TJExjFP1BequL3A-hoz2wgBp-2-F22rqdPenxDccCn2jhb2jKOhj6YAZ1mKsICwge48DXgaNE8eU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=2717771834&adk=548449593&adf=3932637098&pi=t.ma~as.2717771834&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=8&bdt=1485&idt=-M&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TcpdA1pOVb&p=https%3A//parolla.app&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 537E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECRBt0yY6hgwxACxZlkmqsw&google_cver=1&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Y...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Yd6c0q0Q&google_hm=eS1uQ0d1ZjlkRTJwSFNf...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Yd6c0q0Q&google_hm=eS1uQ0d1ZjlkRTJwSFNfLjRLeU5jM28wYWRfRXZQNzEwUH5B

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Jun 2023 13:56:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOXgX92ZpKeL_guMxy7pjDV6-MPdqmGc64cUFi-p_sY_RRWlnD6NYbay0NznQQN8AP77tI6GaCyYKcr39Hb8gydr1Yd6c0q0Q&google_hm=eS1uQ0d1ZjlkRTJwSFNfLjRLeU5jM28wYWRfRXZQNzEwUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 537E
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDHVsnFxcsQozuQzEH6wu88&google_cver=1&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh3_5_KqW8PCBIg8C-RsO--FNkRXyw3VUe21b8s&google_hm=...

170 B
188 B

57ms
56ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh3_5_KqW8PCBIg8C-RsO--FNkRXyw3VUe21b8s&google_hm=KtU_w3UNSs2pzqTbwqlGNpI

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGNAOH13W0lii2Ocj5f7RlOayu-taCIUE3y7CX7XxyOghKku5Wf6v21BLCsWCh3_5_KqW8PCBIg8C-RsO--FNkRXyw3VUe21b8s&google_hm=KtU_w3UNSs2pzqTbwqlGNpI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 537E 0
51 B 51ms
50ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgPkWyPecqMTCJf_zPA-BDoGE6NyPP9Cdv5Bp9PLnorUkXCMaOWdM1dt5VieNDn3Ao0p-CFg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6632 624 B
242 B 80ms
78ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM2ioeMBMAE&v=APEucNWvg258nD4BrHeaOtm9IP2V5wrfOtLjVEwWTVkGnn0KXY4ezDGFyES2N-H8B7XXDjBC7Q2VjnfuMK86Bv1v6ecE7SJAbt7zmDB-jSr1lelZIg2AGqSEeK3kWOh31PJHXMSYA_fh5xq_N6q7Gpsj8yvVhWTvp0KMJK5l52I-8znHIsbp2fM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AE1A 78 KB
27 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:55 GMT

GET
H2 200 loader.js Show response
video.seenthis.se/public/tag-loader/2/ Frame AE1A 29 KB
8 KB 1316ms
18ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/public/tag-loader/2/loader.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

256a361ec392ca14cfc4694a06179f162e82bca34a5c27388f549a91869b0258

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: mwGKvB0uL8a8G3WCtP7S5fQ0WyRW8J9k
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 01 Jun 2023 13:56:56 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: AR5DYA6CTEJNWPSK
age: 2427628
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
content-length: 7400
x-amz-id-2: ipwZAQkEQ+f/xQh9JA9Bdk7hMrXB04BdBDEJXsMz1ANGm9H4KpGyO3FXa+Qz/F/MmHO2Yanh5mI=
x-served-by: cache-lcy-eglc8600036-LCY, cache-fra-eddf8230101-FRA
last-modified: Wed, 15 Jun 2022 08:10:32 GMT
server: AmazonS3
x-timer: S1685627816.269484,VS0,VE0
etag: "cca2e355750cfcb1433827b134974a8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 19, 25520

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame AE1A 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:23:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame AE1A 19 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 20:06:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AE1A 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW7J1f_6TJ7KnmuYwgzWCPeOdg1_SJyjx0dDjjKc76g1PTmxRlZnYZhnD9XtmkVc7pXul2Kv0V9c20DwF7Ty4Ll8Zqqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE1A 171 KB
53 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1A 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlHSRLhVfEUf058M0cEhedMcYKMC6GRjl5YouLJhEGsp5IqnZHDlHYbO_2rXgT7HWknYtn5FN4HjZ6eJ49U1hAM_E4SLuFCwVAMj6eaDXVF79hAKk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1A 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3509554957885096298&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 09FB 37 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 08:22:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230530&jk=2260760942501833&bg=!ycqlyp7NAAZu7ficTu07ADkAdvg8Wiuh6tq14uWsUpGPJuAVGldxQiMdywFDG8lfH5phZoMWZfWyy6dY5PjQeCn8Og-hqSjXACMCAAABUVIAAAADaAEHCgAIOiDGRyMd-a-ZAs_3ezq1qCmMjdeszXnYq3-iajV47SFdHZ1ujC6kyfBjMqco3L50XLZSLRJk5hUA4-L8fXlp-WC7xgFW9KUzWw3lwjIhGfPruXD_qt2sLwuraMrxA6-9Q-BgkIF0QxYbLtMlsN1zWXs41IsCy2KbfTU88fLeKkjNfDr1OeVRRnPXnFzZTBvr3yKMoq8u8TZl75yjCDWopEBL408nGVZXJLoT5vAHKpzeaZ1htgdwVtnR1fmZpvK91zrxxK09IBu4r8pf12zkdGtAaXNFYWp5qkRK10A32UNk00Cs5cNRKYldSeByzQLv0QErdOrr4MvmcaID826oFKemHkD78M-4ph4dk-jo4K66Un9qqBHcrx_i8Ur_CsZ4r7AwTTAMWYLEKjinTKZFka3XJY7X5dH19uOTcuiW8CUm6xN6of7yAI4BuaAw0GTEYDp7JDJH9JGKl1WKsOM1J2VbVXK89Nj3mgcPxJawXxHV_7lp1ZcGpEvnpMOHQPnZn1HwNcwY8myB4_7hoNaJca5wN5l72Pt5mUoPe6poAwRrhdMPM1YCaVQYoNxLtRbNk0kO5ncXs_MbvCRVoJ66MvVPWFt3m0v2skApAWjuYCRjBVb3wGtlIu4m13LE5fxW9uVuBj73xpviaCKwu1OCVCc9jwnlJjVORDniMZ7Hm8ZCOn6V0TY78XQXBfd4lJ2vbU_IX0P1bEuYF65pEBZ5er-xVGjXH-Dq0OIyL-zp2APNS4G3uogoPuJ2ENGEw0zOg3eoPdSMTZzPOp1ndkpkMqWzJAy07R8x2N1f-AqSK6fJMvE0e9kgBvSQOFIbaoQRBJDPI9BN0IVsbcbRPG-HggpobxFq6WMRT0zvK1wzrx7HxPXeTCPNGMjfUtXWuw0b1rrYmzbRqJ6gQoqBgfvt2iLfQbgm66weAj3_CXqu_JYkG4jwPUHzNO8fW69Z8jPEq0CQMvAe2npZBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6632
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM2ioeMBMAE&v=APEucNWvg258nD4BrHeaOtm9IP2V5wrfOtLjVEwWTVkGnn0KXY4ezDGFyES2N-H8B7XXDjBC7Q2VjnfuMK86Bv1v6ecE7SJAbt7zmDB-jSr1lelZIg2AGqSEeK3kWOh31PJHXMSYA_fh5xq_N6q7Gpsj8yvVhWTvp0KMJK5l52I-8znHIsbp2fM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6632
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHijpnbf7hcnoLXPjwjBXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM2ioeMBMAE&v=APEucNWvg258nD4BrHeaOtm9IP2V5wrfOtLjVEwWTVkGnn0KXY4ezDGFyES2N-H8B7XXDjBC7Q2VjnfuMK86Bv1v6ecE7SJAbt7zmDB-jSr1lelZIg2AGqSEeK3kWOh31PJHXMSYA_fh5xq_N6q7Gpsj8yvVhWTvp0KMJK5l52I-8znHIsbp2fM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6gsD38UuQEiX5uhXw_NyM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6632
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMicVMZWGnKSJsphG9HF1Zw&google_cver=1

