urlscan.io logo urlscan.io
SecurityTrails logo

brainden.com Open in urlscan Pro
195.210.28.61  Public Scan

Go To Rescan Add Verdict Report
URL: http://brainden.com/color-illusions.htm
Submission: On October 05 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 11 countries across 44 domains to perform 302 HTTP transactions. The main IP is 195.210.28.61, located in Bernolakovo, Slovakia and belongs to WEBSUPPORT-SRO-SK-AS, SK. The main domain is brainden.com.
This is the only time brainden.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 195.210.28.61 51013 (WEBSUPPOR...)
10 169.150.247.37 60068 (CDN77 ^_^)
1 2 172.217.16.130 15169 (GOOGLE)
3 7 142.250.184.200 15169 (GOOGLE)
3 157.240.251.9 32934 (FACEBOOK)
1 8 172.217.16.196 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
2 142.250.186.34 15169 (GOOGLE)
2 142.250.184.206 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 142.250.181.225 15169 (GOOGLE)
2 74.125.133.156 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
6 216.58.206.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 88.86.101.2 39392 (SUPERNETW...)
5 172.217.16.194 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
7 172.217.18.2 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
8 142.250.185.129 15169 (GOOGLE)
2 142.250.185.170 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
12 172.67.74.129 13335 (CLOUDFLAR...)
4 4 89.207.16.201 41041 (VCLK-EU-SE)
6 30 142.250.74.194 15169 (GOOGLE)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 52.211.226.215 16509 (AMAZON-02)
5 5 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.166 1299 (TWELVE99 ...)
2 178.250.1.9 44788 (ASN-CRITE...)
3 35.86.95.232 16509 (AMAZON-02)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
3 4 185.89.210.153 29990 (ASN-APPNEX)
1 91.228.74.166 16509 (AMAZON-02)
3 3 52.29.154.74 16509 (AMAZON-02)
1 1 151.101.130.49 54113 (FASTLY)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 35.190.0.66 15169 (GOOGLE)
1 2 2.16.97.41 16625 (AKAMAI-AS)
1 142.250.186.102 15169 (GOOGLE)
2 4 46.228.164.11 56396 (AMOBEE)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 51.89.9.253 16276 (OVH)
2 142.250.186.106 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.26.7.27 13335 (CLOUDFLAR...)
2 34.95.89.54 396982 (GOOGLE-CL...)
4 4 142.250.185.134 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 104.102.45.165 16625 (AKAMAI-AS)
2 185.5.82.77 20546 (SOPRADO-ANY)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 52.211.186.134 16509 (AMAZON-02)
4 142.250.99.120 ()
1 1 216.58.206.46 15169 (GOOGLE)
1 74.125.13.233 ()
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.251.35 ()
1 1 2a00:1450:400... ()
1 74.125.108.198 ()
302 51
44    195.210.28.61 (Bernolakovo, Slovakia)

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: braindenvps.vps.wbsprt.com
brainden.com
10    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-37.bunnyinfra.net
load.sumome.com
load.sumo.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googletagservices.com
7    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
3    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
8    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net
www.google.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.gstatic.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.google-analytics.com
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com
2    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
6    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    88.86.101.2 (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)
PTR: www2.toplist.cz
toplist.cz
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads.g.doubleclick.net
46    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
partner.googleadservices.com
googleads4.g.doubleclick.net
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
21    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float1.dotomi.com
dclk-match.dotomi.com
30    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.211.226.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-226-215.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    35.86.95.232 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-95-232.us-west-2.compute.amazonaws.com
sumo.com
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    52.29.154.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-154-74.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
s0.2mdn.net
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
imasdk.googleapis.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
16    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
2    104.26.7.27 (None, )

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    34.95.89.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.89.95.34.bc.googleusercontent.com
prod-rtb.ad4mat.net
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
2    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    185.5.82.77 (Germany)

ASN20546 (SOPRADO-ANY, DE)
PTR: xb905524d.host.myracloud.com
t.adcell.com
9    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    52.211.186.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-186-134.eu-west-1.compute.amazonaws.com
ihg.demdex.net
4    142.250.99.120 (None, )

ASN- ()
csi.gstatic.com
1    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net
gcdn.2mdn.net
1    74.125.13.233 (None, )

ASN- ()
r4---sn-4g5e6nzs.c.2mdn.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    157.240.251.35 (None, )

ASN- ()
www.facebook.com
1    2a00:1450:4001:4c::9 (None, )

ASN- ()
r4---sn-4g5e6nzs.c.2mdn.net
1    74.125.108.198 (None, )

ASN- ()
r1---sn-1gi7znek.c.2mdn.net
Apex Domain
Subdomains		 Transfer
82 googlesyndication.com
720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
1 MB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
ad.doubleclick.net — Cisco Umbrella Rank: 180
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
bid.g.doubleclick.net — Cisco Umbrella Rank: 1063
280 KB
44 brainden.com
brainden.com
680 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29602
ad4m.at — Cisco Umbrella Rank: 10446
assets.ad4m.at — Cisco Umbrella Rank: 38846
942 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
gcdn.2mdn.net — Cisco Umbrella Rank: 1461
r4---sn-4g5e6nzs.c.2mdn.net
r1---sn-1gi7znek.c.2mdn.net
375 KB
12 sumo.com
load.sumo.com — Cisco Umbrella Rank: 25100
sumo.com — Cisco Umbrella Rank: 22058
212 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 11
4 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
440 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
237 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
3 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
135 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
2 KB
5 gstatic.com
www.gstatic.com
csi.gstatic.com
14 KB
4 fbcdn.net
static.xx.fbcdn.net
271 KB
4 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 189372
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 146856
8 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
r.turn.com — Cisco Umbrella Rank: 6191
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
3 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 facebook.com
www.facebook.com
34 KB
2 demdex.net
ihg.demdex.net — Cisco Umbrella Rank: 20997
2 KB
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 53266
545 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16620
1 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76385
3 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 70859
883 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 70307
527 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2022
606 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11243
912 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
576 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
725 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
655 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
87 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
339 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 51511
611 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
545 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
464 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
587 B
1 toplist.cz
toplist.cz — Cisco Umbrella Rank: 62213
649 B
1 sumome.com
load.sumome.com — Cisco Umbrella Rank: 99177
2 KB
302 44
Domain Requested by
52 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagmanager.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
brainden.com
www.googletagservices.com
googleads.g.doubleclick.net
44 brainden.com brainden.com
30 cm.g.doubleclick.net 6 redirects brainden.com
googleads.g.doubleclick.net
29 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
brainden.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
brainden.com
12 assets.ad4m.at as.ad4m.at
10 s0.2mdn.net brainden.com
s0.2mdn.net
10 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
brainden.com
10 www.google.com 1 redirects tpc.googlesyndication.com
brainden.com
googleads.g.doubleclick.net
9 load.sumo.com load.sumome.com
9 www.googletagservices.com 1 redirects brainden.com
securepubads.g.doubleclick.net
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at brainden.com
as.ad4m.at
ad4m.at
7 www.googletagmanager.com 3 redirects brainden.com
www.google-analytics.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 c1.adform.net 5 redirects
5 partner.googleadservices.com pagead2.googlesyndication.com
4 static.xx.fbcdn.net www.facebook.com
4 csi.gstatic.com imasdk.googleapis.com
4 ad.doubleclick.net 4 redirects
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dclk-match.dotomi.com 4 redirects
3 pm.w55c.net 3 redirects
3 sumo.com load.sumo.com
3 fonts.googleapis.com googleads.g.doubleclick.net
client
3 www.google-analytics.com brainden.com
www.google-analytics.com
www.googletagmanager.com
2 www.facebook.com connect.facebook.net
2 r4---sn-4g5e6nzs.c.2mdn.net 1 redirects
2 ihg.demdex.net 1 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net brainden.com
2 t.adcell.com as.ad4m.at
2 www.awin1.com as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 prod-rtb.ad4mat.net brainden.com
2 static-de.ad4mat.net as.ad4m.at
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 ads.travelaudience.com 2 redirects
2 tr.blismedia.com 1 redirects googleads.g.doubleclick.net
2 dis.criteo.com googleads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 um.simpli.fi 2 redirects
2 connect.facebook.net brainden.com
connect.facebook.net
1 r1---sn-1gi7znek.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 onetag-sys.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 toplist.cz brainden.com
1 stats.g.doubleclick.net www.google-analytics.com
1 720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.gstatic.com brainden.com
1 load.sumome.com brainden.com
302 63

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.toplist.cz
Subject Issuer Validity Valid
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-02-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-09-26 -
2023-12-25		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2023-07-28 -
2024-07-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 46 frames:

Primary Page: http://brainden.com/color-illusions.htm
Frame ID: 9635FB0661982AC73D52E5BEF55557AA
Requests: 79 HTTP requests in this frame

Frame: https://720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C9CF1EEA512F72689CEB5FF4F76B16E6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8PvDx-Yqqxhd_qX2HwpkvZDHC91VjEjdWWbYA7_0NBmmsyW3tU-6Nqge2ZjpbVoXBsxOlTmtTSTx0DW3b4XklPZ7I1bh3iaZsjcMs9n0GXXDGRLQR3qvvxl1WMX6EViIGkdAO5j9f4Pm5ZjvyEXlrq0Zn8NHCR0Se8VsFlQwoklNnyL0bKA1cj7O9qPHuANnsih4Uy23NmW5AhAPDr2e4CTgUI5uJKa055eS6D76ufOtGTWlRiKLbjqIQzomWHtydLwzayKrawrjeQJ5NX8GXxEegOAgypFDpI_vnuy3A-9GV2PxVLZxqYTp5pG-X_ycExzXJ4Z3w0nccqewo&sai=AMfl-YSUiGG_OYytuRYW4POak5f3JOfDe-2XZE3nn5dh7k8em7YxycGlrw3lnQjYYnQE2nafRaxkH89ePiGpMdgusA5EWroHfGp-qe9XgA8rjU-u0IiJzy6d1uZATjcldRSUKlHw-hrtXniXz4QUz4PH&sig=Cg0ArKJSzLH_mD1J7Jv0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D92C6A3CCFBBF7CD11164E4C9428042B
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthRzmqdLnq86uKGO5lratZRIEFkz-dyEcEtGbIGy7djKpwWEKovmsU8K_gC0_pT_Ec2GLCIYwy1-5-jEDXwAqCpx70LRma8oN4TWEtkk21BhsFLFXFvpyL_5eL_xrlXz0HBw0xFU_KQ1qDAXLC4FxiCWwPLSjBRysE7x--Mg-osNLj4Br0HLiR14b68i9ju9NA76Fl8HJPmsWYMw9ayXhVCpYx9X43h_54UcNGFN914hZICdTZbJUMtSiXk74nTiO6UmEnyszHRYUkformmf5B6RFHFzkP1ymT3QN6CbAGvgq9s8bal6G3-SOp8jWeGxTYMFWIMjiwkP_90WXn&sai=AMfl-YREVsk1vjMvdXZ_xVDZQZhtTZCgsvG-BZREfyd3YQX3sLtywFHY8qQ2Y1C4wSJNvLKe1lkX8X8xr9tC7ztilho05pHFzf9QLt2J2MeGnp0z0pNs9zYnDMLuiXdV0hSOjyiP_QpG1jRjcoWZ2rBf&sig=Cg0ArKJSzIgBUs8GkHSKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 914C4B64E9981ECFC17B4B4EC2CCA0DD
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssACW2A1tlUpxgb5JjrtX_B4kaXdfbepkHmVPbVbA3ZVFvbs7jHygmUvR1311idofFfDIiPngp6swBvvDqZEz391A1lj6Jb3U4n0KIR9ugQ-Epal9iYb4KgdMUASjmRdYD4LgAolfnY-ARQb1cyG6t6G1A64X2qhxyGP6_cmFXzFpuamhmTevhe4Vbg-pqZwi7ADTVW7YFVVo89EoLHkRr6nepH_V_ztOz7rEEMtKc0ecAv-9cyBpBtW4oIDar3-yV_oE1_9HQm-2NjEguuDKvsNnL5iq0EEzRLbdtFH_XIucPAaZ-z117aqyssXJysD35KiOB31voJ4BaxsE0Tcs1LtaSCV_-2h7hTVw&sai=AMfl-YTlnuVOadN7mEYJE4neDbck-opP4GI4AFZKBC4agxE8t0f6Vi1JZtUKbR54chQ74JRO8FDGlgHfncxJWhGBiG1gbhmaofGqgTDZqbEebrYnWTP6EoKwgoW42oRsfruFXBuaICK4jYGoC-Ou9X2j&sig=Cg0ArKJSzG28eWxTIm8vEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ACCB9620D36F5E8952552631FC0C0B0A
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK9fVSuHU6Oztd2xqxA8WzecWQiZX6BhWOUyYX-BOYpvRVkreLAagPUtS_f1SCe-yBt1jIuUnHqsTd-mMjV6Np8MvDF5FxCAhQCYlFlMBT9WyOw-883DVoahL_JnIZwLtBH6h8fAC8nCw4MMYbUgfCZX8E7coTQN0h322X7m52xszlwqkUwcntOoZSYuuUH6ped0tH-v3jgU-leD39jrEJcbJ1ErpXhJiPurwyv7snQnH_20BXot1XZgDQOEM6UQ-slwTcUemGVtckb7_XOY86OKhWJg1eMvtg81c1f1D0N2yAsQPBAkoOD-Kkc3d65-2oDmWTW1Y&sai=AMfl-YTTCYPICXfyAgklp-_VkDdMPe9CY7vVT8DKvTFq_Wqeubm_w__WkplKi2Gxs-mTmOXrIpgx7o-qi_lH5k1beAgHevQJq-5PF3Ho3372pT6BFjjnnPoIe3Xdki3WLA0v20NKykIawfe1hJ62aaRL&sig=Cg0ArKJSzNljGx-SkCFPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8215B30966831C1C25CEF70F3BA525B5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Frame ID: 3C4C705BC5FF7D1E61D74964F3998FB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=1811160126&adf=3173046729&pi=t.ma~as.5046721354&w=300&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=300x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193142&bpp=5&bdt=426&idt=199&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=2&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=2069573839&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=6461&biw=1600&bih=1200&isw=300&ish=250&ifk=4038817774&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076839%2C31078363%2C42532402%2C31078489&oid=2&pvsid=2018822925082418&tmod=1714570455&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.3ih8i3qvqxgm&btvi=1&fsb=1&dtd=238
Frame ID: B4B331528F1794DFF5FC2C9972478C3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=333218317&adf=3173046727&pi=t.ma~as.5046721354&w=336&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=336x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193209&bpp=5&bdt=466&idt=205&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=1052728096&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=1727&biw=1600&bih=1200&isw=336&ish=280&ifk=4171855712&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078489%2C44803789&oid=2&pvsid=2140185377516309&tmod=1937163240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.3padnk2y8812&btvi=1&fsb=1&dtd=222
Frame ID: B093EE91A93F602C00D2951F5A5A29AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=1811160126&adf=3173046728&pi=t.ma~as.5046721354&w=300&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=300x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193275&bpp=12&bdt=544&idt=250&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468194&ga_hid=1938753818&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=330&biw=1600&bih=1200&isw=300&ish=250&ifk=1826140310&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C31078363%2C44801484%2C31078466&oid=2&pvsid=3007972043363280&tmod=1690132607&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.jly4xhqyd09t&fsb=1&dtd=271
Frame ID: 0EB8D59D9A6157661D0400ACEAB2B32E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=125&slotname=5820499555&adk=4124986096&adf=3173046726&pi=t.ma~as.5820499555&w=160&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=160x125&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193301&bpp=5&bdt=546&idt=282&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=21&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468194&ga_hid=735335404&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1096&ady=1183&biw=1600&bih=1200&isw=160&ish=600&ifk=2813783621&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078596%2C44801485%2C31078489&oid=2&pvsid=547691374644682&tmod=1442058056&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.qdxpwfush5yg&fsb=1&xpc=9WaBeOavKA&p=http%3A//brainden.com&dtd=308
Frame ID: 64DFCE18B1E019269866C2B40BEE158A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&adk=1812271804&adf=3025194257&lmt=1558631034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696468193497&bpp=5&bdt=2558&idt=188&shv=r20231003&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&nras=1&correlator=8358160504198&frm=20&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=1525024100&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795922%2C31078467&oid=2&pvsid=391758873652409&tmod=1768594736&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=266
Frame ID: 5D838425024E4B3505B376560C66760E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBFD80E1C8E3673FBB117C2C221DAE51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D318C561E97C60D7AFDFDE75D5451967
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F246D6E22B81191F358C37FCA93CC9BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D9465A486B984B13DDED29CBF95B419
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35A0AE61F5C78346F8C8EB61DF4EE734
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17E0EF8756F2F1889BD3269C3919A5AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 266586271B094C42A724B6401F03ABAC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 738E6B03E829DD24F42564DF7B061582
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: B53166AB7586EE9695AE80F9E9204A23
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6E68BFE5F8451A69403DFB30E3D2CE19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 86E03FF5F0C0114ECC738FD78CEDF08E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: DE5E21D1B560ED8B2CCBE1981FFD0F20
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
Frame ID: AF19270079CBEBE63599064A2AA9D3AA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Frame ID: C020E04ED8CF580B81E9E47D5C91301E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FAB5392878BD1D56E9FB88E0CB5DCBEF
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
Frame ID: 7585ABC52268772B44A8A9E2A23A7C51
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Frame ID: 7881B880ED4FBEFDDBCE9564333E9CDD
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B09A6322895E92F6852F52AF2AA5ED0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Frame ID: D911F43C50AB257871EF6528CCD43CC8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F0110897EBCACB5D66D416E2E0C77B46
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00057892AEFA3BEAC31DFAAC2A8DAA09
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6761163D27525D1C7510845BCDACCEA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js
Frame ID: D2EA71EC30E1CDB9BBFD5DFD69B9230A
Requests: 15 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F528C7DFD68F94C23EBF8CEEBF53932D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9F0347C11F4098B870F0711F874F1F22
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Frame ID: D417A93E5CD7D7477CA482971B551906
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Frame ID: A908AFF2632D3E65265B49C90D1BE6F4
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Frame ID: 72B5F04F9B8B9EC640A8441B229F4626
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A404FC61FDADAAC311D85B431CE20917
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 991DA35D921A512AE287C6C407CC46BE
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26f98cbb792bd4%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=114&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 2395CA91198844B47E6D11883C63ECD8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff48ea78d15508%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=220&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 87B0E3BABF0B909DBF5939212EBF9FD0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B5B3237A9F1B167F5898F82EE491277
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A59AE6E78D968DAB34F7DF0CED4B0A2E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Color Illusions and Color Blind Tests

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • load\.sumome\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • (?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)
  • jquery\.prettyPhoto\.js

Page Statistics

302
Requests

70 %
HTTPS

17 %
IPv6

44
Domains

63
Subdomains

51
IPs

11
Countries

5090 kB
Transfer

12313 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • http://www.googletagservices.com/tag/js/gpt.js HTTP 302
  • https://www.googletagservices.com/tag/js/gpt.js
Request Chain 30
  • http://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2 HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2
Request Chain 31
  • http://www.googletagmanager.com/gtm.js?id=GTM-KQ754H HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-KQ754H
Request Chain 37
  • http://www.googletagmanager.com/gtm.js?id=GTM-8WMQ HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
Request Chain 50
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 51
  • http://www.google.com/coop/cse/brand?form=searchbox_014810839573023830780%3A7orzgdlj6u0 HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 53
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 78
  • http://toplist.cz/count.asp?id=128277 HTTP 307
  • https://toplist.cz/count.asp?id=128277
Request Chain 153
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4cqSu-rTVY7FEH8Rhc9bLiUSs-TQknT0U-46SLqmOyMrFB7sRI HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=249aee0cc6b5193d&is_secure=true&networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4cqSu-rTVY7FEH8Rhc9bLiUSs-TQknT0U-46SLqmOyMrFB7sRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928e-NOpdgNszHI6AAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4cqSu-rTVY7FEH8Rhc9bLiUSs-TQknT0U-46SLqmOyMrFB7sRI
Request Chain 154
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPbRt6o5z1f0NgmcF2jcBM&google_cver=1&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je8jGe1pkPwHdClH1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je8jGe1pkPwHdClH1s
Request Chain 155
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO39TjaWsJksQM6IBsGXqt4&google_cver=1&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21DPAHvj_A_FXVWVcWWE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NjI3NTQxNjIzMzE0NjUxOA%3D%3D&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21DPAHvj_A_FXVWVcWWE
Request Chain 156
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsCAOJ2NeUKsMAehMrxOUk&google_cver=1&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfUTRVHc44h- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfUTRVHc44h-&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
Request Chain 157
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3WnEViUz48xjG3SNuBcxuRIHpbz HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3WnEViUz48xjG3SNuBcxuRIHpbz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3WnEViUz48xjG3SNuBcxuRIHpbz
Request Chain 158
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIJv6X4vnnG_IBmZBho36lQ&google_cver=1&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIJv6X4vnnG_IBmZBho36lQ&google_cver=1&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1&C=1
Request Chain 163
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR4M47lDFHm88rTZ0OLaDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBzxNCGqrTky2FhtUYARtQw&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzxNCGqrTky2FhtUYARtQw%26google_cver%3D1
Request Chain 165
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk5ODU4MjMyMjQ5MzczNjUzMw%3D%3D
Request Chain 168
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpnXm3ov-DYEQXWChe6Be4CfpcsD6csA0MEWD9Uho21LfKock3K5nV0rm04 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpnXm3ov-DYEQXWChe6Be4CfpcsD6csA0MEWD9Uho21LfKock3K5nV0rm04 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpnXm3ov-DYEQXWChe6Be4CfpcsD6csA0MEWD9Uho21LfKock3K5nV0rm04
Request Chain 169
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENHD49Fo1-eUGfAIp9OF6Lg&google_cver=1&google_push=AXcoOmR3yL1p6In6ThxubXeB35Gxlg7kzV7672hUA63faHUqrykOETykH3ZZ9qnPCvbENxoa-SakVZX0c52EBdWYWHHUTmpXENlBH6c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENHD49Fo1-eUGfAIp9OF6Lg&google_push=AXcoOmR3yL1p6In6ThxubXeB35Gxlg7kzV7672hUA63faHUqrykOETykH3ZZ9qnPCvbENxoa-SakVZX0c52EBdWYWHHUTmpXENlBH6c
Request Chain 171
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFx_OAClx83TPa2TjmdK3HI&google_cver=1&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377ZShXGmbmmAAGTxo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377ZShXGmbmmAAGTxo
Request Chain 172
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtRacczoVxKBKIy7ugq8UxkeQ0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtRacczoVxKBKIy7ugq8UxkeQ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU5MzAzMDkwMjQ3NjMzMDQ0NA&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtRacczoVxKBKIy7ugq8UxkeQ0
Request Chain 173
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELMVoq1sOlvX7lazSFgybU4&google_cver=1&google_push=AXcoOmQxyMJ3qDQeBQBMsA8rXS0h5Rb8QTiLmq3wRa6qv9YCZPuWh0X2G4CDXChRI2vPtvYhktlimOSG30wMnujBenABcatPYqvdK9Z1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjQwYTM0OWYtYTYyZi00MGNmLWEwMTItN2UxMzFkZTRlOWNi&google_push=AXcoOmQxyMJ3qDQeBQBMsA8rXS0h5Rb8QTiLmq3wRa6qv9YCZPuWh0X2G4CDXChRI2vPtvYhktlimOSG30wMnujBenABcatPYqvdK9Z1 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 190
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1&google_push=AXcoOmT2Oq5coeSEQsF_OSAzOF0_6uZqbGlGaPifUQxuLpRmr7UZIc01wk95b4uR0hc2Z_pK2xPNR0JCPyQwwOTGYamjzrMWRCtyNFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM4NTc1MTIzMTcxMjA0NDA5MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
Request Chain 191
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRRG7P9Qfr1EP39Nf3EmZS0RU3fOP6XvuJ3uugFyt11aua_j7JY HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=12943908195c191c&is_secure=true&networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRRG7P9Qfr1EP39Nf3EmZS0RU3fOP6XvuJ3uugFyt11aua_j7JY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI67XJ1xvtpANWTlNWAAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRRG7P9Qfr1EP39Nf3EmZS0RU3fOP6XvuJ3uugFyt11aua_j7JY
Request Chain 192
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 193
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIMxeX00psyETXTmbDrwT6U&google_cver=1&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZIO_qd5NE5cA95BY39iflI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZIO_qd5NE5cA95BY39iflI&google_hm=7JtdF9OST4qr908b-hi5TqI
Request Chain 194
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFx_OAClx83TPa2TjmdK3HI&google_cver=1&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW4M6fSp4HqDkfzw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW4M6fSp4HqDkfzw
Request Chain 195
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfWevHqiZFxVgHMCE1vtlYUGQk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfWevHqiZFxVgHMCE1vtlYUGQk
Request Chain 196
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPTy1qXU5Rt92psXV1HUS4I&google_cver=1&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM0hWnfFhv16BiHy_3gvU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM0hWnfFhv16BiHy_3gvU
Request Chain 228
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMnS0MHc3YEDFT6Fgwcda9kCPQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Request Chain 238
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIPW0MHc3YEDFRAx4Aode4cC3Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Request Chain 250
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308 HTTP 302
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308
Request Chain 266
  • https://gcdn.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5E449BFD24FCEC8A2B372067FFB00B3BA3436BBB.A017CA61A06B07A3CA190F4B2F88752012707715/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7B7BD0114CBCA05B2D7FC1AA674D8CB58F4A6AE5.3751A82F04CDD6AE1834AB54AE389226CFD95FC0/key/cms1/cms_redirect/yes/mh/g_/mip/176.115.237.162/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1696467193/mv/u/mvi/4/pl/22/file/file.mp4
Request Chain 267
  • http://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 HTTP 307
  • https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Request Chain 268
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1&google_push=AXcoOmSP9XDZJb3dWWc1LIBkQn1T8NYZdBCRNJP1p703_jzcrksthUiain3bLXH248EhpPq8DnKQp0cM9jaVsDvxcl8PUnWWLl1ydkRC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM4NTc1MTIzMTcxMjA0NDA5MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmQSSM5iCZJnoVqjnrvQVbVsS7iG7EZk4UX-Yx86yl6OZOz-TTlt006U4fsvJK_V-gx7BhiKDcpzTyAAhnGOeZSQ2-b8-OEuvsp7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmQSSM5iCZJnoVqjnrvQVbVsS7iG7EZk4UX-Yx86yl6OZOz-TTlt006U4fsvJK_V-gx7BhiKDcpzTyAAhnGOeZSQ2-b8-OEuvsp7
Request Chain 271
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPbRt6o5z1f0NgmcF2jcBM&google_cver=1&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7_CoiS9Lo6ocLTUev8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7_CoiS9Lo6ocLTUev8
Request Chain 272
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH65lON89sCUL-RB3J6T7hI&google_cver=1&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951UvbR51hiTr2kAG0OB8Y HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951UvbR51hiTr2kAG0OB8Y&google_hm=hmUeDONsFbVqk9ytfw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D651E0CE36C15B56A93DCAD7FBLIS
Request Chain 273
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsCAOJ2NeUKsMAehMrxOUk&google_cver=1&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6rPW_lnSrmP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6rPW_lnSrmP&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
Request Chain 307
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7B7BD0114CBCA05B2D7FC1AA674D8CB58F4A6AE5.3751A82F04CDD6AE1834AB54AE389226CFD95FC0/key/cms1/cms_redirect/yes/mh/g_/mip/176.115.237.162/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1696467193/mv/u/mvi/4/pl/22/file/file.mp4 HTTP 302
  • https://r1---sn-1gi7znek.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61BEAE937C3C4AA9DF3882348CD22B1B4793C29C.4ACD222C0E10FAC4523CA441576AAAFD44AC3381/key/cms1/mh/g_/pl/33/redirect_counter/1/rm/sn-4g5ede7z/req_id/6c370fdd2a6336e2/cms_redirect/yes/ipbypass/yes/mip/2a01:7e01:e001:1c8::202/mm/42/mn/sn-1gi7znek/ms/onc/mt/1696467193/mv/u/mvi/1?file=file.mp4

302 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request color-illusions.htm
brainden.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
88b224b1c939068504d47d50c99ccb1754ff2083c7993de1ff0c388ef42ccddb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 05 Oct 2023 01:09:50 GMT
ETag
W/"5ce6ee9a-7376"
Last-Modified
Thu, 23 May 2019 19:03:54 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
style.css
brainden.com/css/ 		46 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://brainden.com/css/style.css
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
96ee53048e2b6bf53d6597432a7e9da11516183b3ee71dfcf95f192fdf35b80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Sun, 21 Apr 2019 18:41:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5cbcb967-b9b8"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47544
Expires
Sat, 04 Nov 2023 01:09:50 GMT
subpage.css
brainden.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://brainden.com/css/subpage.css
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4f13a6e57521e21326273b4142cd973ee1659deb3384e8fe936a72eadf52884

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Wed, 26 Aug 2015 22:32:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"55de3e68-473"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1139
Expires
Sat, 04 Nov 2023 01:09:50 GMT
fonts.css
brainden.com/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://brainden.com/css/fonts.css
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
469b0958916a52f883642b0e5e11057e88a3ef05cbfeca6ac4353fed5fb14546

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Wed, 23 Sep 2015 23:01:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"56032f37-413"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1043
Expires
Sat, 04 Nov 2023 01:09:50 GMT
prettyPhoto.css
brainden.com/css/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://brainden.com/css/prettyPhoto.css
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Tue, 19 Jun 2012 08:41:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03b23-4db0"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19888
Expires
Sat, 04 Nov 2023 01:09:50 GMT
jquery.js
brainden.com/js/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/jquery.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Tue, 19 Jun 2012 08:41:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03b54-16eab"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93867
Expires
Sat, 04 Nov 2023 01:09:50 GMT
scrollable.js
brainden.com/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/scrollable.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8efe124176fbad3141c31d1b0a0ee61d59babdd9f0a81134ae1b94b1eac111b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:50 GMT
Last-Modified
Tue, 19 Jun 2012 08:42:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03b7d-3334"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13108
Expires
Sat, 04 Nov 2023 01:09:50 GMT
script.js
brainden.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/script.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
12baa7ed5333863913fe9f5045696e951dc5a71964d8efa5c02e4d8476395098

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 08:42:31 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03b77-724"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1828
Expires
Sat, 04 Nov 2023 01:09:51 GMT
detectmobilebrowser.js
brainden.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/detectmobilebrowser.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
19785fb269860bcc9053b4417b220ada50878f42dbd877d0c7aa799da1f78e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Wed, 23 Sep 2015 21:36:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"56031b54-888"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2184
Expires
Sat, 04 Nov 2023 01:09:51 GMT
jquery.prettyPhoto.js
brainden.com/js/ 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/jquery.prettyPhoto.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
af3db9dd15940cc0ea6dd33ab403dd3dfff66cc2fa1db32fe31adf5b12c35a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Sat, 01 Aug 2015 19:49:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"55bd22d1-89e0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35296
Expires
Sat, 04 Nov 2023 01:09:51 GMT
/
load.sumome.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://load.sumome.com/
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:51 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1081
x-amz-request-id
1KYFJQFMBFJKH37P
Transfer-Encoding
chunked
CDN-CachedAt
08/01/2023 19:55:24
CDN-PullZone
53731
Connection
keep-alive
x-amz-id-2
qq+ntw5IJPjgabl5D2IupL5Qw6IGEklZlzXzRWgabNShliLdR2eEmsTuZwMPqR0zNmJqeRsDUJM=
Last-Modified
Wed, 05 Oct 2022 16:50:13 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
Access-Control-Expose-Headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Cache-Control
max-age=600
CDN-RequestId
5db3737a37d0ff1db0fb197d387e5455
CDN-RequestCountryCode
DE
Access-Control-Allow-Headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
CDN-Status
200
CDN-RequestPullSuccess
True
flag_en.png
brainden.com/images/ 		444 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/flag_en.png
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
397fba39b6f7d81ba6541d01622036114a8badcb7dfcc84acf2a7ece8231e717

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:00:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fbb-1bc"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
444
Expires
Sat, 04 Nov 2023 01:09:51 GMT
flag_ru.png
brainden.com/images/ 		323 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/flag_ru.png
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e0523222ab0345be10df58ae0cefc8c40d91fa1ba3ef4ce5d7369f5a818d1ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:03:50 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04076-143"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
323
Expires
Sat, 04 Nov 2023 01:09:51 GMT
flag_cn.png
brainden.com/images/ 		445 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/flag_cn.png
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
747c818e059d3a1396c97c72773078adef871bb6834b45dec94872a61fccdc98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:03:44 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04070-1bd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
445
Expires
Sat, 04 Nov 2023 01:09:51 GMT
flag_sk.png
brainden.com/images/ 		464 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/flag_sk.png
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3beae74d220768812d80f736aec7fcf3270415f2c38585d75a6041d8ab1d4d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:03:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe0406a-1d0"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
464
Expires
Sat, 04 Nov 2023 01:09:51 GMT
fastclick.js
brainden.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/fastclick.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a42d4f7e07c285821664bdc966bd76a84cdb8b95213e708d781960e49c287d1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Wed, 23 Sep 2015 21:36:21 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"56031b55-5cf0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23792
Expires
Sat, 04 Nov 2023 01:09:51 GMT
scroll.js
brainden.com/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/scroll.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2649394e4e1c43964efa7a3770c4db05cd5f8e3f6f25f541ab2864f46e89ed2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Sun, 20 Sep 2015 23:52:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"55ff46a8-1e83"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7811
Expires
Sat, 04 Nov 2023 01:09:51 GMT
fixed-responsive-nav.js
brainden.com/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brainden.com/js/fixed-responsive-nav.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d05c4bd2b8eb99be5773befe83f0e2762fac4ae0e55a8e860302ca5249913371

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Sun, 20 Sep 2015 23:52:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"55ff46a7-150b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5387
Expires
Sat, 04 Nov 2023 01:09:51 GMT
color-blindness-test-4.jpg
brainden.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/color-blindness-test-4.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f0552e81c41c1bba2dd5c9ceb2761be86b57c81adf4ebf73db851aa222089d14

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 10:06:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04f2f-5a76"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23158
Expires
Sat, 04 Nov 2023 01:09:51 GMT
enlarge-icon.png
brainden.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/enlarge-icon.png
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eaee7416f518d52ff8a8aa3d4bf538626eba2a0bb2d2daa77295dbe19ecb2906

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 08:58:13 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03f25-5bb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1467
Expires
Sat, 04 Nov 2023 01:09:51 GMT
dress-color-illusion.jpg
brainden.com/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/dress-color-illusion.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a367d8042637af557bdcc07494e924f9b30ebf43b8405109a4e82705909c773

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Fri, 27 Feb 2015 22:10:49 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"54f0eb69-fc30"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64560
Expires
Sat, 04 Nov 2023 01:09:51 GMT
same-color-illusion.jpg
brainden.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/same-color-illusion.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c42ee1fe09a780d1b95c4d75074fa2134140133846581bc4fae4fdf252da8000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:36:34 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04822-2487"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9351
Expires
Sat, 04 Nov 2023 01:09:51 GMT
white-illusion.jpg
brainden.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/white-illusion.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6475207ee556a72dd327dbfa85d0964acdcc683a2dac2ed6f8e8624c26fdbc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:18:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe043d6-1353"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4947
Expires
Sat, 04 Nov 2023 01:09:51 GMT
color-cube.jpg
brainden.com/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/color-cube.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
65c9c27d0e126484fb8cae7654caf8ec2a7a8f350fefc51ff7615883d8d0aa7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 10:06:28 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04f24-b3a1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45985
Expires
Sat, 04 Nov 2023 01:09:51 GMT
identical-colors.jpg
brainden.com/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/identical-colors.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98c0683b66372ac32b5209e1c696543d5499b8537057b5b375ec7fff4450babc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:55:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04c7b-49d6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18902
Expires
Sat, 04 Nov 2023 01:09:51 GMT
yellow-blue-dogs.jpg
brainden.com/images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/yellow-blue-dogs.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d79e738ae734a0093967891f75eb9969e0537585091818ddfc97dd2e9cd3f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:17:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe0438e-90bc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37052
Expires
Sat, 04 Nov 2023 01:09:51 GMT
chess-pieces.jpg
brainden.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/chess-pieces.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a4d24b4e2048cc64b642c7bb4eeffde59737da7465dbaca354d7d07f34fca66

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 10:09:40 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04fe4-327f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12927
Expires
Sat, 04 Nov 2023 01:09:51 GMT
red-green.gif
brainden.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/red-green.gif
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4b5592b7f5a16224b8d18b0c1d2dd571315cfc1661a75fb7096acc04786842d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:40:41 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04919-1454"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5204
Expires
Sat, 04 Nov 2023 01:09:51 GMT
grey-blue-stripe.gif
brainden.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/grey-blue-stripe.gif
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1f24e8f10c99fa1d34ca7a86688ee4672b198d56ad435100dfb35e02b38c06ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:58:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04d36-11c0"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4544
Expires
Sat, 04 Nov 2023 01:09:51 GMT
rotating-dots.gif
brainden.com/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/rotating-dots.gif
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5e668b4b06d7b41ad5451294a2a77c73d56340777296fa988fe5346a73ab86ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/color-illusions.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:39:41 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe048dd-96c1"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38593
Expires
Sat, 04 Nov 2023 01:09:51 GMT
gpt.js
www.googletagservices.com/tag/js/
Redirect Chain
  • http://www.googletagservices.com/tag/js/gpt.js
  • https://www.googletagservices.com/tag/js/gpt.js
99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
d1f12f07137e9235db26eff1e2e0919069ec7a4c64411bdf205bcfd86b6ad7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29413
x-xss-protection
0
server
cafe
etag
855 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:52 GMT

Redirect headers

Date
Thu, 05 Oct 2023 01:09:51 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location
https://www.googletagservices.com/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Thu, 05 Oct 2023 01:09:51 GMT
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2
  • https://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2
124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
519a1ef49142810b03eeedcc5be783ab02b1444f35789fd5d61deb7ae19ffb2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49494
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Oct 2023 01:09:52 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-TXG3L2
Date
Thu, 05 Oct 2023 01:09:51 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-KQ754H
  • https://www.googletagmanager.com/gtm.js?id=GTM-KQ754H
142 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQ754H
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
724dd2969e04a30abdd11225a88e64c0f26885e58185ce7ed80d5f10fffa839f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55535
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Oct 2023 01:09:52 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-KQ754H
Date
Thu, 05 Oct 2023 01:09:51 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
bg_subpage.jpg
brainden.com/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_subpage.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/subpage.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8bd9ea457d1fe4bf8ff55bc4066f6ceb02a577f324f80104bf8bbe3c41fbba4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/subpage.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Sun, 25 Sep 2016 07:26:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"57e77c0b-11351"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70481
Expires
Sat, 04 Nov 2023 01:09:51 GMT
logo.png
brainden.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/logo.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b9c4e499e5525e681fa7ed97f388d043a1d164364db542a3c69d46b306ed13fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:04:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04082-10b8"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4280
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_search.png
brainden.com/images/ 		109 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_search.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
76e64ae3d9284451a2203be57a91a4f62a3aab5bec260628ad79830685c1fe4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:00:55 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fc7-6d"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109
Expires
Sat, 04 Nov 2023 01:09:51 GMT
button_search.png
brainden.com/images/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/button_search.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c2aae91b4ac2a7e4e49202f39ad200b9f99a9fb91179de7636db411ff6f62c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:00:49 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fc1-2fd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
765
Expires
Sat, 04 Nov 2023 01:09:51 GMT
museo_slab_500-webfont.woff
brainden.com/css/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://brainden.com/css/fonts/museo_slab_500-webfont.woff
Requested by
Host: brainden.com
URL: http://brainden.com/css/fonts.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d97f9a73c25d4849663e696a009e4290bebd9cc755f04750f7aaa0a4a0e9a3f9

Request headers

Referer
http://brainden.com/css/fonts.css
Origin
http://brainden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 08:40:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03b05-59a4"
Content-Type
application/font-woff
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22948
Expires
Sat, 04 Nov 2023 01:09:51 GMT
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
  • https://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
124 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
112617feae7042d4ea92a25c3bab71f294a2325e2c360dcd25d6571987d17cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Oct 2023 01:09:52 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
Date
Thu, 05 Oct 2023 01:09:51 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
248
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
bc_delimiter.gif
brainden.com/images/ 		238 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bc_delimiter.gif
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
942e85bc8725ae46fdd93360ddb4987a1397d64ef3dd1566eff74eb4bd7ae56e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:02:50 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe0403a-ee"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
238
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_note_top.jpg
brainden.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_note_top.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d2507c13ad428930800095ccb9123a31fda708815d2dc40e38167db3cfc35ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:02:14 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04016-153e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5438
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_note_content.jpg
brainden.com/images/ 		957 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_note_content.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf5b3da91a8c5de1d9c95b5aca265c1dc2a0a338f843c662e85c12631f142156

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04004-3bd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
957
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_note_bottom.png
brainden.com/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_note_bottom.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fb7ecce78629cd85f2407a55710eb9a3f6e6467eff6fb8df410ac67a6eff33cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:02:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04010-8b57"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35671
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_side_submenu_top.jpg
brainden.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_side_submenu_top.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
95d35caf8056c0e55a5155e7fed360277d3d2848f5c96a1223c685af25e654d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fe5-4a1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1185
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_side_submenu_content.jpg
brainden.com/images/ 		662 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_side_submenu_content.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a68670db0d673392194d69e07ed4e636c1c4e7b1d0b73f344f2d5844b217044f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:13 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fd9-296"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
662
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_side_submenu_bottom.jpg
brainden.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_side_submenu_bottom.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c0db0482de9e9570992678b27d70bbcc8537c3573a0b8e68f44ed1bfb1873c5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:19 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fdf-af2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2802
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_side_submenu_selected.png
brainden.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_side_submenu_selected.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
360cec85957e15e7588b9a815c62ff8fd9f0186fc7f80a683acff4f2d2e7ae75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fd3-c74"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3188
Expires
Sat, 04 Nov 2023 01:09:51 GMT
bg_footer.jpg
brainden.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/bg_footer.jpg
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
40e237e41566635defeb915fefb866159c153593555a6e7b9b1d7cc432ec6c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:04:08 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe04088-88f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2191
Expires
Sat, 04 Nov 2023 01:09:51 GMT
footer_icon.png
brainden.com/images/ 		254 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://brainden.com/images/footer_icon.png
Requested by
Host: brainden.com
URL: http://brainden.com/css/style.css
Protocol
HTTP/1.1
Server
195.210.28.61 Bernolakovo, Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
braindenvps.vps.wbsprt.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8206a54720788b6f48aa14363c8de48f6ed349bab47798275244b89712e3055b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
public
Date
Thu, 05 Oct 2023 01:09:51 GMT
Last-Modified
Tue, 19 Jun 2012 09:01:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"4fe03fcd-fe"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
254
Expires
Sat, 04 Nov 2023 01:09:51 GMT
72.0a035390359aab65eb82.js
load.sumo.com/ 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
FMGSGJGQBTWVRJ1S
cdn-cachedat
07/26/2023 06:51:53
cdn-pullzone
53731
x-amz-id-2
WSEl9xTH2Gn9NK4dG4tUKq7PjWu4UUEG//nx63LwmWyrTOkJik1SfwhZaBDn+vN/N7UOQCwf0Z8=
last-modified
Wed, 05 Oct 2022 16:49:50 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
059d799d9a2c00d2dc69fec0119b4917
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
DWH88T81ZZEBPF44
cdn-cachedat
01/05/2023 13:19:16
cdn-pullzone
53731
x-amz-id-2
jOqTwrO7CKADB6A99P2KE8erCfBGDinliCUfMCHx9ofCH5Hyp/WWaFB+LMZTpDm3rXJNnXg+404=
last-modified
Wed, 05 Oct 2022 16:49:51 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
83d82cdd4fa41faabff377da20d9fe83
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
f56383c5309a18f4eaf3a83c632fab6a5d395361693d976422b55fddca60dbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 01:09:52 GMT
content-md5
gATTc6Hz7DAb45Gby1gxZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
8pE9kzM4bl7FeBNbH+PMDYDE+M/028Rx34PnVP++yZUwnOaMP904lShhwsYcBShuF69RJedunCe4CpPGHMokKQ==
x-fb-content-md5
5faf0ddafa797eb1cfc7a284ca18f702
cross-origin-opener-policy
same-origin-allow-popups
etag
"04678adc3be0c24854095d2f14211169"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:16:15 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=113269252928&version=v2.0
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • http://www.google.com/coop/cse/brand?form=searchbox_014810839573023830780%3A7orzgdlj6u0
  • https://www.gstatic.com/prose/brandjs.js
14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:46:16 GMT
x-content-type-options
nosniff
age
69816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13880
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 05 Oct 2023 05:46:16 GMT