43 B
1 KB

9ms
8ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMicVMZWGnKSJsphG9HF1Zw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM2ioeMBMAE&v=APEucNWvg258nD4BrHeaOtm9IP2V5wrfOtLjVEwWTVkGnn0KXY4ezDGFyES2N-H8B7XXDjBC7Q2VjnfuMK86Bv1v6ecE7SJAbt7zmDB-jSr1lelZIg2AGqSEeK3kWOh31PJHXMSYA_fh5xq_N6q7Gpsj8yvVhWTvp0KMJK5l52I-8znHIsbp2fM

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:55 GMT
AN-X-Request-Uuid: 20454bac-48dd-4486-888c-024c351fc2bb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMicVMZWGnKSJsphG9HF1Zw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6632
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Jun 2023 13:56:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dda8ad47-371c-477d-b791-871a7f45d092
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU3ODc5MjExMjg3MDMxNjM0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1A 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=283947482185&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1A 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=283947482185&version=m202301230201&ct=77&x=1&cor=3509554957885096400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AE1A 15 KB
11 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmsGM-o248k4AiY2MsVC81uq5_QtjJhUpvqRTr11WQszPD97wI_-D_IHi0Vg2f8pvc4D0v-Hd42tMLnkSk6dg0xLNAUJmFFReTmQGwh9oQpYpIkBfQaZU_woeMBdI1A8eljA6hBGhFxLOI-NWyVcfzmBQ2nWbMKtwuQiNcRryX-AItdR4&cry=1&dbm_d=AKAmf-CEf4VtL1GuBuuR4GUWP5UtG1UENnftkoQliJrrGWY_uQ0po8yeFWdRMxfcsul8V__5BSlX7OzGbBDVwPBpU5RWn5eRhAvDMPa0H0WNQcESaJq37VxX-6K_LHL-05B24aFWhKfnfydoIhdG8FF4gXSYjHxT9LYH236rJmczaF2CBB53iaikfgOfGhnDPos3KqFWhAZfVHpETXV7trncFRRFuq9GQdNO65ZSsYRsYUeqDv8tOM5yNIQeYBfT96m3UJpaVuQfGXCDuFg7LdMWjOw6bb3pBHpz_2gPvV7kHXCi6_ftoNFpa6mJkPgLZa2NeXae_77ejTmQSeJnGFx1xZAyBXUDPjnVUfnN3DmYq4HVvqIGIH5YjY907xxaWZMYmtWRGmYh2FI0v5JuOrW8m606M3PhboOJs4A2O_xVeIaR3Leqan7GAhHPG8l0zsKXA0eKwd4bHX_esF_sY801S7phP-_dNwplDvw7TBiEkI6qN8LQZN7Ei_4nLoVwMN9ifVLsQPzhXjBlIT7i-gDXova2xOvaK2Bm40_43tYT5BUmf8Ze2iEAaJPoZZvCJyyDCFvgmDDr1G25AS215SSz5gx88lbgsCukUZgpdJa2eW5JtDHYycE_Q6rBMoLxysuRFD0_0F2glerXOq7XX8bDtOVPtLn9IXByed3gGMNr7P9-h72v8lctQolBqiQsNijIk7H2jDsOsSm2LQ7vQ75FkqQ8Xxy7poqJxBRFfZ-N0tm6rgKeusDmPgw39FDyC076bB4IEeH0YZLbc5n4kpxq0yJgDUuanSoCSiF6HW1ip-TJgjWHVU_hAHtaej61PUC2oFD9hdPpwXeiuWdkz-KAzDYYtV24eaFFI__Xz6oOXN2G0KLtuUBQjLTOa_Ndg4qgg7FZQ72i1FAOggvzugjRiUvuTS3e8YWCLZQ1mQ0Mqp90vWlu1uf-3WvamoveFDJ-3uu9wzFw3I4iIgetL8j2OpszweEWUz8_xN4GWd5mYNxvwJHHw9clAM6Gogs94XYQIgENGbj2x372RbaamDQpM5naFW1bMoxmYXSYx3J3c6yyqQTjrZjPkAhjPws9NK0GCMIBvW0wh7pLYG9fZyEiwZoq8U2jsIy14UOgl5toFg2TGTaPROkc78sjhnL7K2KKBtfrxLsr3BykFwc_2-iq6g3JDfA9EM71A57ArItSs3_mmqcCIdLT1QxJo5Pk_8d1CHBDVSzoCBna-TLkyyd4VTXmJ_6R5NepW1xeqtx9vrAH3_BBxMqo53-4KfghVDF2ZY6ZTQTlM6aCG-gbKddSPC0MsEq_rZiXmqNJ5_Ak9OVteaFaaU3lVQ4_jF1ETB4CZpO0T3ZAfQxla1Y9_otYIcf8yfMk1h19o7ddJ0YnMXieShHjhb4SyT13xsUn59_c2RkUzVAnE72VPOqhcNcZGcWZQT8y8B0ZMV5DZvmpIXtYsT_67kBdJtU5UEL8QfQFkcJRSjBjaI-XlzeR6HPaU9s842pbdk9giGlUt7oeLxMqQoHO3OPSIrtAK3IgZrDAZNY_0avQVNLkmiNAeiH5w4cBtSAkZtUjlYhmjaIlSXCbpeQDzzdYo8LsMNmWj1wqEKPlKi-b41oYTWTngBXWHPlK8I8etouuhGpmh77u7zYbByOLVlRnNiWRleh_ClQWizXdTtVdC5qkCo9X7TN8qwa7dHFevvfktJEQwRxCkGX5PvIlX5I4G_44CZbST50L8U7OwJkUTfyOJTZjmPr2Uk6w2_P9TJYhIpA0u-mRMINXcD7avXaHakX9sw0XHnAUa0ouKe07cDgiLsgD9jsYPyYYZV9B73XOQxQCPHaioHVoIV4h30AgnFjwpOc-d60t9mO6_KpKXDIH2sRlwQ7XsK03EutWaakg6FsLriAGi3Ride6_zSMIy_HbQOd3jSIwXec75lsvJ2MlIJUx7ozG-5WX1rjX73zAEzsVEYJ4n-ILfxYnqy_I0jtjozQAQ68Mn9VJJCgs86NbbZdm9RUzZ88X_rkGACQE6Dj_8BX8gIl7yGy_gIkaXxLVZ1LLy_ZEyZ3loZLX-pGYmqMs3WtSrP45CIM-nNYf0bp2Znenba3L5PohkMP4g2lC_G1sNgMT41p_QQD9K-47ja-VDprKS_eIEZUgJDc9ng8tDc8t-5jiaLtZMT7zRU_Z1mJ6cJPQ8MU95qPk0i7hnW2A3BZWaEY0TfUUX-rjGJ3eHf4YQ_gDAzdEz9BW9cPCqaZUBBWmtge4naGFzN4VSXrXAfyqC5IGTTrvSUSkTFdMOFbXix2gQIVQTJFOtyNcRODMTTnSdNdN70cymop6s8Q9AFayKpS5p4W3u_TxIDwGCkWWT5MS5flYg-xxnNMIJUM6sX8OJUjTkHznXLc5xfVaz6YT9CIROwzwajjWJqyl3dd1Da0o7vyQPVwFGdMlhDCJap3o4z5vspj_Kd3pBdrQGyF5WFuKcl3sW5BXh8hj233z6mJZM4dFw2cq-2okaYAbIbn6Fm9De_h4IHQymkAnuhqlghE7qW-YoOFnde4BbCaqviKCyuRP-S4yXcXuyxf1lFW9yNKQpaSRMGGTHREYPMidAeThO_biEFwu4zb1NsG1f8JT-0583Hnaaic43DFqnZgbd3QtC_fC5GLbbCAVmSdmVHoJj5JeB0Hs-tM7lQ3a7SftVPlNpzElSMqo5FPEagiUTzgrAtQP3cJ_xDUEWDsVxxmkHcAyNrqE-vm-AZr9RORKcGcl8tXNGvH9AJGgwoVN2InzMEo92iWb_CXpO5RukGLDzhEHhWEWp74sR4XUvXEHYl2dCHP4f_P_FtA-uulSaOF7r-xDGn-7lCIbOIPDCGT8wIxdKbC3_s6uangWajdC1lA2QCgIcPPUaFjRgPDJ1pO-e3lzgrJn3RCTYHm37096i3j2xxHUuSbN85kdu-LNUVwH0Sswe5XONsJ_KDIGquzzOxNKUlTivDb3ZiSs_5fC5mH-1uSVpADdOyrC-xOBoAiTAduzjDJCuVnMi146dn3nSxd7wQkxYG_LYdg_50zyWtUOE3ymMxdc2o7Nvg98u5_spMPEMHgATaCWzji9mz3krInGavIa8pfPke907-eXCscJCm3dzcsst4SVUQc_Rlw8pwXb-mbEXky10EVMzb9CG8ZTeyT6iErP3hKYRMRtL8epp_lu9mp4aIJ3CjihGh1XQK4gQCQCBGD9DpfHHzm9Ah5Nmi2dziXsr8MNCyGLKx3ez00IpunHh_oKSWm-uPIQs7GFLSukqOrEF6jZlyazEztHlp5M-49XFxQxINw8HvMLQfHzC5EVkFgbdF_zDQDWpVE&cid=CAQSPgBygQiDQGNp5rslFEFaKbItaGFGa_Se18Huk3OuAlqZjw5G59DqM3TWrXzJRJadbnESegXbd5NNIxB1xxkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fparolla.app%2F&ds=l&xdt=1&iif=1&cor=3509554957885096400&adk=1761367587&idt=104&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70737b15564069d6c1d10a545a93ab8092a416ba2177b2c44806061ce49e0bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5310998423283624&output=html&h=250&slotname=8500032812&adk=3431267658&adf=690181397&pi=t.ma~as.8500032812&w=320&fwrn=4&fwrnh=100&lmt=1685627813&rafmt=1&format=320x250&url=https%3A%2F%2Fparolla.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685627813904&bpp=1&bdt=1484&idt=0&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ed538c54a254ff7-22113873fbdd0062%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA&gpic=UID%3D00000c2abd8c34f0%3AT%3D1685627813%3ART%3D1685627813%3AS%3DALNI_MahC8ugy3e3LaeoF123aSpktXYVDg&prev_fmts=0x0%2C1005x124%2C320x250&nras=2&correlator=7824474476591&frm=20&pv=1&ga_vid=539784636.1685627813&ga_sid=1685627813&ga_hid=41615808&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074967%2C44788441%2C44793498&oid=2&pvsid=2260760942501833&tmod=449628969&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=oV0MZ28rXU&p=https%3A//parolla.app&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11934569601524222564/ Frame A7F8 13 KB