Redirect headers

Date
Thu, 05 Oct 2023 01:09:52 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://www.gstatic.com/prose/brandjs.js
Cache-Control
public, max-age=1800
Content-Length
237
X-XSS-Protection
0
Expires
Thu, 05 Oct 2023 01:39:52 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 		413 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
34677
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133452
x-xss-protection
0
server
cafe
etag
5291400228273913750
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 03 Oct 2024 15:31:55 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4809
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 05 Oct 2023 01:49:43 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
sdk.js
connect.facebook.net/en_US/ 		299 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=84a1ed5c5fac441f6bc015482ce2f980
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2242566923867423d2f65aec243d8e8c65224b0eb1015a3018e007a02cf692b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://brainden.com/
Origin
http://brainden.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Oct 2023 01:09:52 GMT
content-md5
q7FVCCVHp3eI3/8P1BXc7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86665
x-fb-debug
EMIClYR5glo7Q+EDnmgOvQb/r/Q54/VLGc1HUTC0PJiFPACGP5cxIp+eZstqLcLEKpOeT4v4DSnlEbm+ATsGbg==
x-fb-content-md5
06c8447d2d80e6e7efeae421932c65b7
cross-origin-opener-policy
same-origin-allow-popups
etag
"f00ca81b74a82533e899b5b8510f90a1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 03 Oct 2024 23:17:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=391758873652409&correlator=3740553417596659&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=1019174%2CBrainTeasersTopLeft300x250%2CBrainTeasersTopLeft336x280%2CBrainTeasersTopLeft336x280-w%2Co-AdSense%2CBrainTeasers160x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%7C320x100%7C336x280%2C336x280%2C160x600&ifi=1&didk=1927586445~3342648400~2873265916~1242180035&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1696468192615&lmt=1558631034&adxs=334%2C334%2C334%2C1096&adys=6074%2C330%2C1652%2C346&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&bc=23&nvt=1&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&vis=1&psz=726x250%7C300x32%7C726x0%7C168x600&msz=300x-1%7C300x0%7C726x0%7C160x-1&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=1525024100&ga_fc=false&dlt=1696468190940&idt=1641&adks=3379456068%2C3732132814%2C3377398962%2C368001015&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
13d668b2ba98c170ed5dc6433d2e615687d8659f0219a4299b9d88289771b883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15993
x-xss-protection
0
google-lineitem-id
401372524,5365180518,405720724,326067844
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309010525,138309010525,138308596799,138308620332
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://brainden.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:52 GMT
expires
Fri, 04 Oct 2024 01:09:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1525024100&t=pageview&_s=1&dl=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ul=en-us&de=UTF-8&dt=Color%20Illusions%20and%20Color%20Blind%20Tests&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgAABAAAAAC~&jid=585379104&gjid=1228234749&cid=826834096.1696468193&tid=UA-261914-9&_gid=104535873.1696468193&_slc=1&gtm=45He3a20n71KQ754H&cd1=0&z=322898299
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
36ec5ec1949e3e6314d4cf1a390bf07ba4c1c686a7e3aeec1473997497e1ddf6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://brainden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://brainden.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-261914-9&cid=826834096.1696468193&jid=585379104&gjid=1228234749&_gid=104535873.1696468193&_u=YChAgAABAAAAAG~&z=1159642717
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://brainden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 05 Oct 2023 01:09:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://brainden.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D92C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8PvDx-Yqqxhd_qX2HwpkvZDHC91VjEjdWWbYA7_0NBmmsyW3tU-6Nqge2ZjpbVoXBsxOlTmtTSTx0DW3b4XklPZ7I1bh3iaZsjcMs9n0GXXDGRLQR3qvvxl1WMX6EViIGkdAO5j9f4Pm5ZjvyEXlrq0Zn8NHCR0Se8VsFlQwoklNnyL0bKA1cj7O9qPHuANnsih4Uy23NmW5AhAPDr2e4CTgUI5uJKa055eS6D76ufOtGTWlRiKLbjqIQzomWHtydLwzayKrawrjeQJ5NX8GXxEegOAgypFDpI_vnuy3A-9GV2PxVLZxqYTp5pG-X_ycExzXJ4Z3w0nccqewo&sai=AMfl-YSUiGG_OYytuRYW4POak5f3JOfDe-2XZE3nn5dh7k8em7YxycGlrw3lnQjYYnQE2nafRaxkH89ePiGpMdgusA5EWroHfGp-qe9XgA8rjU-u0IiJzy6d1uZATjcldRSUKlHw-hrtXniXz4QUz4PH&sig=Cg0ArKJSzLH_mD1J7Jv0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D92C 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
b9d282f61771a5fc4e99716b7c6938de3fc061e7c687f747832d121f18e28780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51091
x-xss-protection
0
server
cafe
etag
6147530410477717572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D92C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 914C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthRzmqdLnq86uKGO5lratZRIEFkz-dyEcEtGbIGy7djKpwWEKovmsU8K_gC0_pT_Ec2GLCIYwy1-5-jEDXwAqCpx70LRma8oN4TWEtkk21BhsFLFXFvpyL_5eL_xrlXz0HBw0xFU_KQ1qDAXLC4FxiCWwPLSjBRysE7x--Mg-osNLj4Br0HLiR14b68i9ju9NA76Fl8HJPmsWYMw9ayXhVCpYx9X43h_54UcNGFN914hZICdTZbJUMtSiXk74nTiO6UmEnyszHRYUkformmf5B6RFHFzkP1ymT3QN6CbAGvgq9s8bal6G3-SOp8jWeGxTYMFWIMjiwkP_90WXn&sai=AMfl-YREVsk1vjMvdXZ_xVDZQZhtTZCgsvG-BZREfyd3YQX3sLtywFHY8qQ2Y1C4wSJNvLKe1lkX8X8xr9tC7ztilho05pHFzf9QLt2J2MeGnp0z0pNs9zYnDMLuiXdV0hSOjyiP_QpG1jRjcoWZ2rBf&sig=Cg0ArKJSzIgBUs8GkHSKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 914C 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
e1798c8975355618ad3e7cd8242f2942d7aed051e74769741839356287116e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50603
x-xss-protection
0
server
cafe
etag
13777737315300986821
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 914C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACCB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssACW2A1tlUpxgb5JjrtX_B4kaXdfbepkHmVPbVbA3ZVFvbs7jHygmUvR1311idofFfDIiPngp6swBvvDqZEz391A1lj6Jb3U4n0KIR9ugQ-Epal9iYb4KgdMUASjmRdYD4LgAolfnY-ARQb1cyG6t6G1A64X2qhxyGP6_cmFXzFpuamhmTevhe4Vbg-pqZwi7ADTVW7YFVVo89EoLHkRr6nepH_V_ztOz7rEEMtKc0ecAv-9cyBpBtW4oIDar3-yV_oE1_9HQm-2NjEguuDKvsNnL5iq0EEzRLbdtFH_XIucPAaZ-z117aqyssXJysD35KiOB31voJ4BaxsE0Tcs1LtaSCV_-2h7hTVw&sai=AMfl-YTlnuVOadN7mEYJE4neDbck-opP4GI4AFZKBC4agxE8t0f6Vi1JZtUKbR54chQ74JRO8FDGlgHfncxJWhGBiG1gbhmaofGqgTDZqbEebrYnWTP6EoKwgoW42oRsfruFXBuaICK4jYGoC-Ou9X2j&sig=Cg0ArKJSzG28eWxTIm8vEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame ACCB 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
b99ce518c7c138e49876f7cdb03a3bee98e89dd05f9ff5ba373ef094e8557c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51086
x-xss-protection
0
server
cafe
etag
3889270310900219785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACCB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8215 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK9fVSuHU6Oztd2xqxA8WzecWQiZX6BhWOUyYX-BOYpvRVkreLAagPUtS_f1SCe-yBt1jIuUnHqsTd-mMjV6Np8MvDF5FxCAhQCYlFlMBT9WyOw-883DVoahL_JnIZwLtBH6h8fAC8nCw4MMYbUgfCZX8E7coTQN0h322X7m52xszlwqkUwcntOoZSYuuUH6ped0tH-v3jgU-leD39jrEJcbJ1ErpXhJiPurwyv7snQnH_20BXot1XZgDQOEM6UQ-slwTcUemGVtckb7_XOY86OKhWJg1eMvtg81c1f1D0N2yAsQPBAkoOD-Kkc3d65-2oDmWTW1Y&sai=AMfl-YTTCYPICXfyAgklp-_VkDdMPe9CY7vVT8DKvTFq_Wqeubm_w__WkplKi2Gxs-mTmOXrIpgx7o-qi_lH5k1beAgHevQJq-5PF3Ho3372pT6BFjjnnPoIe3Xdki3WLA0v20NKykIawfe1hJ62aaRL&sig=Cg0ArKJSzNljGx-SkCFPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8215 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
1992f532ce7b9b0fbb2a1d087e93297a2a6a63df656089de68c904d2bfeac7f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51088
x-xss-protection
0
server
cafe
etag
16178474804122375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8215 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:52 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-054PM9V6YC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b890c3db5c207710c6c8c3dd9650be82c243058d1b7b99262915df1e0332b5ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86924
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Oct 2023 01:09:52 GMT
truncated
/ Frame 914C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58f6a639549d231d3e82fab85f1c1e0c4b64db09016332febdbf26a2fe49a307

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D92C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da8f6078bba22ec97944f629984b3072e8814a1f96d2ab190a0bb5d361b87933

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ACCB 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d834cb935ac534be4a44fa1cf8136f02efb1ff42df91ca1b3c7e93463fd8d801

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8215 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32bc8dd9f9ce34108d7b8ef1655164e4335554dc58a7890d8550ac2e4aaa7057

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-054PM9V6YC&gtm=45je3a20&_p=1525024100&ul=en-us&sr=1600x1200&cid=826834096.1696468193&_eu=ABAI&_s=1&dl=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&dt=Color%20Illusions%20and%20Color%20Blind%20Tests&sid=1696468192&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-054PM9V6YC&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://brainden.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-8WMQ
Protocol
HTTP/1.1
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
b08b16d8dd8cb1e8611cd92a6cf7aafcdc99a837d66a0c25b9df748843675ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
53838
X-XSS-Protection
0
Server
cafe
ETag
16153078668500251268
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Thu, 05 Oct 2023 01:09:53 GMT
count.asp
toplist.cz/
Redirect Chain
  • http://toplist.cz/count.asp?id=128277
  • https://toplist.cz/count.asp?id=128277
292 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://toplist.cz/count.asp?id=128277
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Server
88.86.101.2 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),
Reverse DNS
www2.toplist.cz
Software
Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 /
Resource Hash
131d95934ca1c4b25d07cf2ee94d1d8f988fb300e89a30d2c3812d253c5c7d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
p3p
CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w
3
content-type
image/png
cache-control
private,no-cache,no-store,must-revalidate,max-age=0
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location
https://toplist.cz/count.asp?id=128277
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ Frame D92C 		391 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
eb4438527b6082eb121f9289e110fb664a7e0ff0ad9f2f460ca4626067341443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135713
x-xss-protection
0
server
cafe
etag
8102333646325066595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/ Frame 3C4C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 14:47:09 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 14:47:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ Frame ACCB 		391 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ee9bfe1e1fa353463f887c33e4083b02eb6f637af304f579ef5b01aadb60dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135720
x-xss-protection
0
server
cafe
etag
3152527045240508444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ Frame 914C 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js?bust=31078466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50be17b8a7b0e0f13a9e06508ae46ee05610000edf03e0f207e93475918f1ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131761
x-xss-protection
0
server
cafe
etag
849061830550468052
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ Frame 8215 		391 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f68e2e6ac3ece6f38b8f06c3ac641666bd86ad003c818303d183c5d592e0c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135720
x-xss-protection
0
server
cafe
etag
4267387233556051535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame D92C 		216 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=brainden.com&callback=_gfp_s_&client=ca-pub-6455015126764625&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
fdec6f4d4096cd7c829f870081c8516f8232cbf6a7af203355425105accbd63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B4B3 		436 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=1811160126&adf=3173046729&pi=t.ma~as.5046721354&w=300&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=300x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193142&bpp=5&bdt=426&idt=199&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=2&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=2069573839&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=6461&biw=1600&bih=1200&isw=300&ish=250&ifk=4038817774&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076839%2C31078363%2C42532402%2C31078489&oid=2&pvsid=2018822925082418&tmod=1714570455&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.3ih8i3qvqxgm&btvi=1&fsb=1&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6664c9a5b39c619ae2330f99e8db964a2e671f3950cccc07cc379abdedaf14c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame ACCB 		216 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=brainden.com&callback=_gfp_s_&client=ca-pub-6455015126764625&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e167b00fd51f0ab7bc8628cc9966c00f35415b5fa81c5bb36464e202f89b7882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B093 		436 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=333218317&adf=3173046727&pi=t.ma~as.5046721354&w=336&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=336x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193209&bpp=5&bdt=466&idt=205&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=1052728096&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=1727&biw=1600&bih=1200&isw=336&ish=280&ifk=4171855712&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078489%2C44803789&oid=2&pvsid=2140185377516309&tmod=1937163240&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.3padnk2y8812&btvi=1&fsb=1&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a9b1fe7e29399fc441dd425404db012c9d7663f5fb0b6e5eabebc6f230c606ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 		389 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
952c2238f1de01ea8248e7764e45f7ae90305dc7460eb0c89d494ed1bb25317d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135149
x-xss-protection
0
server
cafe
etag
12113367338292249024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:53 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 914C 		216 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=brainden.com&callback=_gfp_s_&client=ca-pub-6455015126764625&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js?bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3eff6e5130084dae8474c00e8b7bae18e7c0b1edfb37a078033f6705b7824dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0EB8 		436 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=200&slotname=5046721354&adk=1811160126&adf=3173046728&pi=t.ma~as.5046721354&w=300&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=300x200&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193275&bpp=12&bdt=544&idt=250&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=23&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468194&ga_hid=1938753818&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=334&ady=330&biw=1600&bih=1200&isw=300&ish=250&ifk=1826140310&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C31078363%2C44801484%2C31078466&oid=2&pvsid=3007972043363280&tmod=1690132607&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.jly4xhqyd09t&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js?bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d6a09b790480030b75ee47d0faae1eaa0f0baad0eb791e348e7c41b7f5aa7c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 8215 		216 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=brainden.com&callback=_gfp_s_&client=ca-pub-6455015126764625&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
1fd8b60fb3034c1a262f1ae761dc7dedde7f6f86bb8f0ff69c0a37d041655108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 64DF 		436 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&h=125&slotname=5820499555&adk=4124986096&adf=3173046726&pi=t.ma~as.5820499555&w=160&fwrn=3&fwrnh=100&lmt=1696460993&rafmt=1&format=160x125&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1696468193301&bpp=5&bdt=546&idt=282&shv=r20231003&mjsv=m202310030101&ptt=9&saldr=aa&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&correlator=8358160504198&frm=21&ife=4&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468194&ga_hid=735335404&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1096&ady=1183&biw=1600&bih=1200&isw=160&ish=600&ifk=2813783621&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31077327%2C31078596%2C44801485%2C31078489&oid=2&pvsid=547691374644682&tmod=1442058056&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.qdxpwfush5yg&fsb=1&xpc=9WaBeOavKA&p=http%3A//brainden.com&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c63348d5a27667933c787b0eb79a73964df0d297e0c1227f3e249b0924a63381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		216 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=brainden.com&callback=_gfp_s_&client=ca-pub-6455015126764625&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
72a52ae85fdb6f1344947ec429ba06fe6dd78d6e710868415091def57e34e07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5D83 		286 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6455015126764625&output=html&adk=1812271804&adf=3025194257&lmt=1558631034&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696468193497&bpp=5&bdt=2558&idt=188&shv=r20231003&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dacf004303860b869%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYGvJDEqvHXUTxYSikOnrj3dlnfQA&gpic=UID%3D00000c8e1a6c8b5a%3AT%3D1696468192%3ART%3D1696468192%3AS%3DALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ&nras=1&correlator=8358160504198&frm=20&pv=1&ga_vid=826834096.1696468193&ga_sid=1696468193&ga_hid=1525024100&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795922%2C31078467&oid=2&pvsid=391758873652409&tmod=1768594736&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=266
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1ab07bcaf6567674cc664619d47e740a7aa11673940e21cb49eb0be6e644b91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
49486
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8215 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstern5TONBxRBOOqczNOcCprgZsuF6ONgODv-7LmO3ODDLIaQ1LcX-_czdlsNskUvZf5ooB0Ij7d8FtIybwpGLKaCUDr9nbanUclvr5aQ6OmudYj0klBXQUtUeiJ67xwVyzsKhXbjndc8DJ46rdCjw2ia3JqgYbiOQTzroMOQeK-81-mg8hc71PDtNRZAdVhiQ3_zITFqHKkgghZhB6-9NTCLHRNonC9WVTl1yKM_5K57wJqHOyDz5zQYMEvPPkdv-xOHm6XDkQFcjHvJ2Y9xz1gwXuh3h4aXD2PMoovLVVSzK-5d4UyPtk5_98SHQPGhWBs5D6J4_XEA&sai=AMfl-YQ9e4GslTOor3axucpsuqJbXL06nxAw0hzyagMODB2-5v8Yti3mhMf-jhft3tqnVmfg1kv1SJrK4G_ptKrmhNZgo9xj2FnIGDsf42O1HJzipNwxtgU1vReQtQkuqTm80GRSgcd0mAUo-hJZKgah&sig=Cg0ArKJSzG8H5hhSz-PhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8215 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd22d958250fdc80ad2cc1c6c9fe5ba6e5bd769887a3b5a71187c3cc2f459091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12060
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8215 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:09:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D92C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMAMMpWidIC9QyK41hZRBgsf1OWKR9xa6msx4cctxeGaBRHb-quG8yk7wWLzWWFs6aRbk00rXFrlenfGtBYW2C9PJeEqSg0fT5hPXXTJWmuxwX9I1wWa2tDKS6NoR4Cb4ggGsjysUlGLLH96jhwsKXyROCBn7l4UtvxLjd4r2Iuv4b49K7d4P9gXBcxdRv9DsTZkk0bQXnx0zSB_JLv7r1A6EeBb-5z6Ozg3ldEr_-7yRowTXAhLu_NXfDcaEeUhQTWw9v64WBBs3L9LYqN4xtBmD4-Hm10jzLM-wxJOMDiy29tVaWDYrE1p8ddfJWhm2NcVjVlxQwt2Yqw3adoc8&sai=AMfl-YQ65h1VE0w9oyTizwkFVgplnJp5l0aivmS7EKyfKa_-ERhSn-OnjBLWv0Z5MmMlFb3LMF7HGJ-V9KImbT1boQlhmHHjaTeS_XGCMKJc_gSOovBV_P3sEj38ROZhDWwnSuoSmdXS57YbkIZQ8Vwe&sig=Cg0ArKJSzLOeu6OCgQ5yEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D92C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d6703eb597a1276bedd932419051b87ec9cfe91b76b28e9681e3948b5ef1ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12039
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 914C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBr2rT0c0GbfSb8xzOPIH3MjQJYhl0e5HWiAgoOpblnHtDBAYPLI3Nt670RxIiFFJaW90uyXXj3IKBJV_UK_pJoDabNcWbdFUVBH9XSNxM7Hx9TeZKEgPBlTQYvPoJuToncrAxaHUqz_-DIVrWdRe_eBiuej49C-2HbFTSzaMa5TGsRC5CYMen1lXTiIKGVyV7vNgZlpi1Gy0lBElxpJxxE9_okKAkCnOenky6OkYfqkLI7Rdrwey9d7dA69sHLcY0yj9lNKgxThgrsL4VbK6UqoAxPlGi0MJV5syigcMcQ_RS0ovAY6SWKtGPIfQViEjKiK5e1s3aWlkUDPEK8eE&sai=AMfl-YSIrh42fYMRUeW799SxhTly--hS1I1DmAxzYfXkWkHgLXQC-d16_6r-E4319KOEDS3X9ugpPWTAtIgTqfFpeUYEsP-HkHb5i1suiZ2WoPoBLRQQEran_w5ur3Drj9ofW5QePjp4JmKDCrHulFA4&sig=Cg0ArKJSzNJHn3sVxCtWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 914C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js?bust=31078466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
436022579a3314a2563eeabde4b3d42b91f0756699ace658b69a545191baeeb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12104
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D92C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:09:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACCB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5fGavMPnd1v6lNYO6LSYQkWeLM21YxJkqnLRCKqRTCBy8lZfRqf51zD33kZsJYUGMK3j6k0GNiOQq_FyFa2mmRbXxK3uYz7W3zuneRW8E8NSs1RR9X84StiHraXpP6wksLaVTyT6QOP5bteDAh3glPxwGW03ESgUncb2iEp9-pR6Vqlf7_1jMERqNFkpJUXJ7HwNDhtzZsnFzrSweZidRfmLn_IZwPt9u7c_ES9Ve138yMREUOjy-mWnYzmiDNycUIMA75ZkAMf_odbwqEqd7H2iAQm1RlSmXlGEBwYfns9bx2WG5WDRSHe_tRyI_5jTFeFPv5w2PXW0klDoQMb8r5DGqoLLvpkUPR19H&sai=AMfl-YSZL9uDHnA7JpQqszwyUnqzrudilLKGVoV78GaneZhBIR8ucp06bgv50bJH3D-4ABF9buRI-YOhVCyMeR2ci_liJs1nQ18qLNyL48kLVPrd-h6wTxEibtLyUv_GdC9Vm92_lk6ZqqFqFEfuULXD&sig=Cg0ArKJSzKFmfF5zMG6iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 05 Oct 2023 01:09:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ACCB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
967e3dcc0e04dd65db7d8a8ef4deaf6a84c773b890abacf7e2d08f7e68175bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12654
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 914C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js?bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:09:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ACCB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:09:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBFD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D318 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
GSE /
Resource Hash
dba9178f3288173408695f6a72dd989b0cb4f266743ae7bdbdd6aae625fbca85
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4-vjmPVBlrMUe0ejwJrgPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4-vjmPVBlrMUe0ejwJrgPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
expires
Thu, 05 Oct 2023 01:09:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F246 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0D94 		829 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
GSE /
Resource Hash
4387bfa240636d2c7173cd0e1e50ea469cd005bcd98f6c311a894bdc2fc49fac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n5l36hHjBeUcPLpPg8ftiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-n5l36hHjBeUcPLpPg8ftiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
expires
Thu, 05 Oct 2023 01:09:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35A0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 17E0 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
GSE /
Resource Hash
05cf122f10dbfe25d2581086af738fac5caddacda98d5a76f61e9e8a98598179
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FYqfxnUPYqML1CboaHV8lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FYqfxnUPYqML1CboaHV8lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
expires
Thu, 05 Oct 2023 01:09:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2665 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 738E 		829 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
GSE /
Resource Hash
80d539dea4a56dc4049513725abb8bffb1c5e627c9429d7bb420e616cd3c2ccf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rk0VJdlYXwZUIKhCwfnPSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Rk0VJdlYXwZUIKhCwfnPSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:54 GMT
expires
Thu, 05 Oct 2023 01:09:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame DBFD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame F246 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 35A0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js?bust=31078467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4495afc40ad9dcae2f5e1e0eafcd3127aeee313383fbca0cd286b8d68fdc5807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53325
x-xss-protection
0
server
cafe
etag
10108570119320009458
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:54 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 2665 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame B531 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 18:06:59 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 18:06:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame 6E68 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 18:06:59 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 18:06:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame 86E0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 18:06:59 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 18:06:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame DE5E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 18:06:59 GMT
etag
2603938475786422795
expires
Wed, 18 Oct 2023 18:06:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame B531 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 23:46:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:09:55 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame B531 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
40185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6551
x-xss-protection
0
server
cafe
etag
6101707970674548951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 14:00:10 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame B531 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 14:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
40185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
11420928434021954480
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 14:00:10 GMT
dr
as.ad4m.at/ad/ Frame AF19 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ced9e6410071bf872dba61354d250ed31081d57b6bfe04465293f340d8db5fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8111c82e0f8f4daf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame C020 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FAB5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Thu, 05 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame C020 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
l
www.google.com/ads/measurement/ Frame C020 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1FE0eeOWHDevTuA4xnOlM2l67Q-QmcFiY7WFGTBMYCyXXSfLeNcOCjRY2TePicrdD4VcZKQltANfLTLDQN7ECEv583w
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C020 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:55 GMT
dr
as.ad4m.at/ad/ Frame 7585 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ce2e189b45017b0d54f2fc303d4956df3401116e908a38eb4de68db40209bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8111c82e0f904daf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 7881 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1B09 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Thu, 05 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 7881 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
l
www.google.com/ads/measurement/ Frame 7881 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCb7MPV6cb7M1q-m2rAIR4X1ThdX5GX8Buhex9Ri9aVSsJPxzAZZPTOQ-jF9JqEWhX2aDeJLdZw_9vrvCF8bFBB4sSsw
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7881 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D911 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F011 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F011 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F011 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
l
www.google.com/ads/measurement/ Frame F011 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfAJq4ZkT3JRsHNCXxE9NX9IKMhFU-QkV3o0xrPTJGDEiBncmyGpac-sFmRUfd5bBwY6cHXdU1e-PpnKvPGf1VBVUKYA
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F011 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 01:09:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F011 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_roXG1VRML8p8ExH2uJM6EpdAjZBMg9-NVb2Njf3Ie7RRaPA2UFzGWT6yGmBdbM_jLZz4tnPva9MML0g7PdKWVdnyQf1Xw9pXPdrRzic197Arobs
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F011 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=993287135480613841&x=1&ct=76
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DBFD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3f3ndQ
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 914C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXduJYOsWON_ugEGrhHDbzPF0Dua89Rhr40vmcc4SVxMgFXCMt7f73RVFkxYqv0R08Vt7oZtQotstQ_dUhvkd5ebORb5jglMjSJD7UHK4eb8C0OhDevlQecIUHZseB&sig=Cg0ArKJSzAzEzXwIzAd6EAE&id=lidar2&mcvt=1069&p=330,334,530,634&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3732132814&rs=4&la=0&cr=0&vs=4&r=v&rst=1696468192732&rpt=1353&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D318 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=547691374644682&rc=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 17E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=3007972043363280&rc=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 738E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=2140185377516309&rc=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=2018822925082418&rc=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=249aee0cc6b5193d&is_secure=true&networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmRjyt2S...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928e-NOpdgNszHI6AAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928e-NOpdgNszHI6AAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4cqSu-rTVY7FEH8Rhc9bLiUSs-TQknT0U-46SLqmOyMrFB7sRI
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI928e-NOpdgNszHI6AAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmRjyt2SRTolUvg6LFmABdsAw7LF9ax-KnPa6Q8G-1QR1YQ5Hf4cqSu-rTVY7FEH8Rhc9bLiUSs-TQknT0U-46SLqmOyMrFB7sRI