3 KB 132ms
55ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2688
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 13:56:55 GMT
expires: Fri, 31 May 2024 13:56:55 GMT
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 978B 0
0 1435ms
88ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIqHL8k9A8UXwB8gEzJvN8KSnntV6LoIS3cdT3t8H8SYWNN3nLiVvs2LeTNucTUW46WxiP0J9BMyhv5SIEjhFVzk0EbScbqTn1jhjdMP9ttW_x9skYEILBUCetoEWPov7rqzuEsxs9v578tP-FEUbDrUJJZ3llo6XlofBij7wTa5_6ej9ySu9A6o_4r5fTOc7j31_9fVd-XFZWQ9gUyY-n9efh-Odz3OFzMkp4DXRVmZADDBMOr4gchTjnOYNOVc3Vy5mG88_9MKmN7uHl7n0mgMyXcidyVEcjBm2hqdmGe1mJtDC-uI4CiY4TBENmTqEUFx0CXBJi7tY5DRn9YNXFGg6kgXHJA0D5B1qKlV4ijSEz-9Xy0U2_hFs97Gk7KKxvB8i2j55uM-bUHra_bxptUs8opn-wC6XvdP4cVsYF42OKX-uU5yUrMhC7DvH9U1lCS-em4Z1PUGUyGAJduNF5pfdI0oPzACVqz2_FTgygYXb8wM1TrPbZw4pUrR1HYkb-SGJRadNJbHRkmtnAMieUwNZfIXJYkl4IzVswcXnh4lXch-en7ARaigtM_dLkwPpMI92H-wgT44eY06z0m44TUcX3WczFWLMeOJ-wKX4E3mR-gJn6yEymU6J1Zh-Xn1BiUDsiNHicaUei1ij7xADs_RRtGr1WsQLm4okV6G-Dp6TO5WiiHW4hLyXeLKSBZuJ-X3CoOWBnEjnb2g6YzkB-_JXqs-6FSsSXx__4qALY3pq0y-Bi2Sm0E-GMT5G3IG3IqS20B3C9PFB-KlG-xY-b8kg7THGWoYScCQRi9Zm4KzjovUEM4PVo0RM027wdTIkhLteuiPiq3pRRMctu6paDaRp69N9yEWT0tC6uip6aHE7ilBuDWDEoCjpwOHM4Ubp7wLZaQPq9knSyRIfhT2uLBMUhnq8_8DksILU2ldf_cB3vsNwXLKekrL7qi8ZpegypxlC4mZ_adQcMabXxszOMIf0Sf8orDA2x3jtgjI6YVppRB7RAnXKHEJIXlwZ0DLLLyjTJH91Fa_dFwNrphiv-djlDBU0ek-NJ6dTEhR7N5ykReXQf12ZkI5_1jmIMmhv6QYJUPoHjndQdouI1UE6y4rW5k1bh2QX229FxfZ3Ezzafuf0xuPRLobm8aDLoIy4O9WDZxha5zXtF7DwGz98I3h_-BPcPzxhIJCMGSzzZ48OT-RA79ZIfFp8SWk_NMxqkCxLhjVFRWqOJkeOVdvgcwSdYCAIU2N9x_-3nioNsNLCAkcW9&sai=AMfl-YRGJAq0fMcr6uTEsqi8538lEJRVHSSml-yW191HYXuIU4itHVvPpebNnMDECZzNdtix1xuxLy1D_FHB-20fKT0732Pl9nNo6AJOYiax_lu7s7VKvwBrAVmWyfuAhENCCCuMB1HydzVszXAjAp-BwfFj2CQx_eDO93NEpMiPH2eSYr48ZGh6JSKsrHrMyB6HrHyTbTYA-OJu_5bBqmpqIn7FmUSEqTFu7fUcKCIkasxpD40FevdlyV8qXC9XZC3FAVhPS8W48WwTphh7zSDsUK4D8VoWXw&sig=Cg0ArKJSzJskKsBw7rVdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=257&cisv=r20230530.59431&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Jun 2023 13:56:56 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:56:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AE1A 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmsGM-o248k4AiY2MsVC81uq5_QtjJhUpvqRTr11WQszPD97wI_-D_IHi0Vg2f8pvc4D0v-Hd42tMLnkSk6dg0xLNAUJmFFReTmQGwh9oQpYpIkBfQaZU_woeMBdI1A8eljA6hBGhFxLOI-NWyVcfzmBQ2nWbMKtwuQiNcRryX-AItdR4&cry=1&dbm_d=AKAmf-CEf4VtL1GuBuuR4GUWP5UtG1UENnftkoQliJrrGWY_uQ0po8yeFWdRMxfcsul8V__5BSlX7OzGbBDVwPBpU5RWn5eRhAvDMPa0H0WNQcESaJq37VxX-6K_LHL-05B24aFWhKfnfydoIhdG8FF4gXSYjHxT9LYH236rJmczaF2CBB53iaikfgOfGhnDPos3KqFWhAZfVHpETXV7trncFRRFuq9GQdNO65ZSsYRsYUeqDv8tOM5yNIQeYBfT96m3UJpaVuQfGXCDuFg7LdMWjOw6bb3pBHpz_2gPvV7kHXCi6_ftoNFpa6mJkPgLZa2NeXae_77ejTmQSeJnGFx1xZAyBXUDPjnVUfnN3DmYq4HVvqIGIH5YjY907xxaWZMYmtWRGmYh2FI0v5JuOrW8m606M3PhboOJs4A2O_xVeIaR3Leqan7GAhHPG8l0zsKXA0eKwd4bHX_esF_sY801S7phP-_dNwplDvw7TBiEkI6qN8LQZN7Ei_4nLoVwMN9ifVLsQPzhXjBlIT7i-gDXova2xOvaK2Bm40_43tYT5BUmf8Ze2iEAaJPoZZvCJyyDCFvgmDDr1G25AS215SSz5gx88lbgsCukUZgpdJa2eW5JtDHYycE_Q6rBMoLxysuRFD0_0F2glerXOq7XX8bDtOVPtLn9IXByed3gGMNr7P9-h72v8lctQolBqiQsNijIk7H2jDsOsSm2LQ7vQ75FkqQ8Xxy7poqJxBRFfZ-N0tm6rgKeusDmPgw39FDyC076bB4IEeH0YZLbc5n4kpxq0yJgDUuanSoCSiF6HW1ip-TJgjWHVU_hAHtaej61PUC2oFD9hdPpwXeiuWdkz-KAzDYYtV24eaFFI__Xz6oOXN2G0KLtuUBQjLTOa_Ndg4qgg7FZQ72i1FAOggvzugjRiUvuTS3e8YWCLZQ1mQ0Mqp90vWlu1uf-3WvamoveFDJ-3uu9wzFw3I4iIgetL8j2OpszweEWUz8_xN4GWd5mYNxvwJHHw9clAM6Gogs94XYQIgENGbj2x372RbaamDQpM5naFW1bMoxmYXSYx3J3c6yyqQTjrZjPkAhjPws9NK0GCMIBvW0wh7pLYG9fZyEiwZoq8U2jsIy14UOgl5toFg2TGTaPROkc78sjhnL7K2KKBtfrxLsr3BykFwc_2-iq6g3JDfA9EM71A57ArItSs3_mmqcCIdLT1QxJo5Pk_8d1CHBDVSzoCBna-TLkyyd4VTXmJ_6R5NepW1xeqtx9vrAH3_BBxMqo53-4KfghVDF2ZY6ZTQTlM6aCG-gbKddSPC0MsEq_rZiXmqNJ5_Ak9OVteaFaaU3lVQ4_jF1ETB4CZpO0T3ZAfQxla1Y9_otYIcf8yfMk1h19o7ddJ0YnMXieShHjhb4SyT13xsUn59_c2RkUzVAnE72VPOqhcNcZGcWZQT8y8B0ZMV5DZvmpIXtYsT_67kBdJtU5UEL8QfQFkcJRSjBjaI-XlzeR6HPaU9s842pbdk9giGlUt7oeLxMqQoHO3OPSIrtAK3IgZrDAZNY_0avQVNLkmiNAeiH5w4cBtSAkZtUjlYhmjaIlSXCbpeQDzzdYo8LsMNmWj1wqEKPlKi-b41oYTWTngBXWHPlK8I8etouuhGpmh77u7zYbByOLVlRnNiWRleh_ClQWizXdTtVdC5qkCo9X7TN8qwa7dHFevvfktJEQwRxCkGX5PvIlX5I4G_44CZbST50L8U7OwJkUTfyOJTZjmPr2Uk6w2_P9TJYhIpA0u-mRMINXcD7avXaHakX9sw0XHnAUa0ouKe07cDgiLsgD9jsYPyYYZV9B73XOQxQCPHaioHVoIV4h30AgnFjwpOc-d60t9mO6_KpKXDIH2sRlwQ7XsK03EutWaakg6FsLriAGi3Ride6_zSMIy_HbQOd3jSIwXec75lsvJ2MlIJUx7ozG-5WX1rjX73zAEzsVEYJ4n-ILfxYnqy_I0jtjozQAQ68Mn9VJJCgs86NbbZdm9RUzZ88X_rkGACQE6Dj_8BX8gIl7yGy_gIkaXxLVZ1LLy_ZEyZ3loZLX-pGYmqMs3WtSrP45CIM-nNYf0bp2Znenba3L5PohkMP4g2lC_G1sNgMT41p_QQD9K-47ja