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPbRt6o5z1f0NgmcF2jcBM&google_cver=1&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je8jGe1pkPwHdClH1s
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je8jGe1pkPwHdClH1s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmQK1DzSLXdFgvNGIV-edgmPqvuuyU9rrixKPYTWxNogEnv45i7qps5tNaxwm-AP1pRnLk8IF8WyIuuu-je8jGe1pkPwHdClH1s
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 04 Oct 2023 01:09:55 GMT
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO39TjaWsJksQM6IBsGXqt4&google_cver=1&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21D...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NjI3NTQxNjIzMzE0NjUxOA%3D%3D&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21DPAHv...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NjI3NTQxNjIzMzE0NjUxOA%3D%3D&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21DPAHvj_A_FXVWVcWWE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NjI3NTQxNjIzMzE0NjUxOA%3D%3D&google_push=AXcoOmRn_t5oc6pZrgWEQ-ZzwgGHGv5ABGwD4ESjt24w-693txfj1-jUS6PyAPygfyH8acK-coLBkfgkRzw21DPAHvj_A_FXVWVcWWE
Date
Thu, 05 Oct 2023 01:09:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsCAOJ2NeUKsMAehMrxOUk&google_cver=1&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfUTRVHc44h-&google_hm=eS11ZFkuRmVGRTJwR0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfUTRVHc44h-&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTzHrfK2Sw8O9naxhJLsjlZbHaCxuSKvCyPYkvPrHKMbyp5ZzOt2xaU6ET6acjprHl1KkFfR5dJ5JlNtKwmXl0YPfUTRVHc44h-&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3Wn...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGc...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3Wn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3WnEViUz48xjG3SNuBcxuRIHpbz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTKaeEfqSC8ilqajVhGdkZwoexCgMzBcleQbvLHjpM-1XpKaQ3oVxjzdy-hZZ8ggtoUUGcyF3WnEViUz48xjG3SNuBcxuRIHpbz
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FAB5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIJv6X4vnnG_IBmZBho36lQ&google_cver=1&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgd...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIJv6X4vnnG_IBmZBho36lQ&google_cver=1&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8X...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTEKljvIQrDaTAHP5Glsnxr1Oxdj572niVDZEk4wqkKl4FL_BEjtgdk4vqR04zI9A5ZK3g5nIrdvDPZIjIUhAn8Xgdvka1ToyFW
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame FAB5 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTSdv_B78BZOPROLf_abC2VHjVkuVgRzVu9QL8e09E8w3HViJgnRdElqsdhlxIbl6sAwOkukEG-jE4tTqLu3YNPCYR6itPCqifj&google_gid=CAESENMZ0yufb-uP4qH3ade3WiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
369965
expires
Thu, 05 Oct 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FAB5 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpAyqfvRc1IbR2dFnZD0aq16OtrkaLTLBrrZMigaSyywe9-hz8iDalfznSgMithl95Cao7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
sumo.com/api/load/ 		772 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
HTTP/1.1
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
046978e743926431380d6e5647366f5dbb2be67c3fe25238d9ae154a4fc636df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://brainden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 05 Oct 2023 01:09:55 GMT
Server
nginx
X-FRAME-OPTIONS
SAMEORIGIN
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://brainden.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
772
rum
dsum-sec.casalemedia.com/ Frame D911
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1&C=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Re5wVWEfKBAC5CY16ijBsJVnkxRDgPKZ80xSI3Onc98S21YXYqJlXGZZGgV3lf0RNQNjorwWHsrWYYj%2F9V1%2F9ZxAaaP4I6BW3kfroDjEs60qsxLPA3d4h0IVivm8fG3J4ZKQEzwkyspig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111c82e7d296958-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkESomjm%2BeYv4uOPib%2FtkSYqGgAFFKwAqwOrbbGFDdlnK%2BORw%2FVNl0ZO3qo%2BP%2BgM8Bkd5HE8F4ClBddPhvaCmNe1o71fzuXIpARt2vL4FhGIHAe7Bm5exZbGFypnLxpGZtLe2Gp3YswF9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1&C=1
cache-control
no-cache
cf-ray
8111c82e0ce96958-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame D911
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR4M47lDFHm88rTZ0OLaDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtylA%2BUDmZ5C2jbcfLmQp3ahJhUN7K17Fzl2yKfJlNF543xwrAt2V4t2rB6fIqy8AzMJdGA1coZMhtwgxsD%2BdJw0XuRDYAi5ybjpq5H%2FdgZE5Ww8UyjAqfyuo4q2xS%2FLHPArl5R5IH32oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8111c82f3d113657-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7Ih67DZ0Z2JbkCeZTY-sE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame D911
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBzxNCGqrTky2FhtUYARtQw&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzxNCGqrTky2FhtUYARtQw%26google_cver%3D1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzxNCGqrTky2FhtUYARtQw%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
an-x-request-uuid
b1615152-3279-4fca-8809-eadf0cdbef3b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
an-x-request-uuid
3ba9192d-e598-474f-8ee1-f8045d6935dd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBzxNCGqrTky2FhtUYARtQw%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D911
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk5ODU4MjMyMjQ5MzczNjUzMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk5ODU4MjMyMjQ5MzczNjUzMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRCGhK4BGNLv0_gBMAE&v=APEucNWsJxptjEap1fTn0Sq2UTyJJunpdPKlHCLA8MvhuWNeJ0-59Z5FvcoLQekSpO3iosH-t2beZ-idR6Ymf2geTEaD2giZ6X9G4Tg_SLhRrb_OO6FBCS2jXKaOt16RRVZurHNyxHJ95xK95EIFfOrPOQuoPySSZb7EOgFXgkRW6gVZNxSU980
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
an-x-request-uuid
5b43abf5-f3e3-4e6c-8373-5a414dd68714
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk5ODU4MjMyMjQ5MzczNjUzMw%3D%3D
x-proxy-origin
176.115.237.162; 176.115.237.162; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F246 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?d2qo8g
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dpixel
cms.quantserve.com/ Frame 1B09 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJy6K-pEsL3669qE2SvZS7g&google_cver=1&google_push=AXcoOmQdF9KAoIlpJMYIpFvzPRQEUNSycy6GfYpTXTEL-qag086xJgGU-O_nyiQ5C9O9ua1E6C6979I4OIb7w9_HA6oaxU6U-SBnDQo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B09
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpnXm3ov-DYEQXWChe6Be4CfpcsD6csA0MEWD9Uho21LfKock3K5nV0rm04
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:09:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmTaRe5hWhdxbsSIkiVJWzaOnSqgbQ6zDHHFQUweZpnXm3ov-DYEQXWChe6Be4CfpcsD6csA0MEWD9Uho21LfKock3K5nV0rm04
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B09
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENHD49Fo1-eUGfAIp9OF6Lg&google_push=AXcoOmR3yL1p6In6ThxubXeB35Gxlg7kzV7672hUA63faHUqrykOETykH3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENHD49Fo1-eUGfAIp9OF6Lg&google_push=AXcoOmR3yL1p6In6ThxubXeB35Gxlg7kzV7672hUA63faHUqrykOETykH3ZZ9qnPCvbENxoa-SakVZX0c52EBdWYWHHUTmpXENlBH6c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230111-FRA
pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1696468196.528005,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENHD49Fo1-eUGfAIp9OF6Lg&google_push=AXcoOmR3yL1p6In6ThxubXeB35Gxlg7kzV7672hUA63faHUqrykOETykH3ZZ9qnPCvbENxoa-SakVZX0c52EBdWYWHHUTmpXENlBH6c
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1B09 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH65lON89sCUL-RB3J6T7hI&google_cver=1&google_push=AXcoOmQYjmTQ-tDPZLZE5E2rkA8ngDGAU1y25dsWALG_P-qlDCGabILWTAoJbQuspS3oydkLZs7OJBShFjzPnWtjUSil_tvkKJv2dJ8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1B09
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFx_OAClx83TPa2TjmdK3HI&google_cver=1&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377ZShXGmbmmAAGTxo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377ZShXGmbmmAAGTxo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTXNj-ThvNs8-RMtcR_cSKIvJ_p-xVXprP60KtJEPLpQFwASIax2hNu4b53-wnvJ8CIyl-HUx0v9Q7xL377ZShXGmbmmAAGTxo
x-host
tde-deliveryengine-production-8b9d7bc7f-v9655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1B09
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtR...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU5MzAzMDkwMjQ3NjMzMDQ0NA&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU5MzAzMDkwMjQ3NjMzMDQ0NA&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtRacczoVxKBKIy7ugq8UxkeQ0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU5MzAzMDkwMjQ3NjMzMDQ0NA&google_push=AXcoOmSXqkuexMSG0mD3f4b4opXlSKs341ldZ-oARpbIL9RI4ugpqHBtanVRhV_quN6BYKkwXcK8rRtRacczoVxKBKIy7ugq8UxkeQ0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 1B09
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELMVoq1sOlvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjQwYTM0OWYtYTYyZi00MGNmLWEwMTItN2UxMzFkZTRlOWNi&google_push=AXcoOmQxyMJ3qDQeBQBMsA8rXS0h5Rb8QTiLmq3wRa6qv9YCZPuWh0X2G4CDXChRI2vPt...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Thu, 05 Oct 2023 01:09:55 GMT
pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1B09 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Krt8qM2bXWgmMXAkCuYGNYs3UC-kHVByGw1y14gojO-l0AUkZFArXcrWl9S6hZFguVZueAjg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame F011 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6607018233703&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F011 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6607018233703&version=m202309260101&ct=76&x=1&cor=993287135480613900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F011 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTL_npAewPGCofRohUhjKlpiWlqBn8svDLpnlndmcpoyPdH3qPWRxig6v4cJgyMX_Xnel3tYduvQxzmbCenqBA66v7nA&cry=1&dbm_d=AKAmf-Cyj4lx20yzQ0wvhyNfKiVMKM1xP2OASXwSzAhdzx2m9_GJTKdodGp1ogq0Rm0WViK0FC6RkJaFvKyJRrVSOiKtmKVGQw6pZfS9xyNqhE7U78S3_3C97S7YXCUEy7xYbyDjRT_QfKvehte-ytJO4toO68qWA8ERO5t3JZdvSXFzaRZpub6nJEWO8FpwcmWSlZ7nYX_r2i72KtCIvAtJXaPNXrckldaGeIry1Z2VAku3qLudPP6Mv2FdYiU4Bx7RdW0ZK8N2DWBXBnxqOTohReg_78cPEYYY-DeM_XBToeVOscU-FMjvecDWbzwvHhoihL9DZj3c4YeUAt7J0wf3T46kpmnlAbaiGG-NHWNfH3rQoqrVCCp2CZyuD2aIUhDhv36sWJJOEHraoLhJ0pg7dDHESe_fQrN7AgpQU97y9C_ejYSq76yssTMFvTbqeR-L0zd3-RlMTtQjZSXvBppBLo1pLCwhg-6CMzB0MJKzhF1l69ln_-2V5TRR3G3rtl5CUsCgzFLRk3Nb4C6gyxtKsmy-C4slrJGke_2WhSus4N3Y8Dmim-wXLqNKPo-TSEH1v_h5pFll2aUDmtGO-9eItOuMzBmdXER9LaVxfn-b-_0wABF058bVA6TiaTjv5yy3h-0_OhSJ3mA4Tg4XvHCR10BdOltsFNLXgq0emTqqXcC7AQrXhS4ZfV40sf7AEfiumGggeQK4DsxQ-WLz9_s0DDGxU2DsB8W0bxuqm4luLOelp30Nw-zafTfIJTGHVF4nIviyxtF0Bi14E1THuY6Oe0r75pGu6X4P1IZ-1U1okByBoMqXql5pAZ6CZ971Gr9OPXto6PVB8tahezrWe1F8oURJCltz9jhm6thAgqpWSNNmI-Mkm0-jYTtpgmtvCu6dsN90TztTb1W5kO65v1i374dlHTwpyAIPbyqVh2vBjVII_MmGpHD1vwWFrRISbiDwD1Og2O9p5H21tumNoQ8ZmH6rUQ54DJkzKWVclKV-ikkX0rE0IOdGHeN80cIY2PgCKpuKg7M5mKm_UtIFW_Nzce6SYBrJT3ARZgO1qhwuUrNDEO5guxz1gC7iseii94m9_r0gbGYM242CmDFXpNTiKrESh8dkzg4Jco25VLwrtrcwnTRI2PWa0NZZBlLdJcw5meuGFl1Wn-6q_xOtAGoQcd3hEOeEGHrBm5tZI0hUIJy23vm5GWvQGBqQfdfm_KmJiaffnfZ6S9mh1HJrqC2umQ86v2IOyrxdUBDC24d1JSgj7-Ok2xLCMrh49eHmfCG7oSoWHljMJP0EbesvLKPqNpNuoLsEozyhzora4KLmxIVM4IJZcuWyz73cQvzh3dThZKlKTMlJzSSch2xqkoSXS59d_7Y-QITV5cx3L67rERm8SOTGqY81_OjDq3YaiC3tmgoOty5E80dAHkiUCpmCkXelvXdSNosrbDWgYSrSEK0P8fA6DlKdxN-AgZvofQiCmgAWU1aE5vKHAALuhD-xKInP3xM75V7l26vNIBmeB5uHBtbmpT-nueFH089XBnvF4OGPwypNQZnnYckbqqwyepPkdDNDQ2f-RTdO--khGPB4xPYV1PbXMX_6pxGk18dJJ_7SsWTrTpc5Xbf0n2WyNOgqe3JqpfCGkbfwmzYiwYbd8d6BtRrYEKBqmNU4ND-YVdF_f9nBqVXVzUAINMi1S7zf6swlL4DUGV7jShqV2PpK6Q7paJ2oZe0sKH2t-xrs0QEiUd2aU0IHUboRrg5m-dMuEBmpXCbwKbd07WDgiQWgI0ZMbnwIK2IDSMXEcz-CEN8zSzEUx4Xa9OUBgYF2MMcTP8VZrKXhhNuBX-jbmTfLum8E1WGfZnN88JElLBMo1ebgFG6SpHDceAlWnX8nRlkJIaj5H6FQxnJtxaCv_Wur4HCCEgR6uDg22iphubYyinK_7LI4e9-l6oKTK-4vtH6ibK8zeOMkzsCB-a33ttzd524YzhJX5yMd6d5o7GvNzGp4k8tGWVYvo_Pn4Xcke0kE4IivKUNuTRMCeJL16gLFA8r-IGPwWNj4iln5Qk5y_MYtUtyp-_DgBFpglRT-Vjbi6yvhHEfwwhiV-1kSrNG24AkGY9uVMQ8vYnw--jaqHfuFFe9PDE0lap_lFZkdWQ6v7u_s5kqCJNXUWozuiBYKzd5tEFP5XOAOfQkjj7Hcgc21hq9nUdgHRGUxL4N0mzbspthk53tzH7DgfbiQdXEHxV_oZnDbycIP6nxWn_ps6pyXmIpU4R6bDZz-nfJXGfcbLmRgu_VcoTqQVX9z6fmaotRkkuHrTkHEOoNgZcNOXGeOoOBgDCp-qTjFjxeyWoJk-XL4HJnBXQZlwCm0xrzzOPCoWNlMkxiAGWlwKUjKwxhoq6Eu5P9oj9FOInVVNwNzzOhYvpptUK2-m9o-dx-I5MvIikhyZcD7XRKr4Q9oemsliT7Q-FsSe-CLwTthXWmoLh9RZGPlSChHz99SootptMqgOH-yYVRZEZcuZgtejg8lQxEqCREjX1o884Q1wvWSERZ-Uc3jxifQ6reur9afNGhsR-hPzQxSvDLvMHQRmxOyTBJs-JUHxbj89jZUIdVYpYoDSzQsJLlNyyKERKj-SQXkKoOcfn4nS1Pu-O8eydrzwiz-kkF3PL5WMh1NtRQMtvQoqUB2LC4PI62uUNdrQ9oD2RqvYP5zMwXMG1PpKdwVYJnSWTKcZ0ujz1zeXJswujHGfnio8Z_GPITcznRZb_7zP4P-uzYAf1eNl-jQ33EsUbw_GPE25zlbDueSGyjQaN_gVK9oNy8jN7QlyUifrpSUVjhHDATxSK_w5XepHzd8qO1LWf14IcA4_ed7uhHzLOJ-UDBF7D9iOi3fahVmZf4DM6YIQSbnN-cMjTJFRfY7_jRcGFXPnRibI95sEiiefYFoBcKBPZi3auEQAyB7RnESvjrHZK1MvHckBDNllHB-NKMxu63DYnLXxLdv9TFHC6HyStw1VQGBRRFvdhIzSP4ZdFWRZ3HUG_uCi_uWWyE0jtKtMBKg8pbwCwHL0_sYBVoVNHXHPT3ntTWlUDxbvUFP3oNEhFgUBa-3BDV8Ac_HUil-S1-pM82jUbTAAJjKDS5RXhWQKtawAszdaY057JyEO-3yda735xGGu93_hyGMi6nDbPtYq_qtO7SoCB5odhSFfZeP6IMYCXqFTnzEU1Jne28rGgSHwYEKyXDP7ERD0TS9o42ualh4b8ziE1LLChE1W5tQQANMA54r2tHCiruMEb5MIExhj_NK-uxEL72AjSc_1rQXjZq05Ksc1y92xOUkVbhliRnpsqKyUC4vm3bLlVoZ5-j9M4ry5aPvBx6fIbcqr6Ktc16kYnOZt4-0TBFG9AE3hAIpJcZ1k_H13-0TGjEfi-x5n-9cA5mrbyZBDPzh&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fbrainden.com%2F&ds=l&xdt=1&iif=1&cor=993287135480613900&adk=2515327512&idt=116&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7782afe7cdc15c07b48ad7b23e3eecf6bbc22c75b2243d09631d7b411cd29ded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38494
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 35A0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JLG-CQ
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2665 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9sG8Xg
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F011 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame F011 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTL_npAewPGCofRohUhjKlpiWlqBn8svDLpnlndmcpoyPdH3qPWRxig6v4cJgyMX_Xnel3tYduvQxzmbCenqBA66v7nA&cry=1&dbm_d=AKAmf-Cyj4lx20yzQ0wvhyNfKiVMKM1xP2OASXwSzAhdzx2m9_GJTKdodGp1ogq0Rm0WViK0FC6RkJaFvKyJRrVSOiKtmKVGQw6pZfS9xyNqhE7U78S3_3C97S7YXCUEy7xYbyDjRT_QfKvehte-ytJO4toO68qWA8ERO5t3JZdvSXFzaRZpub6nJEWO8FpwcmWSlZ7nYX_r2i72KtCIvAtJXaPNXrckldaGeIry1Z2VAku3qLudPP6Mv2FdYiU4Bx7RdW0ZK8N2DWBXBnxqOTohReg_78cPEYYY-DeM_XBToeVOscU-FMjvecDWbzwvHhoihL9DZj3c4YeUAt7J0wf3T46kpmnlAbaiGG-NHWNfH3rQoqrVCCp2CZyuD2aIUhDhv36sWJJOEHraoLhJ0pg7dDHESe_fQrN7AgpQU97y9C_ejYSq76yssTMFvTbqeR-L0zd3-RlMTtQjZSXvBppBLo1pLCwhg-6CMzB0MJKzhF1l69ln_-2V5TRR3G3rtl5CUsCgzFLRk3Nb4C6gyxtKsmy-C4slrJGke_2WhSus4N3Y8Dmim-wXLqNKPo-TSEH1v_h5pFll2aUDmtGO-9eItOuMzBmdXER9LaVxfn-b-_0wABF058bVA6TiaTjv5yy3h-0_OhSJ3mA4Tg4XvHCR10BdOltsFNLXgq0emTqqXcC7AQrXhS4ZfV40sf7AEfiumGggeQK4DsxQ-WLz9_s0DDGxU2DsB8W0bxuqm4luLOelp30Nw-zafTfIJTGHVF4nIviyxtF0Bi14E1THuY6Oe0r75pGu6X4P1IZ-1U1okByBoMqXql5pAZ6CZ971Gr9OPXto6PVB8tahezrWe1F8oURJCltz9jhm6thAgqpWSNNmI-Mkm0-jYTtpgmtvCu6dsN90TztTb1W5kO65v1i374dlHTwpyAIPbyqVh2vBjVII_MmGpHD1vwWFrRISbiDwD1Og2O9p5H21tumNoQ8ZmH6rUQ54DJkzKWVclKV-ikkX0rE0IOdGHeN80cIY2PgCKpuKg7M5mKm_UtIFW_Nzce6SYBrJT3ARZgO1qhwuUrNDEO5guxz1gC7iseii94m9_r0gbGYM242CmDFXpNTiKrESh8dkzg4Jco25VLwrtrcwnTRI2PWa0NZZBlLdJcw5meuGFl1Wn-6q_xOtAGoQcd3hEOeEGHrBm5tZI0hUIJy23vm5GWvQGBqQfdfm_KmJiaffnfZ6S9mh1HJrqC2umQ86v2IOyrxdUBDC24d1JSgj7-Ok2xLCMrh49eHmfCG7oSoWHljMJP0EbesvLKPqNpNuoLsEozyhzora4KLmxIVM4IJZcuWyz73cQvzh3dThZKlKTMlJzSSch2xqkoSXS59d_7Y-QITV5cx3L67rERm8SOTGqY81_OjDq3YaiC3tmgoOty5E80dAHkiUCpmCkXelvXdSNosrbDWgYSrSEK0P8fA6DlKdxN-AgZvofQiCmgAWU1aE5vKHAALuhD-xKInP3xM75V7l26vNIBmeB5uHBtbmpT-nueFH089XBnvF4OGPwypNQZnnYckbqqwyepPkdDNDQ2f-RTdO--khGPB4xPYV1PbXMX_6pxGk18dJJ_7SsWTrTpc5Xbf0n2WyNOgqe3JqpfCGkbfwmzYiwYbd8d6BtRrYEKBqmNU4ND-YVdF_f9nBqVXVzUAINMi1S7zf6swlL4DUGV7jShqV2PpK6Q7paJ2oZe0sKH2t-xrs0QEiUd2aU0IHUboRrg5m-dMuEBmpXCbwKbd07WDgiQWgI0ZMbnwIK2IDSMXEcz-CEN8zSzEUx4Xa9OUBgYF2MMcTP8VZrKXhhNuBX-jbmTfLum8E1WGfZnN88JElLBMo1ebgFG6SpHDceAlWnX8nRlkJIaj5H6FQxnJtxaCv_Wur4HCCEgR6uDg22iphubYyinK_7LI4e9-l6oKTK-4vtH6ibK8zeOMkzsCB-a33ttzd524YzhJX5yMd6d5o7GvNzGp4k8tGWVYvo_Pn4Xcke0kE4IivKUNuTRMCeJL16gLFA8r-IGPwWNj4iln5Qk5y_MYtUtyp-_DgBFpglRT-Vjbi6yvhHEfwwhiV-1kSrNG24AkGY9uVMQ8vYnw--jaqHfuFFe9PDE0lap_lFZkdWQ6v7u_s5kqCJNXUWozuiBYKzd5tEFP5XOAOfQkjj7Hcgc21hq9nUdgHRGUxL4N0mzbspthk53tzH7DgfbiQdXEHxV_oZnDbycIP6nxWn_ps6pyXmIpU4R6bDZz-nfJXGfcbLmRgu_VcoTqQVX9z6fmaotRkkuHrTkHEOoNgZcNOXGeOoOBgDCp-qTjFjxeyWoJk-XL4HJnBXQZlwCm0xrzzOPCoWNlMkxiAGWlwKUjKwxhoq6Eu5P9oj9FOInVVNwNzzOhYvpptUK2-m9o-dx-I5MvIikhyZcD7XRKr4Q9oemsliT7Q-FsSe-CLwTthXWmoLh9RZGPlSChHz99SootptMqgOH-yYVRZEZcuZgtejg8lQxEqCREjX1o884Q1wvWSERZ-Uc3jxifQ6reur9afNGhsR-hPzQxSvDLvMHQRmxOyTBJs-JUHxbj89jZUIdVYpYoDSzQsJLlNyyKERKj-SQXkKoOcfn4nS1Pu-O8eydrzwiz-kkF3PL5WMh1NtRQMtvQoqUB2LC4PI62uUNdrQ9oD2RqvYP5zMwXMG1PpKdwVYJnSWTKcZ0ujz1zeXJswujHGfnio8Z_GPITcznRZb_7zP4P-uzYAf1eNl-jQ33EsUbw_GPE25zlbDueSGyjQaN_gVK9oNy8jN7QlyUifrpSUVjhHDATxSK_w5XepHzd8qO1LWf14IcA4_ed7uhHzLOJ-UDBF7D9iOi3fahVmZf4DM6YIQSbnN-cMjTJFRfY7_jRcGFXPnRibI95sEiiefYFoBcKBPZi3auEQAyB7RnESvjrHZK1MvHckBDNllHB-NKMxu63DYnLXxLdv9TFHC6HyStw1VQGBRRFvdhIzSP4ZdFWRZ3HUG_uCi_uWWyE0jtKtMBKg8pbwCwHL0_sYBVoVNHXHPT3ntTWlUDxbvUFP3oNEhFgUBa-3BDV8Ac_HUil-S1-pM82jUbTAAJjKDS5RXhWQKtawAszdaY057JyEO-3yda735xGGu93_hyGMi6nDbPtYq_qtO7SoCB5odhSFfZeP6IMYCXqFTnzEU1Jne28rGgSHwYEKyXDP7ERD0TS9o42ualh4b8ziE1LLChE1W5tQQANMA54r2tHCiruMEb5MIExhj_NK-uxEL72AjSc_1rQXjZq05Ksc1y92xOUkVbhliRnpsqKyUC4vm3bLlVoZ5-j9M4ry5aPvBx6fIbcqr6Ktc16kYnOZt4-0TBFG9AE3hAIpJcZ1k_H13-0TGjEfi-x5n-9cA5mrbyZBDPzh&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fbrainden.com%2F&ds=l&xdt=1&iif=1&cor=993287135480613900&adk=2515327512&idt=116&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:45:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
41094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:45:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame F011 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTL_npAewPGCofRohUhjKlpiWlqBn8svDLpnlndmcpoyPdH3qPWRxig6v4cJgyMX_Xnel3tYduvQxzmbCenqBA66v7nA&cry=1&dbm_d=AKAmf-Cyj4lx20yzQ0wvhyNfKiVMKM1xP2OASXwSzAhdzx2m9_GJTKdodGp1ogq0Rm0WViK0FC6RkJaFvKyJRrVSOiKtmKVGQw6pZfS9xyNqhE7U78S3_3C97S7YXCUEy7xYbyDjRT_QfKvehte-ytJO4toO68qWA8ERO5t3JZdvSXFzaRZpub6nJEWO8FpwcmWSlZ7nYX_r2i72KtCIvAtJXaPNXrckldaGeIry1Z2VAku3qLudPP6Mv2FdYiU4Bx7RdW0ZK8N2DWBXBnxqOTohReg_78cPEYYY-DeM_XBToeVOscU-FMjvecDWbzwvHhoihL9DZj3c4YeUAt7J0wf3T46kpmnlAbaiGG-NHWNfH3rQoqrVCCp2CZyuD2aIUhDhv36sWJJOEHraoLhJ0pg7dDHESe_fQrN7AgpQU97y9C_ejYSq76yssTMFvTbqeR-L0zd3-RlMTtQjZSXvBppBLo1pLCwhg-6CMzB0MJKzhF1l69ln_-2V5TRR3G3rtl5CUsCgzFLRk3Nb4C6gyxtKsmy-C4slrJGke_2WhSus4N3Y8Dmim-wXLqNKPo-TSEH1v_h5pFll2aUDmtGO-9eItOuMzBmdXER9LaVxfn-b-_0wABF058bVA6TiaTjv5yy3h-0_OhSJ3mA4Tg4XvHCR10BdOltsFNLXgq0emTqqXcC7AQrXhS4ZfV40sf7AEfiumGggeQK4DsxQ-WLz9_s0DDGxU2DsB8W0bxuqm4luLOelp30Nw-zafTfIJTGHVF4nIviyxtF0Bi14E1THuY6Oe0r75pGu6X4P1IZ-1U1okByBoMqXql5pAZ6CZ971Gr9OPXto6PVB8tahezrWe1F8oURJCltz9jhm6thAgqpWSNNmI-Mkm0-jYTtpgmtvCu6dsN90TztTb1W5kO65v1i374dlHTwpyAIPbyqVh2vBjVII_MmGpHD1vwWFrRISbiDwD1Og2O9p5H21tumNoQ8ZmH6rUQ54DJkzKWVclKV-ikkX0rE0IOdGHeN80cIY2PgCKpuKg7M5mKm_UtIFW_Nzce6SYBrJT3ARZgO1qhwuUrNDEO5guxz1gC7iseii94m9_r0gbGYM242CmDFXpNTiKrESh8dkzg4Jco25VLwrtrcwnTRI2PWa0NZZBlLdJcw5meuGFl1Wn-6q_xOtAGoQcd3hEOeEGHrBm5tZI0hUIJy23vm5GWvQGBqQfdfm_KmJiaffnfZ6S9mh1HJrqC2umQ86v2IOyrxdUBDC24d1JSgj7-Ok2xLCMrh49eHmfCG7oSoWHljMJP0EbesvLKPqNpNuoLsEozyhzora4KLmxIVM4IJZcuWyz73cQvzh3dThZKlKTMlJzSSch2xqkoSXS59d_7Y-QITV5cx3L67rERm8SOTGqY81_OjDq3YaiC3tmgoOty5E80dAHkiUCpmCkXelvXdSNosrbDWgYSrSEK0P8fA6DlKdxN-AgZvofQiCmgAWU1aE5vKHAALuhD-xKInP3xM75V7l26vNIBmeB5uHBtbmpT-nueFH089XBnvF4OGPwypNQZnnYckbqqwyepPkdDNDQ2f-RTdO--khGPB4xPYV1PbXMX_6pxGk18dJJ_7SsWTrTpc5Xbf0n2WyNOgqe3JqpfCGkbfwmzYiwYbd8d6BtRrYEKBqmNU4ND-YVdF_f9nBqVXVzUAINMi1S7zf6swlL4DUGV7jShqV2PpK6Q7paJ2oZe0sKH2t-xrs0QEiUd2aU0IHUboRrg5m-dMuEBmpXCbwKbd07WDgiQWgI0ZMbnwIK2IDSMXEcz-CEN8zSzEUx4Xa9OUBgYF2MMcTP8VZrKXhhNuBX-jbmTfLum8E1WGfZnN88JElLBMo1ebgFG6SpHDceAlWnX8nRlkJIaj5H6FQxnJtxaCv_Wur4HCCEgR6uDg22iphubYyinK_7LI4e9-l6oKTK-4vtH6ibK8zeOMkzsCB-a33ttzd524YzhJX5yMd6d5o7GvNzGp4k8tGWVYvo_Pn4Xcke0kE4IivKUNuTRMCeJL16gLFA8r-IGPwWNj4iln5Qk5y_MYtUtyp-_DgBFpglRT-Vjbi6yvhHEfwwhiV-1kSrNG24AkGY9uVMQ8vYnw--jaqHfuFFe9PDE0lap_lFZkdWQ6v7u_s5kqCJNXUWozuiBYKzd5tEFP5XOAOfQkjj7Hcgc21hq9nUdgHRGUxL4N0mzbspthk53tzH7DgfbiQdXEHxV_oZnDbycIP6nxWn_ps6pyXmIpU4R6bDZz-nfJXGfcbLmRgu_VcoTqQVX9z6fmaotRkkuHrTkHEOoNgZcNOXGeOoOBgDCp-qTjFjxeyWoJk-XL4HJnBXQZlwCm0xrzzOPCoWNlMkxiAGWlwKUjKwxhoq6Eu5P9oj9FOInVVNwNzzOhYvpptUK2-m9o-dx-I5MvIikhyZcD7XRKr4Q9oemsliT7Q-FsSe-CLwTthXWmoLh9RZGPlSChHz99SootptMqgOH-yYVRZEZcuZgtejg8lQxEqCREjX1o884Q1wvWSERZ-Uc3jxifQ6reur9afNGhsR-hPzQxSvDLvMHQRmxOyTBJs-JUHxbj89jZUIdVYpYoDSzQsJLlNyyKERKj-SQXkKoOcfn4nS1Pu-O8eydrzwiz-kkF3PL5WMh1NtRQMtvQoqUB2LC4PI62uUNdrQ9oD2RqvYP5zMwXMG1PpKdwVYJnSWTKcZ0ujz1zeXJswujHGfnio8Z_GPITcznRZb_7zP4P-uzYAf1eNl-jQ33EsUbw_GPE25zlbDueSGyjQaN_gVK9oNy8jN7QlyUifrpSUVjhHDATxSK_w5XepHzd8qO1LWf14IcA4_ed7uhHzLOJ-UDBF7D9iOi3fahVmZf4DM6YIQSbnN-cMjTJFRfY7_jRcGFXPnRibI95sEiiefYFoBcKBPZi3auEQAyB7RnESvjrHZK1MvHckBDNllHB-NKMxu63DYnLXxLdv9TFHC6HyStw1VQGBRRFvdhIzSP4ZdFWRZ3HUG_uCi_uWWyE0jtKtMBKg8pbwCwHL0_sYBVoVNHXHPT3ntTWlUDxbvUFP3oNEhFgUBa-3BDV8Ac_HUil-S1-pM82jUbTAAJjKDS5RXhWQKtawAszdaY057JyEO-3yda735xGGu93_hyGMi6nDbPtYq_qtO7SoCB5odhSFfZeP6IMYCXqFTnzEU1Jne28rGgSHwYEKyXDP7ERD0TS9o42ualh4b8ziE1LLChE1W5tQQANMA54r2tHCiruMEb5MIExhj_NK-uxEL72AjSc_1rQXjZq05Ksc1y92xOUkVbhliRnpsqKyUC4vm3bLlVoZ5-j9M4ry5aPvBx6fIbcqr6Ktc16kYnOZt4-0TBFG9AE3hAIpJcZ1k_H13-0TGjEfi-x5n-9cA5mrbyZBDPzh&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fbrainden.com%2F&ds=l&xdt=1&iif=1&cor=993287135480613900&adk=2515327512&idt=116&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41081
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:45:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F011 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
564207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0005 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Thu, 05 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F011 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
256c79888a6676c4424dfa8ead805aa62007a91f0a98c9dbb1d250a75ddbc780

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame AF19 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
692097
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSZHDRZ79NvAM28CfI5X9jXUv4HKYZUVWn1Jgfhet07BJPyS1m05WiZnVVp0i9rX1%2F9OhpH%2BH27ZCXC9sWiXkCSK5Y3csU9M4WuEv1Iu5MOCVb3U%2F1YVALOv4h4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8111c82e8fed4daf-FRA
expires
Thu, 05 Oct 2023 02:09:55 GMT
r62eglto.js
ad4m.at/ Frame AF19 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117560
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK6JwtMUxzPlD4d1vF66bh%2FJ4Bl%2B4BQWPNClJra9LTQDvT5uip%2Bmo4Are4AKDUakNIkLv5EP8B%2FaPyVG7hGp9U%2FPEq07rnFgQYYNEO3URtJfSBSL364Ppi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8111c82e8fee4daf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 03 Oct 2023 16:30:24 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 7585 		115 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
692097
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaKMYqKKQ5PK6q8P%2By6unF1Mtp1ryKbNAPg0NG3FN31HURvuuPYdPRJdwjH2kl3CrOMPeCr1dfjmRLy7wfA8LIdCyGQF7jRgkk7lhM%2Fm8q%2FBagH0UrhKClN2R7E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8111c82e8ff24daf-FRA
expires
Thu, 05 Oct 2023 02:09:55 GMT
r62eglto.js
ad4m.at/ Frame 7585 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117560
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs8Md0zJeYTYGKlAR%2B0I%2BcOoXZltFIy1mMbiaiDUDYgqiMZmJy5r2zf5%2FnEETKvn8LC2ijTletYEJzJsm0PUqefVUrIJbDWnY2IIPP9BfecXPlFRKkrb9oM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8111c82e8ff44daf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 03 Oct 2023 16:30:24 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0005
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1&google_push=AXcoOmT2Oq5coeSEQsF_OSAzOF0_6uZqbGlGaPifUQxuLpRmr7UZIc01wk95b4uR0hc2Z_pK2xPNR0JCPyQwwOTGYamjzrMWRCtyNFA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM4NTc1MTIzMTcxMjA0NDA5MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0005
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRR...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=12943908195c191c&is_secure=true&networkId=14000&version=1&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_cver=1&google_push=AXcoOmT8iZHE...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI67XJ1xvtpANWTlNWAAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI67XJ1xvtpANWTlNWAAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRRG7P9Qfr1EP39Nf3EmZS0RU3fOP6XvuJ3uugFyt11aua_j7JY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI67XJ1xvtpANWTlNWAAAAAAA&expiration=1696554595&google_cver=1&is_secure=true&google_gid=CAESEO7gu90S_vHdmyb3_OQjsK4&google_push=AXcoOmT8iZHEhhou836EvyCqskF2NQmpLrO25775mD2ULzJfU0_cMRRG7P9Qfr1EP39Nf3EmZS0RU3fOP6XvuJ3uugFyt11aua_j7JY
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 0005
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JC...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8111c832df3e92c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
9
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQPjISYNk_X3xpeowcp1RGdntrb6uMiVDmB8I7yX3hzj1NQVhdbXwoh5gpq1nSTbDe5acrHbJFb2NdnW7LhlICasrtI183JCA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8111c8319ec992c5-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0005
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIMxeX00psyETXTmbDrwT6U&google_cver=1&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZI...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZIO_qd5NE5cA95BY39iflI&google_hm=7JtdF9OST4qr908b-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZIO_qd5NE5cA95BY39iflI&google_hm=7JtdF9OST4qr908b-hi5TqI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT2W_lkQ6ovi_HvmlwLyLcLhBMONoOfSzSQcyZ2s-YQXYrl6TQB-19YqdbLsW2DVSqgJzo_hz2TvZIO_qd5NE5cA95BY39iflI&google_hm=7JtdF9OST4qr908b-hi5TqI
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0005
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFx_OAClx83TPa2TjmdK3HI&google_cver=1&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW4M6fSp4HqDkfzw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW4M6fSp4HqDkfzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CW7F_wUKQRo7Jhsybom0ZA&google_push=AXcoOmTIf0D4rSxbHCWbS17vAQPUbPB9nNKqNCxstsTTB6a1ZGzGxQHLF30GePtoPu0qwD-sVQHtk7X0870BtZFW4M6fSp4HqDkfzw
x-host
tde-deliveryengine-production-8b9d7bc7f-zrjqw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0005
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH_-QbDZKLF0fDr4LwCYiUc&google_cver=1&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfW...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfWevHqiZFxVgHMCE1vtlYUGQk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTM4MjA2MjE1NTY3NTE4ODEy&google_push=AXcoOmTweAO-y3mbFRvx3aejY02PNibVKdnjQQRhtTv8NsSOPXsocdbetvFksXImfWvOSze0KfVxMmfWevHqiZFxVgHMCE1vtlYUGQk
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0005
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPTy1qXU5Rt92psXV1HUS4I&google_cver=1&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM0hWnfFhv16BiHy_3gvU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM0hWnfFhv16BiHy_3gvU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ4Gnn3XcDm-RsXKQAVZWa7y0cjudMCjYFLGlPuEpI0_Xy2USYe-geg7tArPH11tAAs-8Y8rofvJtZM0hWnfFhv16BiHy_3gvU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 0005 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1TZNxFnXf8kgjYpuFrgK2_EFlP4v2Z2CVAlwzEw5NnZ5QqBChPZEOqc9IDI6llrJSyroU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B676 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
564207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 12:26:28 GMT
expires
Fri, 27 Sep 2024 12:26:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame D2EA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
css
fonts.googleapis.com/ Frame D2EA 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 23:43:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:09:55 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/ Frame D2EA 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 21:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 21:10:56 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/ Frame D2EA 		371 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
2bd04f73111427a6fa4240c968eff556e1e679f3ac0d53275534f9c333df6d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 21:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131960
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 19:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 21:10:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame D2EA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 13:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
41204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 18 Oct 2023 13:43:11 GMT
l
www.google.com/ads/measurement/ Frame D2EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzRtVQIDo-BVfS1F3Z51JYBuokcnO5KYPECui8ycl7y_DOeHV1gkQJN6V8AzJx-5uPL0yAAd3q-z3TymDOxZkQw58wZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame F528 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2152376
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8111c82f2ceb4d7c-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
Sat, 09 Sep 2023 00:14:58 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfmXM2k0a8FsC3LSUawAfE7%2BYRBk9HVlCIaK%2BG3sIKrs%2BJ%2FeC%2FMZh9Q05Sgh1iE6ivb%2BwqfJ4YQBXFq4U%2FlPbLzpZslsX6xHboAwVRMGzKTrH4%2FCqjf3ACXMfsOyCqRdPlQ3z3E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame C020 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f02ff44afc4cc9de4ca156c7a3d8a727c549e0a5865e2c6fa15329cdced24dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame AF19 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1596
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVLy%2FM9Tb4RszL0nfVBva1RrcRjTTwqM7JwcxvVGENC%2B9nrTJKJaBGQECnVjzg38GOQxgsSVY4P8B1D6jH60uvPywUGN1BQLbeAP1V5bVKMh4GsM5yJ%2F9H7KksLDStYnNpbqMmPN"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8111c8315aef30e2-FRA
expires
Thu, 05 Oct 2023 01:10:24 GMT
truncated
/ Frame 7881 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fe93e9bbbeb10cb06b197c50c2518d9fdad988b2dd9145584cc363bf7fd566d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7585 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1596
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e873yJOZ3N1p%2F3X14Q0m7L7OzciJLsajyXxNSrGOk1KiJCsS0QXw2GSVP54hzR4ZzXESGPZhglHt9ZIXP2sluLB%2FdPPFKlm%2BPvv0xH0ge2YfFuqj3HnYJUv67VMZTglPx%2BJLSZr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8111c8315af130e2-FRA
expires
Thu, 05 Oct 2023 01:10:24 GMT
frame.html
ad4m.at/ Frame 9F03 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2152376
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8111c82f3cf54d7c-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
Sat, 09 Sep 2023 00:14:58 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYSU5Yk%2FWrbRVRKlVo3f%2BB1DpEETc5IkDBYI1HB1NdJZ2IOkrr2VZWkQ%2B0Pgy%2BIztNzZZ50EkB40%2FYgDHSPTysnyFT25ZzieSPkY55sWWkRcsq43vWJ44wYnO4CB4R%2FsYpkXA%2FM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame C020 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cvz8r4QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTHAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNOx05QHQlaW2mmTE3e_altWxDEkL2eP7Vp_XJH_3jNFP22OD7-ziABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjQ1NTAxNTEyNjc2NDYyNRgA&sigh=e1z3RCAAY3Q&uach_m=[UACH]&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&cbvp=2&vis=1
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame C020 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hgb2pta0a88c6p0yzjxgyb21c42y0a34680ppwzn6vzy9xg04ya30e9mr09jeqpge2jsdzwanycm91pmd27az134qz6cynfd317610qd2f9hfn4jwzw1ghc83d2vawyfr451nx0cw9w13wryzmd2mxq9xz1r75wzghcgssgcjj0tqcnas00tm4b13vh4tw6zkk4e4rxg5q2d2bjwtth8kqxjtek7geh08crhca1cxc7m2xm65e0g1a6h59wf7sc5zzse0y9sd66hmh9g3y3aeerq5f02yxzk3p8v2qzea70k87x6212p6hh824r1x7qq462tw1njpcg9fd8ry7hbyj4yemvhm3k4zt2ck339gqx1g80c94ktd99t4qj86mbq89ce0cvcxrj3y0e&b=ZR4M4QAMaSsKwkwoAA9RUMt4wzeIfZ56RUSFCg&cbvp=2
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.89.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 01:09:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
adview
googleads.g.doubleclick.net/pagead/ Frame 7881 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CURXY4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTHAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjweOqIlI8EdvddyRrvwgRJc5m8lm-0wulahIffeMY0XP3MLcQ6QRKABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjQ1NTAxNTEyNjc2NDYyNRgA&sigh=XFSy_1MKqJs&uach_m=[UACH]&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&cbvp=2&vis=1
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Oct 2023 01:09:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7881 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j8e9g3zsb14z4s09ndhs9v1avthbx2cz1cwcfsbehb0y2nwzgvc72a3fvgpa0mvmtqv07pag4z5j4rw1r1z6ffq0wwfvddj6xg41a01nhx7x2rcc0r8rzj9qxhtwxzcx8c767crzf34dz9jsjwvg50w9t02n5hvsm16p7rktjm0kyvteddsrtxhaxhfm4yt5zeftp7dmzzkhwnnxyyhpz82jherfv5z7dy73sc9ts8rfhydep40vbsrjx7e7ayw0vdfbdw4gdhd8f7qpe2eczyz8qzfgav7g8g52c4vtd6zh83sk2nkhpbn6m8nzq1ecpmep62yq9chm8sa52dc59ynqv5gx76x8g4rsp491bfjnrm6ew9x58qfxk3p3jepgw4pzrbs71sxemb7&b=ZR4M4QAMaSwKwkwoAA9RUE74SIDgm-zpizVy9w&cbvp=2
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.89.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Oct 2023 01:09:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
pagead2.googlesyndication.com/bg/ Frame B676 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
160984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14692
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:51 GMT
services
sumo.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
HTTP/1.1
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ff3aea0a59703c58fe9b588f81cb84af1d41459947eabd20db440513164e9f5a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