-VDprKS_eIEZUgJDc9ng8tDc8t-5jiaLtZMT7zRU_Z1mJ6cJPQ8MU95qPk0i7hnW2A3BZWaEY0TfUUX-rjGJ3eHf4YQ_gDAzdEz9BW9cPCqaZUBBWmtge4naGFzN4VSXrXAfyqC5IGTTrvSUSkTFdMOFbXix2gQIVQTJFOtyNcRODMTTnSdNdN70cymop6s8Q9AFayKpS5p4W3u_TxIDwGCkWWT5MS5flYg-xxnNMIJUM6sX8OJUjTkHznXLc5xfVaz6YT9CIROwzwajjWJqyl3dd1Da0o7vyQPVwFGdMlhDCJap3o4z5vspj_Kd3pBdrQGyF5WFuKcl3sW5BXh8hj233z6mJZM4dFw2cq-2okaYAbIbn6Fm9De_h4IHQymkAnuhqlghE7qW-YoOFnde4BbCaqviKCyuRP-S4yXcXuyxf1lFW9yNKQpaSRMGGTHREYPMidAeThO_biEFwu4zb1NsG1f8JT-0583Hnaaic43DFqnZgbd3QtC_fC5GLbbCAVmSdmVHoJj5JeB0Hs-tM7lQ3a7SftVPlNpzElSMqo5FPEagiUTzgrAtQP3cJ_xDUEWDsVxxmkHcAyNrqE-vm-AZr9RORKcGcl8tXNGvH9AJGgwoVN2InzMEo92iWb_CXpO5RukGLDzhEHhWEWp74sR4XUvXEHYl2dCHP4f_P_FtA-uulSaOF7r-xDGn-7lCIbOIPDCGT8wIxdKbC3_s6uangWajdC1lA2QCgIcPPUaFjRgPDJ1pO-e3lzgrJn3RCTYHm37096i3j2xxHUuSbN85kdu-LNUVwH0Sswe5XONsJ_KDIGquzzOxNKUlTivDb3ZiSs_5fC5mH-1uSVpADdOyrC-xOBoAiTAduzjDJCuVnMi146dn3nSxd7wQkxYG_LYdg_50zyWtUOE3ymMxdc2o7Nvg98u5_spMPEMHgATaCWzji9mz3krInGavIa8pfPke907-eXCscJCm3dzcsst4SVUQc_Rlw8pwXb-mbEXky10EVMzb9CG8ZTeyT6iErP3hKYRMRtL8epp_lu9mp4aIJ3CjihGh1XQK4gQCQCBGD9DpfHHzm9Ah5Nmi2dziXsr8MNCyGLKx3ez00IpunHh_oKSWm-uPIQs7GFLSukqOrEF6jZlyazEztHlp5M-49XFxQxINw8HvMLQfHzC5EVkFgbdF_zDQDWpVE&cid=CAQSPgBygQiDQGNp5rslFEFaKbItaGFGa_Se18Huk3OuAlqZjw5G59DqM3TWrXzJRJadbnESegXbd5NNIxB1xxkBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fparolla.app%2F&ds=l&xdt=1&iif=1&cor=3509554957885096400&adk=1761367587&idt=104&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 20:07:01 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0976 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
expires: Thu, 30 May 2024 20:07:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/11934569601524222564/css/ Frame A7F8 5 KB
1 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 May 2024 23:03:29 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A7F8 118 KB
40 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 07:18:46 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame A7F8 6 KB
3 KB 42ms
42ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 06:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 May 2024 06:06:26 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A7F8 60 KB
24 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 13:56:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91B0 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3ix1ATiloQGXqq39ysubRnXQpcIzVfVDQh1cnBUWD1blBbCoaFYYbiTOYrUaZviE7G1CyVIKcSbrAIo_1wip-RCL5GFhw0MEHxUBkCLMOVsTsOO2Z6Z7v-AoT7kvWG7NbCQGFVg&sai=AMfl-YR-gwgWes-T4FNwHeb_pWmomuLNvtSUxsqknzg-QXQZHobf8WAgLUvz0E3CE1P2_UymLDUaHiPxqRU9&sig=Cg0ArKJSzMLOab8rS2HIEAE&cid=CAQSGwBygQiDa3Y8MTlX7_xEo085NQuvneC6OUr3vhgB&id=lidar2&mcvt=1017&p=0,0,124,1005&mtos=315,970,1017,1017,1017&tos=315,655,47,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685627813663&rpt=601&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0976 37 KB
14 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 08:22:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09FB 0
20 B 84ms
82ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgUe9pqN4ZP6BMYzhx_APqKqb6AIAAAAAOAHgBAI&bg=!wMOlw5fNAAZu7ficTu07ADkAdvg8WmJMKA3JYlufREFCrufO7forHYuKfqeT9HirLsEVfRcdOjgkeZjkIV376-krwCGa7LC5JLECAAABNlIAAAAlaAEHCgBBWDJMw1toSLorPSKaXPNG-HTcdtOmJctlxJFQyeeGld0tRgz8_ClFAyprehQHuQH0rEQZ1VoR82wNP0N77t1Fbl6ZAxe_vWoqdbePPctNhcrr18-IKo6QWgUVsjsq0Gv16-2xmETkrFfFFDr4aBG6KoMGaowsJcyIEVv_4EypkdhWmklNh8bgmxVH_VZvPAmpokp-oO1HqLKOg_0HNMovwsZm057V7TgmTwTQLtOiwVEtEOJgmlRLjO_KcORqVf3vNfqjgl0OkpueVfuOqhKy-XTxWNzLBCXO6BH_RxoyEypjAv5eu74QsKlsfgxeQcpxSCD0anGh9T-PCz2Sy0JQAZyrq2L8AxvFxsaOrcvKmuaCUaQJzHBMk1XD-tVv6odNG3HfBetC4cmd19VCc3ml8TBYQcEuU4_TgxTt5YFUpYfW-6xkxpo-1PIz_COz_zjC1veibjDGN46RtycxVd-3du3t-8EUGIIOZQpBcErxDBMFezXWbpWbvgqH282RsSgqGfBpj3HhHSrkCm3KFYrBCblEEAsxpIDUWaXgLKFNkFE7mJIml3hWHl2OQWUz-h1rj-BOydVdkid-FuMG4SPEMl2XkhqgIKBbGXXWouYzEKi4su_OmmDpY86rXIBxt9e1-g66nd_EXg-V6XFpOTdYK3ys7TrN25BsyRK9sWls3GwzhmvfwS_k0sGEqg8hUYcZiv4UV5KuqTJ37xh6FicG4_fz9xTNeHua3_h08BmLWuRgW_8ZUZMmhmpp0fmhzm4XbOHcz0f5b8DUXYHOieJvqjkqXWFs1845BVGwLZJg-SQbcdmTIya5PaIqJ65k0wxyk93M1FaTnnENg1ynDKHBGtZCYfaggzT855E1fWmDkvOkbg-ZTSPyqK3NFPZbrkvbyEQK6ZDHt_4U1v9qmwhpzkB0nAW5LPXd0NjFK2CtYabadeNU5Y4S8FT11dC4BFrj7ZcG6jWlV2-vsXv7dW-lIIquUM2tFb-Vc15empkJDAigQzQwem4K00WXdv9EH72QoIOY-5ku00-MmBOp5YuEP06WjdTo6HyjhN2pGAnJPtZpcE41GOFH9LuBuoNpi38eOk90oOX46a3JpPZcrhAxGjCOgWWt-cvHLVopVkuH6BPT_dIddPDhEd42pQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame A7F8 13 KB
13 KB 39ms
38ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:26:41 GMT
x-content-type-options: nosniff
age: 473414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 02:26:41 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame A7F8 12 KB
12 KB 45ms
44ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 21:57:46 GMT
x-content-type-options: nosniff
age: 403149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 21:57:46 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame A7F8 14 KB
14 KB 52ms
52ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 18:36:44 GMT
x-content-type-options: nosniff
age: 415211
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 18:36:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A7F8 7 KB
6 KB 91ms
91ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d523c33956dc86a24cb2d5a75c2a40eb81f973d8ddb40b8075fee8b6dccf830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5779
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 978B 0
0 1039ms
83ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIqHL8k9A8UXwB8gEzJvN8KSnntV6LoIS3cdT3t8H8SYWNN3nLiVvs2LeTNucTUW46WxiP0J9BMyhv5SIEjhFVzk0EbScbqTn1jhjdMP9ttW_x9skYEILBUCetoEWPov7rqzuEsxs9v578tP-FEUbDrUJJZ3llo6XlofBij7wTa5_6ej9ySu9A6o_4r5fTOc7j31_9fVd-XFZWQ9gUyY-n9efh-Odz3OFzMkp4DXRVmZADDBMOr4gchTjnOYNOVc3Vy5mG88_9MKmN7uHl7n0mgMyXcidyVEcjBm2hqdmGe1mJtDC-uI4CiY4TBENmTqEUFx0CXBJi7tY5DRn9YNXFGg6kgXHJA0D5B1qKlV4ijSEz-9Xy0U2_hFs97Gk7KKxvB8i2j55uM-bUHra_bxptUs8opn-wC6XvdP4cVsYF42OKX-uU5yUrMhC7DvH9U1lCS-em4Z1PUGUyGAJduNF5pfdI0oPzACVqz2_FTgygYXb8wM1TrPbZw4pUrR1HYkb-SGJRadNJbHRkmtnAMieUwNZfIXJYkl4IzVswcXnh4lXch-en7ARaigtM_dLkwPpMI92H-wgT44eY06z0m44TUcX3WczFWLMeOJ-wKX4E3mR-gJn6yEymU6J1Zh-Xn1BiUDsiNHicaUei1ij7xADs_RRtGr1WsQLm4okV6G-Dp6TO5WiiHW4hLyXeLKSBZuJ-X3CoOWBnEjnb2g6YzkB-_JXqs-6FSsSXx__4qALY3pq0y-Bi2Sm0E-GMT5G3IG3IqS20B3C9PFB-KlG-xY-b8kg7THGWoYScCQRi9Zm4KzjovUEM4PVo0RM027wdTIkhLteuiPiq3pRRMctu6paDaRp69N9yEWT0tC6uip6aHE7ilBuDWDEoCjpwOHM4Ubp7wLZaQPq9knSyRIfhT2uLBMUhnq8_8DksILU2ldf_cB3vsNwXLKekrL7qi8ZpegypxlC4mZ_adQcMabXxszOMIf0Sf8orDA2x3jtgjI6YVppRB7RAnXKHEJIXlwZ0DLLLyjTJH91Fa_dFwNrphiv-djlDBU0ek-NJ6dTEhR7N5ykReXQf12ZkI5_1jmIMmhv6QYJUPoHjndQdouI1UE6y4rW5k1bh2QX229FxfZ3Ezzafuf0xuPRLobm8aDLoIy4O9WDZxha5zXtF7DwGz98I3h_-BPcPzxhIJCMGSzzZ48OT-RA79ZIfFp8SWk_NMxqkCxLhjVFRWqOJkeOVdvgcwSdYCAIU2N9x_-3nioNsNLCAkcW9&sai=AMfl-YRGJAq0fMcr6uTEsqi8538lEJRVHSSml-yW191HYXuIU4itHVvPpebNnMDECZzNdtix1xuxLy1D_FHB-20fKT0732Pl9nNo6AJOYiax_lu7s7VKvwBrAVmWyfuAhENCCCuMB1HydzVszXAjAp-BwfFj2CQx_eDO93NEpMiPH2eSYr48ZGh6JSKsrHrMyB6HrHyTbTYA-OJu_5bBqmpqIn7FmUSEqTFu7fUcKCIkasxpD40FevdlyV8qXC9XZC3FAVhPS8W48WwTphh7zSDsUK4D8VoWXw&sig=Cg0ArKJSzJskKsBw7rVdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=666&vt=11&dtpt=392&dett=3&cstd=257&cisv=r20230530.59431&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: parolla.app
URL: https://parolla.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 13:56:56 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame A7F8 81 KB
81 KB 40ms
38ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/visual.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:44:41 GMT
x-content-type-options: nosniff
age: 454334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82828
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 07:44:41 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame A7F8 95 B
122 B 50ms
48ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/overlay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=fhv2aFFxyb&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 08:27:34 GMT
x-content-type-options: nosniff
age: 451761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 08:27:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A7F8 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 13:56:55 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 488E 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 08:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 08:22:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0976 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B028Up6N4ZKSVCN2I9u8PucK-CAAAAAA4AeAEAg&bg=!FhWlFUHNAAZu7ficTu07ADkAdvg8WoL5BXE9wzMlfbGuLM2P9JyW-7xum_mRZ62AK1DQD9kOv6Yazyf-oR_wDR-iN9GOWd_tgp0CAAAA61IAAAADaAEHCgAiEMc4_mYteztH0DZhpJodR_M4EGxoz3Yk_iNAgYl_FhHf5JkDG-vP1kghX1ugx9CvTOtd04iVh39igwxf_RnZmJ-4ZVJlcZP5YMwfE_PpOzkpdZEua0Y_Z23G5fG4JWU7SGt69kpNOzRbGZEuh0880BE93soZJFTJd6iveKhCRa5EIewiJ4_V5m1WYJL-2_MvpbjUbtKa7DC8Tk7-nTYoKah1XI_Oqno_Z3B6a5GWjDwsm9azhMl13ZKuCqjp63MsueDNldUE0YJtFpJnKyMbB5oPTtoPYjVejmJaT6Fb7Z5kIOt6b8xJaIZ0pGKwr4frxx91hrLh77smrwbx2b41weJmrxa0Bi6UcY9Vp3oM1UbNtCE3NhkgFiZM0rlaDq4kckdGWOG_8ZfGKAPuMHXpFuyBtOiUkadyDdgrQ4dFQbERmtIVRo6X21PcsmS-eLjli_SyFTH9sJtPRorGOetO_0w3htpQXufdhGgCPCcM5DeN25TlwLkXnP7Be4ews9aX0HQ_cQhfWycyOGNv6StO0RCowrE5CjliKP9swEMyraNjSj6xkYvxojGQ_NVWc42TVN5BHjq-4D31tuHPAPtSIPU3PgperAcW7CnDv8YRETMyUdGquTPLUAjDye9P9U5Yj8sYct2ip7_grLfrDTFgXUlLhE1rCXu6reLMxxTSdT-Zw7KMekmmpA1EzTbgzCy-GSwjOa95WXJHdEk3uF3wKOMTVRTVgoU71H5az9IRmbs0bbjpstyv5VogdC88rieqo01UUhV7wooI-3pa-V29Q_vN4NSaxz8duwK_sVM_IGYypEDS8kFMC_pyvLd5nb2_tWD9jf8sa4FWb4Vzqc3QAEnZGzJAc8suMfHR4m6aV9jig86ApFpax5NdiDQ_7pzs1qgSBlxqWrtxoHQR5bhKk0ddYSYqNzj8bsmgv7XhawApTUaCTNDJPvcj4qfUs6aAh5VX7P71S7AWADJ2CPnD0jYkjyKHSS-cnwpfGMdLj66ESaJgseO06NfNBAmBQLIFMUZtorjA1joPGpvgOjx5LSSicDofOlfTEMw5ipI9j0WrZNouDNvyf5VQuBKJPbQuwp2sS7v0scNpDC0cPMV67A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 978B 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr6Lc6PpRREvgNnQpDJfZTmXlgvCraHTUs4VKOu4XewUuPEoxoTDJfMtddevEiErcG2pnN1hxX16gqLd1iNzOFgGqcvDkxs9BF46p887rgcCEKfK8eno8-q_657ML8JZv5g_FXQg&sai=AMfl-YTo8x1b0Cj2UTObCuJppLZji3sVfX-H6DEfTHLTP_ME_D89vvrmUmWLG55E8xOvGPnHDTc_KuLULDYcjQMGZ1ywCswEdRkZgCHhYmJGBMyKT9WjfJxIzxTBaLc&sig=Cg0ArKJSzGekLVU8mD0lEAE&cid=CAQSOwBygQiDWaO16cq5ezw16UwK3rOZjCbAzEryYZ8d-uhdX8R7bdnrZbwD3wmv2XlCF12ZcUh1t7q-mWYaGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=548449593&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685627814550&rpt=373&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
video.seenthis.se/v2/builds/2eFTqAtCt/ Frame AE1A 8 KB
4 KB 1306ms
21ms Fetch
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/builds/2eFTqAtCt/index.html