X-Sumo-Auth
QBQnabj2Mv2WNuvdi9OxpHo8
Accept
application/json, text/javascript, */*; q=0.01
Referer
http://brainden.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 05 Oct 2023 01:09:56 GMT
Content-Encoding
gzip
Server
nginx
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://brainden.com
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
X-FRAME-OPTIONS
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
services
sumo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://sumo.com/services
Protocol
HTTP/1.1
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
POST
Origin
http://brainden.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,POST,DELETE
Access-Control-Allow-Origin
http://brainden.com
Access-Control-Max-Age
2592000
Connection
keep-alive
Date
Thu, 05 Oct 2023 01:09:55 GMT
Server
nginx
rs
ad4m.at/ Frame AF19 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d70ae3f17f9ae5a3ad2d73751822a47d7e1a4e6296a5431925489b9df99aab

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6f0z34qS7kvAWweGmGTQHYeIjbfEJNvmEPUQcg0WIHUuXkHdlwrW%2Fm51qj2IQQGmcVlLoQx4fkBmAeP7egy9mAXqAwqSMksYu4dMiriEJakRuD1uLYrHNMCzjnnrylgvQcnitE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8111c8304e049158-FRA
x-backend-server
aa-reachservice-group-europe-west1-gbst
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 7585 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71926221f69da9f1c1b1f36cd184bfb5bedd507cd5e81c98e88af88e95b1d8f1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Oct 2023 01:09:55 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpyXelrc%2FL5OIEBNOCZ%2FNO6f9sY9v3Whlbq9rL1IwFxtGWTOcwCVUdSEGuRo%2BZgP%2FlyfCODImSm7qJgzCjen5BYG6dhlAL6sHIz6YimqsEqycTAHt3KykqBAwKSHfVt2ZTxPEwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8111c8304dff9158-FRA
x-backend-server
aa-reachservice-group-europe-west1-jnb0
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8111c8301dee9158-FRA
content-length
24
content-type
text/plain
date
Thu, 05 Oct 2023 01:09:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwkyHP3EKEaCo20Qo1P3QPZCmODRoY9NuxfNB6igi1N81tJnsRLeyZC5jAtmzyJFYkYO%2FSZSSMfzC6by8FLWwoGl%2Fcpa62k%2BKYglA2aYm8sjCpnoow9iKrs3K50zYM7E9IJytEg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gbst
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8111c8301ded9158-FRA
content-length
24
content-type
text/plain
date
Thu, 05 Oct 2023 01:09:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4M3zv7qIaT8x26ERI%2F%2B6kP0lkRkLuBjPQOPU3oa%2FWlr48veNTNp3xCWSsi8GQLyBhjvfHyHW1AecQylczz9YBDqbL00CCP4R91IFzc2zjNzfjkzdyia8IUm9F%2BRV8X7Nf7Gsrw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-jnb0
rar
as.ad4m.at/ad/ Frame D417 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e6f374b290dc44eb173d5088ba377b32a1979c7c336abe5aba705d5ef5049a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kan4w41d4dswdyy7j375xdse59yg505k17wqxr21gt9tg86jy03z50qy1kgtw6h10vrc6r1wnzd3vj6kscqww3raqkyhyzahhj7nw6ebmrsj2n5n0854ckmvsaxrh1q5fy9kfzbem34ne1z551fkn3erttjzd72n8h4p3y2mj2sczn2cqzkeq4mg02b1txxy108x4typxnrmvth3aswx385gd3rn0sr5j6zpbtvyacvx68mmrwn05rrm7fvhmfw2tb7m84zepw4g4r7eg0q878kkc5p1crzh03rzmay0vrc97dgg9cc6zkcrr9yk9e8rcz7yq8frekyed4q1vcc3r2eqatt1zcj4phwkfq91bpmv0penm82j4p0hvtqn9ybtz0v4m8cfw6vc5850dcdga00gtr5sav8z0wmrdbcmgvc1abbwx5cm4qv5vq43s5te5dgpr9y2ak0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%26client%3Dca-pub-6455015126764625%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8111c8309dbf4d7c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame A908 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718ca327bad6a6647936f8c048408e139ba6ca2643abefb5ed6a7b7045db1d79
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1has7567ehvzqtpzs5ahx0ebgxz62xc9ae0g8ewq4fkr6vda4nxkyfgf0xgjdefz3p9n2ej9dndsk42f08hyp26q1sc515mrq8k4yb78ny5nn53c6jtn1bkehrg3tnmwn9dybz39dskjq9sngjdbv2d4wj4ptyac82kjcgtkqj08g1kxz9wx5gt95jhpcevd62mbpnxjz8jy5s53wf9fsn96qm7355wn7sq1wf1n5rmefnsnrfv5e4yvn3ek9et7t08ws3n37gyg2mafm2ay2wg7x7xbza11rebec1knj8qk478sdh114s83bba2bjdccngcw485sbqgt0ssbsbbzj21xrfv970wvtas8fqhpznr663azv3ay5yndyn02ek0htttamh2x98h49r6vv8sz72yvyq0bsyksffyygmha5q8mr631st00js7akwf1st0hcwswyyy0fcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%26client%3Dca-pub-6455015126764625%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8111c8309dc04d7c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:55 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8215 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=547691374644682&bg=!DQ6lDkHNAAbjlzx0w5c7ADQBe5WfOCjpkvuxZbNuEeYvEKYtw2Ryo7Z0sFn9QzAkywibCSF8TLj0zxvqrLOYRpRsHniPAgAAAxdSAAAAPmgBB5kC0yzRvMXErf_ZykWcHpYUVBi2vA4kFEB_PyXWlTcXWsp5ZWv4FpWtE9ccZDcXCMKmyXl4W7DD4WnrAHLLKNhO-sJEzDI3Vk4VeDMNJgu24vuk7Iv8GyriAnPATM2vCtchN-8VkK-pLpl2FyU3PEySLd2zDjamsHXyrVedJgqpWn4QZnWD-2nvl9GyX3NvJjVNZ7X4UJUPw5GA4FaTaGufiX6yKZBpOPLGdiSDp19OvKhiiP4ERznECX3VrMFnohBe1LSkUNSicqP30Ss7auNvDzAajRLKtAZUjYSHTlJHG0bvAY1GghfTNMxZbETamIkpyI_N0u7ZoM5Wkr4AVHb-nzZewdO0jFQor2MeCxfdxVGDljGl2Y4CdLkemalyjXU9xIAUuy8ckjhvf294AD_RewlW6LgG4b3eXHcGCwzSKVUrISl32_F-SSS53UMTQ8vm61U9x3nZUh2BxmClqWvitrN9iT3lbOrEFaDe9N4hgu6rus5xiQ5a459bJQ3BO7Zfbvzbqd3oCs-bsqu3d0SSFbHlP3nxqUI0h1S4yw5Zo4oOOrClw9IvZdzYoJi_ULkH_hiOS7al0oxkTdAOUwb1f4uscXrcVqv-fv2um3zUt5rzrqn5pZpS_mYV5HEBCr-K1TYQL2oa5XDoqeFyv8qrn0aswsIobMvNoFrpo1Kl64HQljUzJJ0A_jNdF9oJxyRmw5AsfjaXb3ekA6A-9yW49rR6gfyAnKa9f8nIqWQ19RFegKWl4AcN5Sph8mA-zh8btZvy-Xm4a2z7edUqkbadoTT3rUM_IrZKI6UvjAHg9hWW-AuZ6OVuU9Nv788c68-di8Foe7PIxq9jhQv9kY2hJhnDfE6r55afMkOoKMqUUyZzBLOVpSQPmzCO3iikZ5xdOQfeJS89Mhte1YD5NFXFPIMsOS1h_4tzpeEPI3C98hJLYvofKV6meqPQdrliDyPRR27jGw
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame D417 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
692098
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9MiXrG1nVELu7U%2BQjeEIELaM0Q45mCME8bTbe219FfQwNldakaDJ8rCa0gEMd3eMrkvxDrfTTTz7lbBZznuCRGibfSerN4mCCpU37egK2deR%2B4Vau7iAz8FimFeTLgXmuxcJubAymI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8111c8311e014d7c-FRA
expires
Thu, 05 Oct 2023 02:09:56 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D417 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2152376
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BMxmhEHExlL%2BUgBZH87lEGNNsuLwEBiB5BOPWHXTa8E%2FGIZZrZTxcZxRLGxolNcpOwBebfw7fJHnjXcwWVIeq5wFD4rOYLMk2o5g3QPlvgNpsGUfAOzTQ7OxRN8XzSp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83119a44daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
assets.ad4m.at/ Frame D417 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2147529
cf-polished
origFmt=png, origSize=168649
alt-svc
h3=":443"; ma=86400
content-length
105332
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 May 2023 13:20:49 GMT
server
cloudflare
etag
"ac48b4403a35b54196486b0c2a925ee3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h389ls9f1r012lXgfYcSpcJPJIEIO9RCbhQspv2Tnn5kAK7oWClLvk4Hj7J5PcTE%2B8VfcL1Ur4MbVpgKYqclHEWcf3vp%2FZfWtHS8l%2BLleky%2FhL5okBap5RUfwY2GPA7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83149c04daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
/
partner.o2online.de/a/ Frame D417
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMnS0MHc3YEDFT6Fgwcda9kCPQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:56 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680933X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame D417 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2580563
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeYiv7CcGm8WDSXK%2F7QrXKeuUnOjE2lrxvNihlNFWaMQNxFYm9uXXQoSS5g%2FtI%2F9If0d6JS7te1%2Bxhd4RdK0BrNtT8D61ChzYGYIw7nEi6Z74BBgP6cQipo00ZXzKjdv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83149c24daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame D417 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2148489
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsmMUcsqkDW5ZnvujQrLp4XjlllDW4M3mPrJIGkM3FM%2FL2k8qc3yevvgVgg%2BA3wASXPY9IUkOCa7ScI8ysBs2Vq1jj7veyuLTz0luSxSjQIAIr15z%2B5pdgDaysgBnEdL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83149c34daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
cshow.php
www.awin1.com/ Frame D417 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:09:56 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame D417 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1311538
cf-polished
origFmt=png, origSize=155987
alt-svc
h3=":443"; ma=86400
content-length
97378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:34:04 GMT
server
cloudflare
etag
"046c487317a4f122cc1e9773901d1d88"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZrDfCm0Pm3ujNQMPsB%2FlLmXWm2Z3QRs5KzMKStPKfthst9r0cuQaj6ulw9OAclKCSbENJm23BcurShH2jC0xHN29pAStHSZjECcuyOVDTLZI6dUfU%2Bpt9MNaJqvTQy8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83149c54daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame D417 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2012200
cf-polished
origFmt=png, origSize=167445
alt-svc
h3=":443"; ma=86400
content-length
99202
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:42:06 GMT
server
cloudflare
etag
"cdf0423881e134b37ad0cbff5572a8e7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YopIRydZ7M%2BOLfSEkqT6vMqUzCvJObA2%2Bqk%2FRBFM3GyB4a90xT3bFjmQycWeEn6c9xtXhewqfn4b8t8nxXAGu3WcZ9cccjQW6Jm8FupjwqKIU6kz1pCvgkR8zqDQT6adPHpTqEElrjKJt%2Fif"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8314e184d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
view
t.adcell.com/p/ Frame D417 		42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=160&d=600&e=&g=d143f6510f9c977bf581b07a4fa4b33c%2F11718050234166296615&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxmwf1pbrmzm425kymggdyrbv7mapzswd9314kcjaheana3agw7jv0vjst792dch4t4wc3v60sda55wh2jz3a74cqyr5fh0ayjrx0ctf39mz38tva58h570hex4147jhbg8f1jss7mdgvpcb004k6az5hvy3r98y0tbwsvk3a590grjfvtvdhe0czw09tn8zsb9z407nrbzc10j3q25kbw8ey58a8cd2k69yatesn86393j82vyyxp5fzyp9p1zbh51ypntz1zsykpkndbv5bwd6c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpt3T4QweZazSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Qw2ORpgIBrDMcctmb6oGdnh2__QqWuc9UT9l4_8MH9yDpzzSZedqcTDcrAhJPvHroI3P3UqtcHchDbALWdZCsKEq7410ioE9T84ML_lkkgA2qZk4_K6cHkF5i5dsdxkVCDcLb2fWZUyDz1b7S2f_dDs16T4sWLWF3A6glHer6_hg05wEmxOozmA0_rguyzyw9GtDByf6ZMYQ2zg97lTjwOuipBlj98beVTlJ5GE3bgaConMK-7PGHBEWW6j6gQtHU-BilAdqaJXiABqGm46XH4Jqh5gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2VkWD3gMoFo11GRcrvLlGCgTAP3Q%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
xb905524d.host.myracloud.com
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame A908 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
692098
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mdqfEghvb8ikuGF6JAf2OQGfmTUT1Z6TH0%2FDd7OVUnDfvUaILtPUS%2BAUP1ZHOpkOeLuNWQYqdymwrYIdAabd9cKoodyPopGFHnvAjYoh0rGvHPg1IrxnC0C6SCGCtitM0dB3QwjjKw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
8111c8311e064d7c-FRA
expires
Thu, 05 Oct 2023 02:09:56 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A908 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2152376
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BiNavSOXtUdpPkKxkIBZ5%2BFCk9BCJbqwTmIGdz%2FHqHGMdj4ia0YvK8bRZVwqVzGnKyLgyO1X2DDp3bXyxsqqHMSy6QoNqLxjHmte4JnPq9ayh2GGbq5s7Nu0ZJgBEP%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c83119a34daf-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
assets.ad4m.at/ Frame A908 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2147529
cf-polished
origFmt=png, origSize=168649
alt-svc
h3=":443"; ma=86400
content-length
105332
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 May 2023 13:20:49 GMT
server
cloudflare
etag
"ac48b4403a35b54196486b0c2a925ee3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xHfdxk0yGdVkqSI60yn2tGZppCEVunedux8jQo1M0hNueFkSWBdIaCaHqlfv6crwataSaG9yp5iy05IHwmM1xDP51m2ZxW%2B4CHSuKRGOwNlS3tXlIeRWUBc21wYKfGdTwKUgQWaiLisc3Pa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8314e194d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
/
partner.o2online.de/a/ Frame A908
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIPW0MHc3YEDFRAx4Aode4cC3Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:56 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame A908 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2580563
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLgRJ1YnUoFZShgdDqdGbDFm%2BU5V6Xyt6QRvlaN%2BdM0BPybbyyjzDw%2FbFcfjfqiEYthAQ4ODi%2BlsHCn95KE8gq5%2BlA6S7VKG6gv4VGVNqpYll4xPitCaySHQ3i65Xq8hrpwXBnsZtjUAjVuV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8314e1a4d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame A908 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2148489
cf-polished
degrade=85, origSize=133780, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
38661
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FKB9gPs%2Bb1ObIuKtCm8FTJbHRTapySN%2BCmAU0uPcoBnfTFbJus%2BofrRRYLjGHdxlIkWAEjX%2Bl8iOH6LUmnRqH9SPd7LuGqC9MrtHrGBnjzwFT1N7MHdnU%2Bu025Q3tCX5iZYNMvblgBRPION"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8314e1b4d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
cshow.php
www.awin1.com/ Frame A908 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:09:56 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
assets.ad4m.at/logo/ Frame A908 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1311538
cf-polished
origFmt=png, origSize=155987
alt-svc
h3=":443"; ma=86400
content-length
97378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:34:04 GMT
server
cloudflare
etag
"046c487317a4f122cc1e9773901d1d88"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCG7hh7VIomB4ZyRfFfaL4PvAKeJBZJFvyOkBjhzFcNFBYSnDFrpJ3yLxsXqBMbdBpGlHRiNi9xbMnbbD3oOtn7xryGFG8eyTDr9avMhMmCyqNd1HEpEbOJytJSglAyiEvmfdQStBsdLubF0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8314e1c4d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
assets.ad4m.at/ Frame A908 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2012200
cf-polished
origFmt=png, origSize=167445
alt-svc
h3=":443"; ma=86400
content-length
99202
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 10:42:06 GMT
server
cloudflare
etag
"cdf0423881e134b37ad0cbff5572a8e7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iV1a20RZtAKD1aNhHLME6wQP36HB0NkOTs2Au4RrUCFbu9Bq25hW7yzMiMgriYKdUZnH3dXIXQ%2BsH0KiHd3Xpq4HdIViHApFgOEHnqwERvBJdZUCaUnBWyCF3g32FzszSzKw2rk76WT91IkN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8111c8315e224d7c-FRA
expires
Fri, 06 Oct 2023 01:09:56 GMT
view
t.adcell.com/p/ Frame A908 		42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C19769%2C482267&b=QMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2C7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx&f=24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CEwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR&c=120&d=600&e=&g=698477e64212b343f55dd57e1a0f85b3%2F6118695887521238671&i=20774%2C21630%2C84588&j=14%2C16%2C4&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1696468195784&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsydemayntpx3dkxkr7p63a2hvhwq70mjn4mcca9m38d11bbxq1vhahaqc6ja7q2a8e5rwxrn8brec52qb0j2axxb4a562pstsmb43zg96z69mjwaxhbv3s8hs224jtg29b7nyn8c66225fkxt2h0vtptg7hmqc0amb74jfpezwdp4af6scbnexhatn2m53zhxx40vy3mqynsxp62ntfte1n6bh05kdzbq26vt8m304z1khzn1ajv8mx629ctz39a2hgn1ffj173gkt80emv9h00%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZA_54QweZavSMaiYiQbQor3QAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY0NTUwMTUxMjY3NjQ2MjXIAQmpAuzSVzCFn7E-qAMByAMCqgTKAU_Q2QrbnteRZQPDxt4Mv0tsLpb62mbdAiF9WaqVRaRbkJ9Zl9xm8cFxkLNfpxIC3ImPbyPEU7YBsgfvmOxpV0CznmugOL1s_fw7GKhcWb_iRXqlUnKVjsbM_2F9RMa0bx6DSlp3Li2yEz7u5jIMK5tlEHTT17DVSh8ftlrGK7gIgS1PYnS1cHEbQ2dVmCKPtdMGMYb0YVJFlWwdmJpAoGfNeR8Y0qPc7i1uHnmhob83R1VXGO_8VuYIJzeAjQV3Kn_uDTxku_Bj9a-ABraMjsfi2s2F8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3QgJXx-Ff_BJAtXJNCrlnDIKS44w%2526client%253Dca-pub-6455015126764625%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
xb905524d.host.myracloud.com
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
strict-transport-security
max-age=15768000
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D92C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=2018822925082418&bg=!eXqlejXNAAbjlzx0w5c7ADQBe5WfODqWS3MHPpS0icajgWOrvtYXJLPGLU3_TvpushSP78zacvsby5G1iZ3UFkTWf3vtAgAAAqhSAAAACmgBB5kCx4CRgW5oqLT7VB0T_HEmPOIJmwUCnLgdOe27hzKWkV-GPKnlQcvBtALQCRIk9SFiQo3yDJxv_N81BPDBEiYl-0bcA7SG0mMnnTBbEFVVYzZ7ytRoB2l8zkYk3t03vkbekaIterJYjcWXz75ib1wz8eeywPQMvfRumxnUbAaU482c8L_1yobQ_UR5hS4A-x_6UJ9-ZbmiyrcBQKT_S5LAIni6eKrVpbpIwGd8nlg9s4hWhaDiH1vCQtR41e7FMnLlPGgzZgu9vP6AtDikjY9VwBtKCibXaTQ_GwWC58HF2v3C2Pccp8i_16LLcMDt8ZnWkAXL-B_c5CnN3iaThmdhh25qrB81lRHPveVmtJpFM2FzIG6O30VfYMiWmX0hi38VTHEpX4lLiPv7Z3YuKmI3NMPpYO3UYbcMKrqMRC4inTzPtx4jdGFtfPXRNxQ748ng2pGVef3_3omg5DcmwBy5SK5_5W06HifECw4X83DYWW9IauNTHc3w4ucaat6cVGSyD0RroPqT4ii3p5CWyK_NBHYrTQq_Al9eioR01-lk7HR-hb27MfhT4aMHF7l1PVE5ZqC9_zujPqKxTQ0ELDvQKeB2wC-s663ily90fsrp7qzlDBUAsCzPPMvHE4cy9JqXHwY-IyUaQCFHFfLHLMDv7TTsa97S04mbvOtSUhqgsL6lVozfQenqzePhzHjji8qtisppn0WY4G7ycRUsEVXGWpJvX3xs6Q0EnKC0uX--rC0NBL3pnmzf7m3At6hNJl131P2FBGnt1ixROCCV8iTJG1S_g-NRSEaOri-AMiFtcKxfb6eVY0QA1scs_FdkCIgiVyFk5LwOSiO-UYVAdTdoVewMc0QloKmI_4H_p2N7vdeg19N8ovjfd5IM_So8gXtO97SDeenWIe4jzjsH9WoxIMuTi6kw6quPKLAtnuU3_jJsItUrhcRm0g
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 914C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=3007972043363280&bg=!w8ClwI_NAAbjlzx0w5c7ADQBe5WfOFAtxOkN1TR-Rn4LeHi-VWHmpLgwNq4pY5_fTBVM0c7jEicNy6F8DKuNOUMO3OGCAgAAAvRSAAAACGgBB5kC0p0wn69qlgBfmDy2t81-XyPeTEQBDGFj_SbCf10-rvFeYkSem_htlyeRafonCV64q4Eq-uYuNzgysx75PiWTF5BRBfnwPUtjHLotuJEh9yWyQ8XDDRKhSmcMbwjQ-uyOpa1xruzPF7R489hJvbRhcXDkEsLk2DZ4VnBzzeji25Nw8mVYYetfdNF94hkmCKF5-V-9xDd_nd-rVusDWmrUgwJFbn97BPhTS5yZP5g426kwnwDapHd8esa2EmFSM9Ig0BTy2zaPrYCHSlSinKVScjwT0AulXaQKI_mEsV2v5P9ODGLINYs91cm5WJrE0sHXiNGoaH9Z6IJXukgkLdpIpP2ldl8pcTX3uuue4gkulFTXxjTaGO5Ty3QtzSh67lbcmZwztAUTsZWutqiwXgpHzLXY5UNI6mYhzcIeWysIu42EEHMzsTPef-e5YB4rIzTZLxJ2RO-OdikQomZ-kbOddTRf6LwucC0gtmsr_tkDwn8U7zjNmoONA-Th2A4raYrJWuTWXanAXycMtABn7Zks_BHfxHQrniXy5kc8Wk0u0x5RZX_dORCUA3uzG1rX125YHH-0FNy1MvUCcxM4EdeK_wH-tSHWgh07H8k0espDWbXZe4qy2hPkJj1XSA0hLxTgj7kiQFhbSocppJ4dp15yFUyFX_8hLYnaDOvhAXEsPZ_f7Sg7bu31MZf8AiqqQO7tGcyUNj0aJYmSBVy6F14cRwuHwwTRH2-WVGr4hhvoPv8i8Fh1q58wxKsk0zQJT5y5Ci459KK3U1_hRZ0MSNhK54WPmXlJT5lIHmwyZLxOwFccbENmumjXrRINocZe1MavtooTblmiJ6VkP81oYHAJDOyWHU7EWYLfFJKvKQ6Qv5MAhIrHJfID6Wh1kM0aSpvlKQwRZz8aAgLQUpGdooaLTw6ieTnTEOtDqA0uqUYSZb8CnCshoIWs63Q5uXLOKa66-SoU
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B676 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMnbw4wweZaXvGPKOjuwPz9Wi6AUAAAAAOAHgBAI&bg=!hoWlhcrNAAYMG8UMLBs7ADQBe5WfOGlK_tpFJj-zVHqE6TSzXhx5YruOyHgZW-4YSWQeHot0Quca0lhl4SagX92eJhsGAgAAALxSAAAACGgBB5kDBOXUYoFr6Y-8iv5aDr_b05KGf3uSWdwTTwesHyDSdSrxqjDRx07hxUGgEr6TdBaQ8cSYEOQVTGCtG8d3mMcA7wsnMOImMRuQXnH9DlmLKY4Ug0ces1H3w_PEsSS4urB7PXMd6BoMFdOt6BRxRcfqwajZQ8029oAWNIWYKFdgyz4lMu64wuTU3SsKBDlxgku0H8hoccA4gvI5y90K35BlRbWv8dta_tWEa-FwcZQl1vJ-7acy9NnDX2329lQUyfYsp-CWupvxAVkJTC8Oz1qBvQFLPUhnx9g50Z9RNZleqvayspEC5VInKOWBKLWohWNoA55o1QVlP_VPMhJY4uj9K-VqyDu-ZQ6peQuRcc1yB0FbGbK6A_IIuQqKlJqbugnb7W_R8dpGITh_B6f8RQHmt80Z1yavr_08IFqN7L0VkHE13gamnN91apX4GRiwAwcafQAGhaTLyojW5uRjFF4z3j6PvKLzONrkGx5xCGdnz0NJKHZfY1W3tCDe5YF0fLAzuMr-jUAskXbMdyzNjIVz5tH4_QFQ_cCqmhI1NrZxXh2B8WBWdY31EA4NHQ-NPtLMd13edUpcNNma3l5i_VF_gDxZSwEheXwfo3DZHTb9oFedCToe306rreiZiA3HfrZbqvx2wPr_emUaqF0VR5SJh2K0nDc6aMgM-kbXJyDrrdXB2VN2V9s7eHtl74UIbbA0YvZWsAUBZNdZvSkAThhoG5gkM8fHDkzh9ve1Rr8liFyUe7wB-I3ePi3L829OB2-xOV-Tmvy1Se1gbRBiCoj_0vYl-mgZcWS7hLIM7KHsvnkfqHMgrSbyaZ08uDx6LehPySBUKtIV0PnfeeJMhJZbF1Lhq2AOVO8hyocKoAwQoCPa8LKMgT4SS-mIMJxNjVlX3xbb9EyRPyniyOuUkVe4tDHMxtXxsbKD95DOvhnY0HYLJ_zrHmvTJ17hicWDQrBT0m69S8gPanYpUo1bYVbzO9Wsy7TUxzB3CsgeFU4N6oV6KaqqoH483Qtl88pVeSh7SDFQtUk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9463147228097937408/ Frame 72B5 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dc412192fb68bcbe593695702821ca662c5e24010638fe385416b8da4137391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
571171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3545
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 10:30:25 GMT
expires
Fri, 27 Sep 2024 10:30:25 GMT
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F011 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0NktyfqO8rJ1vteCRcAHpiXJzhbSog5Nr-zjZo9sGSVFcbnrJgeQ-p34NOZo_L8cRTCx7VU2djhr6pjs5OSjEFGk-uMRiX4n2ueuF0bQ5qjRWXufEqFiopgytUI4ZOF7eRo_B4gTVfn7vxIj9x2L-s2cuJqJ2xr3_FPl33pX7xm1_SAPhRD4hM1uI5gAZCxCe7n-ILbt5ZtVve7hdjfpDTR2X6H2VXxOdhDBtd_Rd3Vb6cqkOPAF8BPKiOAUGQWGjE9XHoIxSL80WgN-2YWA65OBifIYCpAN2WV2vMPC-mzc3FxYcAc_7keL7EI-zF7J5XnU-Tr1rbDSzhwvubIS8u1kRFZMEqKMI0CvDzCvUJXDXXNIpXa-AgSOsC7t8BTSe4vObr9Au3jfZOdf6jhx2953WAvuIdAYMXAmCuMdcxHm3bWebbg8BfXSI7BKM21P3o6xX2CQ_mCkYEBHrSRup8jhMYMNlm9B-HBCTGiafBcm_W5rxPLy7XmodB2BZAiuUnBd0SqZ0DbZ_Pan6ZmdeY24V7FvzmqxID6FPCWrzzzp0aaJ9f61aiMCQwVrWZi0BxXH6TNntW3JFejjZaLhaVuLCqpN2zWMCqNrddUXwLe6PWg_GbQ5C1tFAxtCHflcPcl3p2Qnuffo8dupvGFBjfj0HHiEj-5E2Kxi_CoBa8sCZwbMNcf59Xw0AEkXmP0PEXTYgrlnFVq4qK3-DzkA9DBnG-Qn9RHNO6i7breBGtBwP0FOodugoC-F11oFkddOclX0XYn3KIbU7vlw15VKwa9F3rTXIYcZIBw0P4h3SeHYH5yyc8_M9AUl27gthXGdrb2F7M_VCuVtp7iYSC8QReQ33BUR8ULKZG4BNMSatf80BhbpvlVQdJFbYED9IhI80UKxlDxzpeN1KTM_XutCNOr6odYK5KMGm0rX15p7XRwEe7gml3utHMqDAveyoxa60Hi9bII4mAtQ1_uVx_I1rPLoJ3o9wKIilg7Wf2YVnPVGp1ffD-yeJNtBGZ3zVfLorJ4dLitBD0wbjCGBuEUYGtl-CauZIY_iTfSBYKXEbjk8aRT-XmHsMV9rNSzaCWqAQaq-NxYkRTj6JGz6PXyA0h-11R-1okaKinoURyQDH8SaF51OCktLJUt3Vm97ChRwZv4n26YKyG2asV1uiPQUfZE-G5uS8Lqx76_BealcTD1MwQUxYSWtOUesSQUku4qHI9ELmjxEvSXYjtBflySBV24M56N9x9-eNg8ZDEtHvkurCV2BUQ5LsYChJPHVJlqot3zuW7hnXHfe0nCrtzkZ4RPeNOMixcXhjFj1FA74&sai=AMfl-YSIw8_tkLm6NnrAV6vVeeZ5XsGepy-Ul06mJmvKAMG5HuY1skbwF_J7qhGM8uUN70LU8PZ45clJ7S7lE2KktlkUjO9e8KJf-Ihljs5sBc5fYOwwQgU1E6V0NrBC78rbMaEWIaffU2wxbsir0BdURJerkEJmBtfK5WvW5sJhzTPeo2SYkohIhKtPeXuabxSpMmLXYEIXOox65-r7P6fjrmYuBoMu0EyL3lVn3mh9PMhdl8edPLSp3b_mXMyNU-hueXn_q4S3Y_aWnmFj3zrfmu48og5Oa7nD&sig=Cg0ArKJSzKmBto8G80CJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=573&cbvp=1&cstd=569&cisv=r20231003.10094&arae=0&ftch=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
firstevent
ihg.demdex.net/ Frame F011
Redirect Chain
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Server
52.211.186.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-186-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v051-0c65f58d6.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sJFqbW0PShk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v051-0b5a74021.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6wEpslkAToY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199433188&d_adgroup=567711494&d_placement=376907440&d_site=3439440&d_campaign=30589232&d_cb=4134391308
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sodar
pagead2.googlesyndication.com/pagead/ Frame ACCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=2140185377516309&bg=!lZalltnNAAbjlzx0w5c7ADQBe5WfOJWr3UMH31OXgqjnqWaJ6ZhhIcE_O0bIw7gTeFgLKvl5GKPyqJD9tupiu0lQc08FAgAAAulSAAAAKmgBBwoASU4PZC_3OMgBmK0RfwQH9GyPtD1CzxoOomPC10Z4lJtcmvuNAU9kaNmwjF03f3FR4TDSdIcFdrhc9ptoPDVtiZ4_qFfgimJm7z6ZAtOljvErY5URl-DT4NyBUGlxTE1MOjKhN7xfE4Kd6CYodb9BXrCFIIHutnRZ6VMr4QQ0MF52kTmy3-_5vJCL9JY08EczN0ru166VDFBXO43FU6Mpr4xdZSdbqKVPykk_THyQuDXKCuJR0DWdzq_9gXDngxUHZw-SOakwH4TUTrbQm5CntTnRdw9eU0k6DHBXAI2sgsKqg3Orx_eQFCaIC1uyVXQ77WMydJrFgjMhgVy0j61On76gHb9P_alkfXMrAx_-DLtrnAaCkuP9EH0-LytVoyCQnq5thDOwPg4_eCSaUBdrR9bsc6xB6IigkfzEUU3cU2PuBVGVuOWEKJXWPYq108DxmymHSeU6KtNe4qgFQe4Wn493g7K40gSsNNOJ8IOoICmeZlw2Z8BrS4ywZqlr79PvTu0O_BhTma7ebny_BAnpuSm1sjnpQAIcQVuRBIA_e51CGfMakgo5loH5PbXlQnFgkR-RxSfRtfZn-SpzDSq4JU22Us_dI-GRndZrPquOIu7uKbox4uzamPwfYvR0NRvDTidzs9JulWT7Y2Uj4TTIBc7R228q-dstF9hK8wHoNOcZadhBG3ac3UPrKKrSpdxxQV0ik0zJBmEOHQwTPEzSLVdfjqKKbPnjT5qGiYuNdSfGsOjUB0R08nKMACu4sjYpYssC9vi0zTtFuQIY_sRPEGM6VoIfoesdQD-1uMvD9O94GKrMqHE3rloao3kQf9NoO-xccbD0AS4T0uMEjTwWRzu65MalJnwmuWB1czekb6NxWvja3KK8ci9eUE_bVe1EIaEAKxfaxzFy1eaRTI3C2PACenwVy5izjDmED5Br7IK48fV_6uAwOUDo3bnQ2i_xs6A7y2PChThewJE5THAcD_TU2qUAdH0_g1pDsNBtXliEs8kiIUBykNvihosuoOa4rgtuKkKyTgeSTYvyeR54Otq3sjk3HkJznVx8BGHRaYs
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame D2EA 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lnchd1qr&c=3716479275237&slotId=1858239637618.5&qqid=COrGwsDc3YEDFShMwgodUFEPGg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.99.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2EA 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CpcjH4QweZarSMaiYiQbQor3QAZ_7ieBytvqy0swRsdKBvOcCEAEgts2MA2CV4pCCoAegAde9iMooyAEFqAMByAObBKoE6AFP0IwfrAmLHGLuCOs1QQog1gpz-eDmA7a4XmDnyeeuLCnRLwAXaw5IpyvM1Vrd_Xd2OjIqOqAKc7ZQpHkngRaVo4VEgu6dpNIgxzDyQfD_3VevSigdbyEY8I_ez9122KBGnOqVqFhpyK7RAF1IHJVsZdJex_Mr9e3MiS3eIsDyWm3I-EC364S_H3WD3YC3iDI8fo7GggZ5S3J3ITdywZcG291qYluhZ0uzij2xnycsS3Lt4_x-DRF-TCTk7w_-vT4g6-UZfDjfrJE9drTVJ2nRbdacx10OfsiSi9rGIUYACp-YXcGygDDZwAS0lNnrqQTgBAOIBfuHu6NKkAYBoAZ2gAfX9dipA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7rl9RTQEwDYEw2IFAjYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1696468196126&ai=CpcjH4QweZarSMaiYiQbQor3QAZ_7ieBytvqy0swRsdKBvOcCEAEgts2MA2CV4pCCoAegAde9iMooyAEFqAMByAObBKoE6AFP0IwfrAmLHGLuCOs1QQog1gpz-eDmA7a4XmDnyeeuLCnRLwAXaw5IpyvM1Vrd_Xd2OjIqOqAKc7ZQpHkngRaVo4VEgu6dpNIgxzDyQfD_3VevSigdbyEY8I_ez9122KBGnOqVqFhpyK7RAF1IHJVsZdJex_Mr9e3MiS3eIsDyWm3I-EC364S_H3WD3YC3iDI8fo7GggZ5S3J3ITdywZcG291qYluhZ0uzij2xnycsS3Lt4_x-DRF-TCTk7w_-vT4g6-UZfDjfrJE9drTVJ2nRbdacx10OfsiSi9rGIUYACp-YXcGygDDZwAS0lNnrqQTgBAOIBfuHu6NKkAYBoAZ2gAfX9dipA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7rl9RTQEwDYEw2IFAjYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D2EA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lnchd1r4&c=3716479275237&slotId=1858239637618.5&qqid=COrGwsDc3YEDFShMwgodUFEPGg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1u0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.99.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D2EA 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C50NMyBSxqLxtafVl0FLzftWEnLrbw_lQghGe3RNipXrWo0gTzyFdQqfocxsiShCZBIHCqz7zxKCcecjgR9tz7iyZktA&cry=1&dbm_d=AKAmf-Am2qbi2n54EoNxQ8v13K2Yl_6pEzEWfYck2obQwsE1eBx4-B1Xs2-bfzdVoutCOr6pm1z15SYk2toq7x00obTNa2q7OXTf6_6l0gnmZC4-08bJM8lOLD5dH7Q6tsXaxnl4M0TeZTpYa0IhBo1ziCiMKn185JlquQdSEs_BjX82u5aL_z2cEGYdElHJjgDrHSATHmknYkoQZhjxD4ngt559lVNOryXs7QZmudKWQDuOsGVhT3wwR_22EYRB1kNE7WDzegF1cMH_NSKn5vr1fgAu9U7Dv0_mxSgVSLC_inw25gpzaBfY7RHma03VciXh5b2CcZxNfYPy6GvwQSqlmpy89MgyELmga1uezhoF77OHC9j-a3maVuBsSlnD0yqyw18b4vEsnAMvXcwcyt3B3eFndHfWx4jPEVwR_P-Ewq2GeCfWyPqd5vFNomrBTEdr6kf2yVZ_DkKh7K794uFXHom_58h-YxoN-6ty3bgGXv5cjQCHpDrDcBvS6tU3CIfICBwpE3_mW1Av6CQkWGyiArp2KNcatzHk07UiED4hUAEFzYH3cAgPpMbf_XHfr1Wh0JJaFyKn7AgSTYCkG30-uNLniDgf445bmzlN0flpGVhOMpRRd42QeHBJh0CWvmzvoE0SoF7cwSseEmdeBJz76Bt09hbrj1oWoRlSoE-s8rr-U741-XgQDszFxNQse9DBbT3Im46R3OexmTS_-k8Iq5wZB9GrI59xqCskVTuZWMzUuGiEDQ2bxxZ8dNSX6sUOFsalRzD1o_wuXq6tBtUr6ORnf_H90eR2PdItzZtEvuZRbJ86Wp5Pazud8o35JsFgSR23eV446aaPDb2gZPYyUewwWI2n7JtP6uxloqE8jhI5oNlOTRJRfGC86rXsfUGcF186jYdo6UDbLhazAuDZG35QFio4xArCMAuRMj3st7rYRkkgLMzhFe0ixozNrsbCJE4WjnhhqHJqX1TdO9n5ypwzUD_bqncSpHwA5u-7SJRxCobiWuB2KpwgTCXemqRi8Yf4eWXSFVFvjE447onWcKE2-D-7mS4UvnntFeAC5QwaEIrn79PAjVhpRcIy2A6qG3aoljDangKZ9Sk0XBt9SpMXpUNfMZf7rstNaTjLiwoTxsvZIEmIDR2BNQYfpbz9EgNNEg9wihacPdFQj70wd4693SNJOzZddj_k-0gtY2xtJg0cz7jC21SxwJSGZWUi6HAzw4Mor5oR4mOYaIoU2Jv5RBwb87_vbU-zmZfRkjO6XFnM9MFY0GzZLP6RG51MrEV9Uu1XcU717jB8ihoM1qGCBTUuwvC-g5kHsq8IBz3I6VKAzEkiPhXna-8fZKRUZDbTV7-U-aG2BTQa4twGyS_oMhp3HdzxHMv1p6esU8FGy22eGzo4O8xgjSF_L6e9f48pdqsuo019C6AqEckVqI7DdeYyDgUbfpTxAsVutcHUmo1iuO9w2eLnBPAZ_fnqElyhM0ojjO-LZSfUYA8KGO21u1quhSnuPngjxja7ZCq3C8c_WLX297wVdMPnTLeEPHN6h4F0xLTiqcRtlQzA_hH9FU0np2m--FZYcKHwWVDhnt3XIZ_y46DHOXwx1SalyiKBDXv7fjgzNQxY4ZKEMVSjTMxxEjRYP-65BikIOxwUh7Ft_tiIxEWPdEIQXbPgNiN7Ovdand32SFF8aYJSsSZp31dtadxsUSmW9KAkVwdRBLEHaq-IYrC4qQzsjTZeBIbHcXDm4a4NKfvmi8sMstQAmv8QhM7k4fqJG_2fJT-4jXDBGXoWVJ-r7dqY4jbq-RmQJJBZPLk1X-Rajzkmkl72yeGps3-PKrLMVQ2lX3XfHJz8x8R-J-6ao-50hvbxAkCuEHbSvxTG5yY4H_luGWRoXZxyfIgVeHm3fdkqfFCLBOujrQTcqq9R79aCw9aOscqcG8cho_al2p3y-o-TKmgpPYcCQXKYj_9Wsjp387SDTdtS4162kwplZ_hCFw0OrgDBApCaDmdpIkiXAP326dRJUwmh0vvVNTAJswuA36gX_Bzf6dZW5hI3ElkqdpQsDJp41l4Qxz3EjUv_oPazcQG4Jgol8HDMq591H3mpUtgVDznmdB-lF_aDy0VSbAfvMMsnThwW5W4iRvPxZLS4bI9C-kqPJ-q5XES9MepOa5uhG5xngDXlZinqlfnAWFYGmoksqu-aTw44yEpNXkLvPR14K3uwurdNzqSLXSMpRe8o5UyqEfr3u7onNRhzV_hK_GbXOsr3f0I7GBngbmOZgSeTb4V9WGaIyhqp9cc17uqgkVRhBAOX8ApLm1TtHxiz5wtwrjk0jVUudXC0RLjWIz1P9KRFYw3OUmcU6ct1uS1v4c6oTzn5C_cv5DNHoNlZoRam-d1yhQhp7paXx_kGLdz7PfhBpP5KCfV4N8_CRTS7674EUe30p8LZKqcZMCESfitnz3xvgGKPu_9QGAC7oilq-ynu0qkBXDjA5S16M-sFnpnOfJNBPo1GGgTq5Q9BXE477-MyUDVzmTduZF7jZcKIdvC32bhZKfo1BIfHTzuGg39ifPA2lYR8Y95Ph0zfucb40B-Mv_1JbgdDiULYuW0KGJSuNay_InaIxtyFBrHmggvEZ1bhfERFs9aGOOyAcRBfN4WlGEAB9itmTfZO4rzzwOh4jFhhEzLOLOFZ5ZHLzXdGkHh-E7b4xR4S09LKqmJiWEJJ1n6Hf-EJFv1oh8o4oVFmAuV4LMhh8AiW9I6L6BAS1HOdkUhik9RNW263f9P_imHdG2qvriMZSj480IPBW6bULyTXlccCdCCveuBdip31LUEaLZKr78sJcFkbTa9Rq3Z6kisNd5li0x4WIwDfkxmWV6XsDE4jAmg-2jJpJADWfZSVaXGYmy2UirZKaSSt1yI8iDFacNmA-G4wpr5rce3veoZPC8KmDyLqrKrC77dQ8y-anGVpjuA1tE2IzLMYU21Me4P6JeInbX8LGJN7dWfZEXIaeeJl11C0jDy4iq2Tiu9GW3AVzPedW_bTyQuSOvfsbg-r3X1MmBeBABK_DD8cLYlfik4m7uv6SEA9dNh09aq0S8CQjG3-3M69T04_dZ9Lu22oiGpd00z0KKxzef8bOXJD96tLuxPIfl8DNrIxMUt1G-ZoGlPPqcyFPMCDB0LyAsdZU6gnnTixrhu5W7K5uVoYiaU4zxo-_gSqTvzM6HI79b6rLvkXRGNMbANbE8GhbUojmkE4Uie87vyLGKWs3tD2fcnthEYoyXuN6I-yUVywKGdHPonUYx_TionhbqD2Af-0S4EOTRxCu02MuVp7kcHQwGaUHV3B4BexzYJtOaM44CmZmK2FJe0piA8j0ppE0RwHqcfSBL6qEgSPEc9uEB3aBfFljY8hNWVASQ5sGLEeVmB4tigB94Q5HCCy45dDEC8VxPdIgJcBI3VoVh-r4-mH2wl-1zLoitYGsyYCqVBbCaxv6mY-CyIjj2tOA44-kW34Sh85h_gPFmqXzb0_bzHoBZjEtJYaW7FBDIeBgLIMLATgLz1SJSnS-ousoEgYxUuGBp6FuchciUG4WId2C3aFOiPYAOpz5QRuTsPpRPFG6Yi-o4bOtdpmU_fTdqTKWeIR_PQu2V02KCKZdSutem9yEgSaLKAjxIhiGDZXR42s8CWwwqPwb6JLet8KcrwDSDknxCPMiFK4wnm30VU4CWghd7Kxd1AeQxhya-jB3XDkZoxtef1WgZjLw1_Rb2nJgh_v4gCkulI4aR_RHiImUvXS4e5dZlvPk8YPb4GSbJyDhwlYZk3nEjya6iv2t0eMfIpP5iDkVTNqrcTVaPQvdRPm2uacCBetJHNpmwD1_eNSp-9BoYX4_tvc8t8dtDT7uEB3WjmjmRz9GnHTMS4ht0r_a2qJ_rQKUrAMPJXelF3psr2WM12m_6hSQp_Fh1rNiRhSEC93e7EJKD0Y74P4bA&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
cafe /
Resource Hash
c0fd2f3c6dd14a7bf43482e558c0ef804eb9e15978d7dfb8f584fab22ddbecf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17284
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A404 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Thu, 05 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
XPQK36ZER9CRKS11
cdn-cachedat
07/07/2023 01:47:30
cdn-pullzone
53731
x-amz-id-2
mTOZvT+dViFEnXbdMieeIDxf0x24WT/uSdiD07sBGMn9LykYofikgvDE4pImCCIDh6WUqbyXrcU=
last-modified
Wed, 05 Oct 2022 16:49:25 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a39d043b7c7bba70750cf288ee5ef71a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
c3e0d4336c2de83809218d6a2ef7443c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
64.0a035390359aab65eb82.js
load.sumo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
EA5PWJXNP1GBHPCQ
cdn-cachedat
07/07/2023 01:53:36
cdn-pullzone
53731
x-amz-id-2
zkxWwTdtBgLtEW47U1GFGbcEHT4EF1xNTQC3zntIgeMozv+e73QWQDWk1fHvU+QddG0us9tlRc8=
last-modified
Wed, 05 Oct 2022 16:49:45 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"d200986501135078d1fbd7f480e7bb08"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
5d8c5ead34ce2725b0df5c3d94faa6da
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
3WHT15W2TJWFMKM7
cdn-cachedat
07/07/2023 01:47:31
cdn-pullzone
53731
x-amz-id-2
VZjr0K5Y8SUXWSYHQImuxYw+Exhyj1Kyjsa9lNkbyPzFc1SQBSWWHUm8YElx+Sw55wP8K1fK+xs=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"31baf056af3800bbd6e4f9e8b445d052"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
5bab0f183f4a0a7484859f8e9429e974
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1.0a035390359aab65eb82.js
load.sumo.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/1.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1081
x-amz-request-id
P80BVE0PHEWQ2JM9
cdn-cachedat
08/01/2023 19:54:56
cdn-pullzone
53731
x-amz-id-2
47xqmbPEynfSY5x0q4aavFZbTTIv2zMUSpML3Q4HGHo4+gfBgSap26BbxrV9SuchoY74dTGDE9c=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f9b0aedd5a94b36e30a06214fcc0644f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
2ed4f7701e4b516c619c1aa7e3bd178b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2.0a035390359aab65eb82.js
load.sumo.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
XPQM4KE27F1PV1RK
cdn-cachedat
07/07/2023 01:47:30
cdn-pullzone
53731
x-amz-id-2
oA8LQN3Tk/ne2zEnCJcTDIXVqtH0lmXgqdnClhbLqUrZ7AoJhtGig12OgATcN4TrCkSO40O6SCY=
last-modified
Wed, 05 Oct 2022 16:49:10 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6bfdf1ae8492f107706ac037915be663"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
209057921e36a78bdfdab7faaeaf22ed
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
3.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/3.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
R60C7FXJ21PXAPKV
cdn-cachedat
07/07/2023 01:13:01
cdn-pullzone
53731
x-amz-id-2
O0tMEwhbsqQyZiX5GXQzqptM/vrTtc84hF+8beF4r4upjDiyoM9+EFz9cyt8R5yVp3tU9U6ytho=
last-modified
Wed, 05 Oct 2022 16:49:17 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"2e9797cb3f2d07795148e1bd54b404a0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
6fd1306c43bc7935147746733df633bc
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
14.0a035390359aab65eb82.js
load.sumo.com/ 		313 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/14.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: http://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
bfa42f9fa4a3e06f41d0ec09ad9e7e63f598990a65422ebc84f560213573c65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
64XTHV25JPNDNMFG
cdn-cachedat
07/07/2023 01:17:03
cdn-pullzone
53731
x-amz-id-2
CZ8hdr++ep9bfdT8TZW4Mu9KjlZuRxL6WFBxFFwfTj+79rmspihKS4zmpqNjXh1Yt1zSg5F9fcc=
last-modified
Wed, 05 Oct 2022 16:49:06 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"e3c476ab6f9b1c6d1176596a8b141e65"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
edc4199880835bd6e4c72dc91b869504
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame D2EA 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lnchd1rj&c=3716479275237&slotId=1858239637618.5&qqid=COrGwsDc3YEDFShMwgodUFEPGg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.99.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame D2EA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 15:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 15:06:37 GMT
file.mp4
r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame D2EA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7B7BD0114CBCA05B2D7FC1AA674D8CB58F4A6AE5.3751A82F04CDD6AE1834AB54AE389226CFD95FC0/key/cms1/cms_redirect/yes/mh/g_/mip/176.115.237.162/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1696467193/mv/u/mvi/4/pl/22/file/file.mp4
Protocol
HTTP/1.1
Server
74.125.13.233 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:57 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4005241
Last-Modified
Thu, 20 Jul 2023 21:38:43 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 05 Oct 2023 01:09:57 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:57 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7B7BD0114CBCA05B2D7FC1AA674D8CB58F4A6AE5.3751A82F04CDD6AE1834AB54AE389226CFD95FC0/key/cms1/cms_redirect/yes/mh/g_/mip/176.115.237.162/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1696467193/mv/u/mvi/4/pl/22/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
Redirect Chain
  • http://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
  • https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Requested by
Host: client
URL: about:client
Protocol
H3
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 00:17:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Oct 2023 01:09:56 GMT