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/public/tag-loader/2/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a67d6878d3cca385a5e51cea94bccbfdbb7ffd2e2004eea72b8ed8ca341d454

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: d.Qt22xaHY7OY07n2ifOSSrstZO11vmb
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 01 Jun 2023 13:56:57 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 8SH580PCBY8G8M13
age: 3493612
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
content-length: 3429
x-amz-id-2: MSgSTxqVojlZyeaZVgYs8xYJGEamnBs+iaxyspkJ3RchkqypqbJvdMCXVnUMVoou5GEgwUNH+z0=
x-served-by: cache-lcy-eglc8600032-LCY, cache-fra-eddf8230024-FRA
last-modified: Thu, 09 Mar 2023 12:39:38 GMT
server: AmazonS3
x-timer: S1685627818.590370,VS0,VE0
etag: "77629d9b9b6e87cdfb6966c50ff83864"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 44, 2

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8939 1 KB
643 B 43ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:07:02 GMT
etag: 48472445140208031
expires: Thu, 01 Jun 2023 20:07:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE1A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f946599fd76853dfb64651d69c0504c256eafdfc8edce5142f3d049398b4cc5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGNjyCYyg4RX_Ss5yQObxCA&google_cver=1&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-rELjhhRkctSPP7MiLNPC5yalq318IBRJlMr5d-234Shw&google_hm=hYhDlbP6SB...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-rELjhhRkctSPP7MiLNPC5yalq318IBRJlMr5d-234Shw&google_hm=hYhDlbP6SBCPK8jeOA7nyg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOhu25_j-t_Ik5iXkuz3otv7uqu1H_j6-515TTorm9mH67GTYKCn-rELjhhRkctSPP7MiLNPC5yalq318IBRJlMr5d-234Shw&google_hm=hYhDlbP6SBCPK8jeOA7nyg
pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T2loYW5NdlUxUTRJTnE1&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPj...

170 B
188 B

47ms
43ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T2loYW5NdlUxUTRJTnE1&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPjZZh7S-LF83p4ayRblUC6X1oyyYMwmPRjfkOXzgR_159Yo4WWIqQXcQrU

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 13:56:56 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T2loYW5NdlUxUTRJTnE1&google_gid=CAESEDDRBpgN7R6qMufEMv1Pi00&google_cver=1&google_push=ATf1kGNg3YNhIO1aEKQENTPfyAF0Rwj-McJTW39Q2qkkrPjZZh7S-LF83p4ayRblUC6X1oyyYMwmPRjfkOXzgR_159Yo4WWIqQXcQrU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkhpanB3QU9kbG9jWFFBcA==&google_gid=CAESEN7gxT9eVtZ9WLeNse0r8O4&google_cver=1&google_push=ATf1kGOjSsGm4ovQUswlXUO3Qi-cBdyokm...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkhpanB3QU9kbG9jWFFBcA==&google_gid=CAESEN7gxT9eVtZ9WLeNse0r8O4&google_cver=1&google_push=ATf1kGOjSsGm4ovQUswlXUO3Qi-cBdyokmTewf5uSD81K7Czb9RnjqgI0FiqFmkkyGXUO3aY70l-eYLlmFjrpE-IAbQh-9Cyy5-9y4Q

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230071-FRA
pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1685627816.408723,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkhpanB3QU9kbG9jWFFBcA==&google_gid=CAESEN7gxT9eVtZ9WLeNse0r8O4&google_cver=1&google_push=ATf1kGOjSsGm4ovQUswlXUO3Qi-cBdyokmTewf5uSD81K7Czb9RnjqgI0FiqFmkkyGXUO3aY70l-eYLlmFjrpE-IAbQh-9Cyy5-9y4Q
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMg2IyEv58bBwRr-fAKD4lw&google_cver=1&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tnltrof_a0pjFgDwVQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tn...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tnltrof_a0pjFgDwVQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Jun 2023 13:56:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=288413E6AEF9455AB951163B34D5799F&google_push=ATf1kGMFtgmqu9uCjgr2CslVKeNQEWGDKIrPclykWB70KBHQ5DpYd6DFWVddzWQO8pOuWf1F_lQcNiu-m6rh2Tnltrof_a0pjFgDwVQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 31 May 2023 13:56:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF3VvEZpTervJb6D1tVY9XU&google_cver=1&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEF3VvEZpTervJb6D1tVY9XU&google_cver=1&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726h...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo&google_hm=HTePbV-BSsmzgbGpjGfU...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo&google_hm=HTePbV-BSsmzgbGpjGfUag==

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo&google_hm=HTePbV-BSsmzgbGpjGfUag==
date: Thu, 01 Jun 2023 13:56:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8939 43 B
363 B 73ms
18ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEE-_HaPLarBJzodqr2_4HaM&google_cver=1&google_push=ATf1kGNdQCguudgFid3u16nCxyH-sAzgpNmDB1Z8J4m-PfQHUGyQwvvl5XFbw6SsWpsVN3vnDGRtOkHDQtOf4f-tsy84hjKtV0w8HQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:55 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 354053
expires: Thu, 01 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8939
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMxoFx05Tonc6ylsD43wrKc&google_cver=1&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQD...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMxoFx05Tonc6ylsD43wrKc&google_cver=1&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NzQwNDU1OTM1NzQ5NDgyMg&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5q...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NzQwNDU1OTM1NzQ5NDgyMg&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQDhBKH64-fr-Peb2a97NDBQg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NzQwNDU1OTM1NzQ5NDgyMg&google_push=ATf1kGNm1DjUcrK2dNOr7zgxB5q2R_LQ8Lr_ca-MNul2AopEylIKDGvXoBaLy7PWYjcBYiVqHgsT5qQDhBKH64-fr-Peb2a97NDBQg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8939 0
12 B 48ms
46ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JynnZ2bF-wT-ASW8wqDshZSoBvuOtW4ozcwTecQVCXfh2zk9IgXS9ta24hue_vv2QMwxkd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 978B 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2012899769282&version=m202301230201&ct=76&x=1&cor=6337455274575499000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE1A 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3lfP4-cbilKD9JvIQ_VUseGHQCDGoUXFQQY-ea00qrL4rdmHQ7WD9HdhHInPJO9ZeslAlaNNS7PAXQG3TOQtbUvicodR1wNbmz_h9lN12mcAkiAUX3LyTb0sy&sai=AMfl-YRC5Xbhg46htZf6N-dLa5BYRkXDvx_VlD5N_UhBkZV_tIYYBKHZczqZsOwHJx7EA6Mv1l52SISyJMV8GTjl68HXtbi6jG255mHfbzLnUj0ztO_ZmXGKO-9UxXJZlmg&sig=Cg0ArKJSzDhNfqSUlz4IEAE&cid=CAQSPgBygQiDQGNp5rslFEFaKbItaGFGa_Se18Huk3OuAlqZjw5G59DqM3TWrXzJRJadbnESegXbd5NNIxB1xxkBGAE&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3431267658&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685627814962&rpt=1382&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE1A 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=283947482185&version=m202301230201&ct=77&x=1&cor=3509554957885096400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-149SL74TRQ&gtm=45je35v0&_p=41615808&cid=539784636.1685627813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1685627813&sct=1&seg=0&dl=https%3A%2F%2Fparolla.app%2F&dt=parolla%20-%20Kelime%20oyunu&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-149SL74TRQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://parolla.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:56:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://parolla.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.parolla.app/	1970-01-20 21:35:23	Name: __gads Value: ID=1ed538c54a254ff7-22113873fbdd0062:T=1685627813:RT=1685627813:S=ALNI_MYZw3uQfyUg3_8o8-VxoFNQ5QyJxA
.parolla.app/	1970-01-20 21:35:23	Name: __gpi Value: UID=00000c2abd8c34f0:T=1685627813:RT=1685627813:S=ALNI_MahC8ugy3e3LaeoF123aSpktXYVDg
.parolla.app/	1970-01-20 21:49:47	Name: _ga Value: GA1.1.539784636.1685627813
.parolla.app/	1970-01-20 21:49:47	Name: _ga_149SL74TRQ Value: GS1.1.1685627813.1.0.1685627813.0.0.0
.adnxs.com/	1970-01-20 14:23:23	Name: uuid2 Value: 8578792112870316341
.casalemedia.com/	1970-01-20 20:59:23	Name: CMID Value: ZHijpnbf7hcnoLXPjwjBXAAA
.casalemedia.com/	1970-01-20 14:23:23	Name: CMPS Value: 1105
.casalemedia.com/	1970-01-20 14:23:23	Name: CMPRO Value: 1105
.doubleclick.net/	1970-01-20 16:32:59	Name: APC Value: AWEbyIGXnE1ssB4MGN9WwGIAv5Noppc2GaMXQflOtRIeK89UHg5R
.doubleclick.net/	1970-01-20 21:35:23	Name: IDE Value: AHWqTUnyChyYuOvWXQELMjEFNnEpS-870Fa9voXphcNtZg8VFUAJhqfWRbfyK8BifH8
.quantserve.com/	1970-01-20 14:23:23	Name: d Value: ECEBCQGQKYEA
.quantserve.com/	1970-01-20 21:44:02	Name: mc Value: 6478a3a7-03581-bf4ce-40171
.ctnsnet.com/	1970-01-20 20:59:23	Name: cid_2ad53fc3750d4acda9cea4dbc2a94636 Value: 1
.ctnsnet.com/	1970-01-20 20:59:23	Name: gid_CAESEDHVsnFxcsQozuQzEH6wu88 Value: 1
.everesttech.net/	1970-01-20 20:59:23	Name: everest_g_v2 Value: g_surferid~ZHijpwAOdlocXQAp
.adnxs.com/	1970-01-20 14:23:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>xs-#f7!A#G'.TOKKnyW<U1`VROYQM-:HjA%[HhJ8sWu1HCIG$BpZ5*SO@7Xl<o/]yc<QG=%9sk@3@'s>T7jwnb
.simpli.fi/	1970-01-20 21:00:50	Name: suid Value: 288413E6AEF9455AB951163B34D5799F
.yahoo.com/	1970-01-20 20:59:45	Name: A3 Value: d=AQABBKejeGQCEB_jbSSfTBq58GEgbo2u6G0FEgEBAQH1eWSCZAAAAAAA_eMAAA&S=AQAAAlaizN2-ryDfRU4p8oyZfgA
.bidswitch.net/	1970-01-20 20:59:23	Name: tuuid Value: 1d378f6d-5f81-4ac9-b381-b1a98c67d46a
.bidswitch.net/	1970-01-20 20:59:23	Name: c Value: 1685627816
.bidswitch.net/	1970-01-20 20:59:23	Name: tuuid_lu Value: 1685627816
.bidswitch.net/	1970-01-20 12:13:48	Name: google_push Value: ATf1kGO2vUOxUZeifFfoHf0U3CZN8vnH_3BisR-LNKNhc2m-UjGOb8T9pt_uJRoO66c0x_KRELr5uC204u726hWbRiAQFkypTOaJnuo
.w55c.net/	1970-01-20 21:44:02	Name: wfivefivec Value: OihanMvU1Q4INq5
.w55c.net/	1970-01-20 12:56:59	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 12:56:59	Name: C Value: 1
.adform.net/	1970-01-20 13:40:11	Name: uid Value: 6577404559357494822

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-5310998423283624&fa=1&ifi=2&uci=a!2&xpc=3dAwQSNPLJ&p=https%3A//parolla.app Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.iconify.design
api.radkod.com
api.simplesvg.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ius.ctnsnet.com
match.adsrvr.org
pagead2.googlesyndication.com
parolla.app
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s0.2mdn.net
sync-tm.everesttech.net
tpc.googlesyndication.com
um.simpli.fi
video.seenthis.se
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.184.226
142.250.185.98
142.250.186.104
151.101.194.49
151.101.66.133
178.250.7.11
18.192.102.238
185.80.39.216
2001:4860:4802:34::36
2606:4700:20::681a:dcc
2606:4700:3030::ac43:d660
2606:4700:3032::6815:242e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2006
2a02:fa8:8806:20::2040
2a05:d018:d29:3602:6ae3:6657:23ce:d6ec
3.126.192.167
34.91.62.186
35.186.193.173
37.157.6.254
37.252.171.21
52.223.40.198
76.76.21.21
0975b70526ef9c500cfc6e90e529f572feb2c206cd8cbf6090316e4360c44e75
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
214b0ebe8682151225c9de44b388d48fdf38bbe8aae978887531b5b241cbd5e7
256a361ec392ca14cfc4694a06179f162e82bca34a5c27388f549a91869b0258
293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7
2c349961a78c867928a30d3b1b41b4bbfc399a198e21775197f6a0835e393f28
2dcba89ea71cc50ff7c4ea47e15cbd8d138dac61adea1b37ce62c3a647208593
2f819c36a2365529cefe9b90205eb0e64908cbc02346260c6c81dfd0ba06f404
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
364c0e507437aeded7824c74ae91bdfacd00030c45cb4d4fb3d968ee997fe675
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d523c33956dc86a24cb2d5a75c2a40eb81f973d8ddb40b8075fee8b6dccf830
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
48633bcdbba46bcfcf59747720f29e139ab1190e0c8187017e8bc4b75e3c2f07
4afb3df6447132eabd8a12534283fc1cdc44e0aef0171b178c5634f6c549678a
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca77618b114e3aaccfcf91ceee546e90a01b28d05f76a1d9d1cc3a38a70c7b5
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5b0b0fb2cc65dfa9af19c3f6707a52d290d19d086366a25b24052880b91316f4
5caeb3534668a881fb0b19dae79e8370a7bdf70028ecc04fb4603f798d128420
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65afeec5bdf37e202addf538417030ee65cdeb95a16001b14acf736e2acb2283
70737b15564069d6c1d10a545a93ab8092a416ba2177b2c44806061ce49e0bf1
7709f20b7d8240eb7d46b6d2a39b27531f6cfcf5a43981a47ddf2c3ce7f42906
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7c24e85731456a2c86a4aa9d682ccff330a6de66137f0af0a76ab929fca1a6da
7dd1bf588819ff6934d8e881f9d1613668cda3ebe78ad5c5d92be895f06803cc
889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8a67d6878d3cca385a5e51cea94bccbfdbb7ffd2e2004eea72b8ed8ca341d454
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1e35a34a9ed23d8bcf6ff05c3d403dc95d280673cf65ea764b47057e55c52f
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0bef909f3af1dc8272d50f24c82d1b8b196858abd27bdaef57b2cca6c7462bd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a509ef51ff946a2ac6aa960d5b6446c767c35bc12b7afe61edccb789745e36
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
aceca4c08e24e0620ab53a65e183255ac56dc505dc195c3e0145e8387da65c5a
ad3349c3f46d8209d2968f8f3684bc6eb5410a209f5a980ae8d8ce19202c56d9
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23072cc3389d55d4c1ae15e937802d18ad5223b6c7704b7f25bd467312b210a
b7eeb4984b0f34cdbada2d23dca9c84ecba9ad8369f37095ab85bd1ff194c466
bf66c270bf62a8676a40b751c373626f3640262c73787f958ebf538de7eae500
c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce
c3a2f0791b9cb2aa24d9dc525b483aa1bafb3d50c08ea92d62cb80ddb6f6792d
cbaa993039298d30559bcc3e4b3f6621013b9f67790f947fa34d680d8e9619d4
d05e2c0dfaf3018083572a421d5500062e52e016390e6b5f6cc3da0eba9d8e19
d591cdef26f1ed39652b12a6a595c043b0d76be2ff1a2db5bb92e14adcd365a3
d8c1c16668ae945c76d0fcda74b55dc724121c24c019865666c4e5451f008aa8
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
e7a314fd018bf266643f8a41322ce770a34477a9357cb21391d3f99b478b80bd
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee6530c4470fda17dbe3a8d5eee22fc7a95a1d875c9496dcf0014fa794613707
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f463a71fd9a7addf6b6455fcca8fe872123c6fbf9a673c938a87d562b2afa490
f924b8c19ad71a0333ff966c094e52ba3bf62c91a72a04c95a3ac9102d808f0c
f946599fd76853dfb64651d69c0504c256eafdfc8edce5142f3d049398b4cc5a
fa689eb566a44f72df9da934dc74a8a6a98d5a75ae9e3fe9a02517ac46157965
fc3e699b08befa12f361de73fb69431e6f362db974d762af6d71338602fe78da
fee74d47ba933ca10f0ebc062233d78c5fb9259373a7908fd6cc1697f3d889b0
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

parolla.app Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

87 %HTTPS

56 %IPv6

29 Domains

34 Subdomains

28 IPs

8 Countries

1663 kBTransfer

4496 kBSize

26 Cookies

0 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

parolla.app Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

87 %
HTTPS

56 %
IPv6

29
Domains

34
Subdomains

28
IPs

8
Countries

1663 kB
Transfer

4496 kB
Size

26
Cookies

142 HTTP transactions
3 data transactions