Redirect headers

Location
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A404
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1&google_push=AXcoOmSP9XDZJb3dWWc1LIBkQn1T8NYZdBCRNJP1p703_jzcrksthUiain3bLXH248EhpPq8DnKQp0cM9jaVsDvxcl8PUnWWLl1ydkRC
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM4NTc1MTIzMTcxMjA0NDA5MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEEGG0dqZKmi3w5u6UQYHCg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A404
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmQSSM5iCZJnoVqjnrvQVbVsS7iG7EZk4UX-Yx86yl6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmQSSM5iCZJnoVqjnrvQVbVsS7iG7EZk4UX-Yx86yl6OZOz-TTlt006U4fsvJK_V-gx7BhiKDcpzTyAAhnGOeZSQ2-b8-OEuvsp7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Oct 2023 01:09:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MFY2SVZlNEgxUU9jU2Y1&google_gid=CAESEPUklY2JJALODUToOu07Ptw&google_cver=1&google_push=AXcoOmQSSM5iCZJnoVqjnrvQVbVsS7iG7EZk4UX-Yx86yl6OZOz-TTlt006U4fsvJK_V-gx7BhiKDcpzTyAAhnGOeZSQ2-b8-OEuvsp7
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame A404 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESENTI_NPuWSL2FRlnJpfSUr4&google_cver=1&google_push=AXcoOmSTjgBaHE0_1uTIrjmqB_7COE-HURQpajtd2i3WHEL0cGBPnS3gSwnBoM1FMERz95uu5dfhnhY_8I_ukQ2n8AG8DY2rUCweHk1c&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSTjgBaHE0_1uTIrjmqB_7COE-HURQpajtd2i3WHEL0cGBPnS3gSwnBoM1FMERz95uu5dfhnhY_8I_ukQ2n8AG8DY2rUCweHk1c%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8111c8338f8392c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A404
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPbRt6o5z1f0NgmcF2jcBM&google_cver=1&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7_CoiS9Lo6ocLTUev8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7_CoiS9Lo6ocLTUev8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B44BBE51768432590C590EB8328B7A3&google_push=AXcoOmT8mNUn7Vrdtb0cu6Bka5lVeU75RWssH_gTgNPwukl7BEplCe3hUayEO-2e_TDjolDeWy63h71PXLjTkN7_CoiS9Lo6ocLTUev8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 04 Oct 2023 01:09:56 GMT
pixel
cm.g.doubleclick.net/ Frame A404
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH65lON89sCUL-RB3J6T7hI&google_cver=1&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951U...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951UvbR51hiTr2kAG0OB8Y&google_hm=hmUeDONsFbVqk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951UvbR51hiTr2kAG0OB8Y&google_hm=hmUeDONsFbVqk9ytfw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D651E0CE36C15B56A93DCAD7FBLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQgkQnngHP-MhnghfBkQyf8W_bvHIUBQfHN88PctudKGMLIGL_DfYV9-di2Hq9NwGURT4DtizKK5A951UvbR51hiTr2kAG0OB8Y&google_hm=hmUeDONsFbVqk9ytfw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D651E0CE36C15B56A93DCAD7FBLIS
date
Thu, 05 Oct 2023 01:09:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A404
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsCAOJ2NeUKsMAehMrxOUk&google_cver=1&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6r...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6rPW_lnSrmP&google_hm=eS11ZFkuRmVGRTJwR0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6rPW_lnSrmP&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR3Nz1PZtHvLkWhdNO5Yz38ia2EikEk5VZfBvsM2yh9IabCwTbkflNRBiAe_RUKPhuF8oxE2sWxmfiCWpHR_rdAX6rPW_lnSrmP&google_hm=eS11ZFkuRmVGRTJwR095VHdINllzYzB5LkR2b1hmMEhhSn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame A404 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQbun5BeCZKs2KXXkbOwy8S2T6IxWXi657Fyn-2jPoGh-iK1sqzm4NoZcZ9N7Q7JcbKGEGuI5woyebIgVnIAixkI3fbQAW426n9&google_gid=CAESENMZ0yufb-uP4qH3ade3WiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
212799
expires
Thu, 05 Oct 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A404 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jk3fDT8va4S2dqKBXjsms8MMvQ3jJY5E4dr_xtQY2GNQTYSle7QApG-k0GGAm6FaLfoPge
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 991D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
57777
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 09:06:59 GMT
expires
Thu, 03 Oct 2024 09:06:59 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
w2img_1_1_1_background_frame_1-3326317b-a199-45b5-95c7-291a8231c606.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_1_background_frame_1-3326317b-a199-45b5-95c7-291a8231c606.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4024d41ef74cb991281b3daa5cbe1dc84b65cb1b6b34f873658ce83d8da71ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 21:00:30 GMT
x-content-type-options
nosniff
age
14966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146227
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 21:00:30 GMT
w2exm_page_1_1_2_propertyName_1-729f46a9-2177-4a2f-95b7-a75b10f22edf.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_2_propertyName_1-729f46a9-2177-4a2f-95b7-a75b10f22edf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08a82b3fec078e2a60ae3d845ab4914c98be2a0d5774777c330e37958b6874be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 10:30:26 GMT
x-content-type-options
nosniff
age
571170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2593
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Sep 2024 10:30:26 GMT
w2img_1_1_2_background_frame_2-8ab1d99d-5218-4100-8ca3-03f09bda202b.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_2_background_frame_2-8ab1d99d-5218-4100-8ca3-03f09bda202b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
028858fccd07bd37e8c54ec2a5fe177c7cc04fefa904248e185291ec4278357e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 21:00:30 GMT
x-content-type-options
nosniff
age
14966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102317
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 21:00:30 GMT
w2exm_page_1_1_3_propertyName_2-5f58f4f0-c179-4135-9e70-41794c22bfa0.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_3_propertyName_2-5f58f4f0-c179-4135-9e70-41794c22bfa0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
103b381a26289c435a8563c67534fe312e9d0135280f6facc67f201a24c69a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 10:30:26 GMT
x-content-type-options
nosniff
age
571170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3068
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Sep 2024 10:30:26 GMT
w2img_1_1_3_background_frame_3-f27d9af0-f710-4126-82bc-dcacf1827000.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2img_1_1_3_background_frame_3-f27d9af0-f710-4126-82bc-dcacf1827000.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bdc24f7e998a3e9dfe529050f363cc146ae9c744973406b22ce407ff50373b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 11:08:18 GMT
x-content-type-options
nosniff
age
396098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77481
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Sep 2024 11:08:18 GMT
w2exm_page_1_1_4_propertyName_3-f231d6ea-56a7-4e04-85c2-172c109d6306.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_4_propertyName_3-f231d6ea-56a7-4e04-85c2-172c109d6306.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3887aa62f7f1cbc9b675bc7cb09deb3d80ca7d80cfbeda9d2235bdc3ac5c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 10:30:26 GMT
x-content-type-options
nosniff
age
571170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3534
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Sep 2024 10:30:26 GMT
w2flsimg_1_1_1_logo-8280e829-2634-4fa1-abf8-b5d400870611.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2flsimg_1_1_1_logo-8280e829-2634-4fa1-abf8-b5d400870611.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b2564030707bccb5237ecac105a1758172972bf9abfcad686f6bf2413bedce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 10:30:26 GMT
x-content-type-options
nosniff
age
571170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2197
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Sep 2024 10:30:26 GMT
w2exm_page_1_1_1_CTA-c3325dc1-b321-439f-a726-3863f2809fb5.png
s0.2mdn.net/sadbundle/9463147228097937408/assets/ Frame 72B5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9463147228097937408/assets/w2exm_page_1_1_1_CTA-c3325dc1-b321-439f-a726-3863f2809fb5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d5c89c37de2253f017356ebcc1a0b3a7431fd5eada0deeaa6cbded7a7400183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9463147228097937408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 21:28:37 GMT
x-content-type-options
nosniff
age
13279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1743
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 16:54:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 21:28:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F011 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0NktyfqO8rJ1vteCRcAHpiXJzhbSog5Nr-zjZo9sGSVFcbnrJgeQ-p34NOZo_L8cRTCx7VU2djhr6pjs5OSjEFGk-uMRiX4n2ueuF0bQ5qjRWXufEqFiopgytUI4ZOF7eRo_B4gTVfn7vxIj9x2L-s2cuJqJ2xr3_FPl33pX7xm1_SAPhRD4hM1uI5gAZCxCe7n-ILbt5ZtVve7hdjfpDTR2X6H2VXxOdhDBtd_Rd3Vb6cqkOPAF8BPKiOAUGQWGjE9XHoIxSL80WgN-2YWA65OBifIYCpAN2WV2vMPC-mzc3FxYcAc_7keL7EI-zF7J5XnU-Tr1rbDSzhwvubIS8u1kRFZMEqKMI0CvDzCvUJXDXXNIpXa-AgSOsC7t8BTSe4vObr9Au3jfZOdf6jhx2953WAvuIdAYMXAmCuMdcxHm3bWebbg8BfXSI7BKM21P3o6xX2CQ_mCkYEBHrSRup8jhMYMNlm9B-HBCTGiafBcm_W5rxPLy7XmodB2BZAiuUnBd0SqZ0DbZ_Pan6ZmdeY24V7FvzmqxID6FPCWrzzzp0aaJ9f61aiMCQwVrWZi0BxXH6TNntW3JFejjZaLhaVuLCqpN2zWMCqNrddUXwLe6PWg_GbQ5C1tFAxtCHflcPcl3p2Qnuffo8dupvGFBjfj0HHiEj-5E2Kxi_CoBa8sCZwbMNcf59Xw0AEkXmP0PEXTYgrlnFVq4qK3-DzkA9DBnG-Qn9RHNO6i7breBGtBwP0FOodugoC-F11oFkddOclX0XYn3KIbU7vlw15VKwa9F3rTXIYcZIBw0P4h3SeHYH5yyc8_M9AUl27gthXGdrb2F7M_VCuVtp7iYSC8QReQ33BUR8ULKZG4BNMSatf80BhbpvlVQdJFbYED9IhI80UKxlDxzpeN1KTM_XutCNOr6odYK5KMGm0rX15p7XRwEe7gml3utHMqDAveyoxa60Hi9bII4mAtQ1_uVx_I1rPLoJ3o9wKIilg7Wf2YVnPVGp1ffD-yeJNtBGZ3zVfLorJ4dLitBD0wbjCGBuEUYGtl-CauZIY_iTfSBYKXEbjk8aRT-XmHsMV9rNSzaCWqAQaq-NxYkRTj6JGz6PXyA0h-11R-1okaKinoURyQDH8SaF51OCktLJUt3Vm97ChRwZv4n26YKyG2asV1uiPQUfZE-G5uS8Lqx76_BealcTD1MwQUxYSWtOUesSQUku4qHI9ELmjxEvSXYjtBflySBV24M56N9x9-eNg8ZDEtHvkurCV2BUQ5LsYChJPHVJlqot3zuW7hnXHfe0nCrtzkZ4RPeNOMixcXhjFj1FA74&sai=AMfl-YSIw8_tkLm6NnrAV6vVeeZ5XsGepy-Ul06mJmvKAMG5HuY1skbwF_J7qhGM8uUN70LU8PZ45clJ7S7lE2KktlkUjO9e8KJf-Ihljs5sBc5fYOwwQgU1E6V0NrBC78rbMaEWIaffU2wxbsir0BdURJerkEJmBtfK5WvW5sJhzTPeo2SYkohIhKtPeXuabxSpMmLXYEIXOox65-r7P6fjrmYuBoMu0EyL3lVn3mh9PMhdl8edPLSp3b_mXMyNU-hueXn_q4S3Y_aWnmFj3zrfmu48og5Oa7nD&sig=Cg0ArKJSzKmBto8G80CJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1025&vt=11&dtpt=452&dett=3&cstd=569&cisv=r20231003.10094&arae=0&ftch=1&adurl=
Requested by
Host: brainden.com
URL: http://brainden.com/color-illusions.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 991D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 04:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
161006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 04:26:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c4c23bb417e41359262ea5caa69f6dba165a58b33039ac8cd392e34477d4ea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12089
x-xss-protection
0
like.php
www.facebook.com/v2.0/plugins/ Frame 2395 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26f98cbb792bd4%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=114&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=84a1ed5c5fac441f6bc015482ce2f980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbed6e25439c01670a91e40645c1bd19e5f49f860407a215ba093d658ea4debb
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
rOrqm/3wN+1hnK5D9VnUoK1orqO0GHFgZ1ixScgFOk/YGbUOZPASBnSqY+vpF+6oqz9XxBz0oWTvXHOglHciIA==
x-xss-protection
0
like.php
www.facebook.com/v2.0/plugins/ Frame 87B0 		50 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff48ea78d15508%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=220&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=84a1ed5c5fac441f6bc015482ce2f980
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
645aae9e9198754f291f814922f493c1e77639b7971bcc29d3cd2d13e6042d93
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
kGGUJ2zsj5v0480Yq13Xc9pPWMNs0Qx5CEirYI6othZzZUQiO8xE3aZTmrgvbUdf5Hs3kusAZm+TgYsGNj9LZQ==
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Oct 2023 01:09:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7881 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLtkaPBZGCfNfKjbsNANF9wGjG68l25OIe8HcXfJ1_0Pz23YOy_TlexUl5zJchkRDkXl6wwl9FEwMUx-Ndm0o-93us9av3YwbBCYl3&sig=Cg0ArKJSzMYHG88A7-3NEAE&id=lidar2&mcvt=1020&p=0,0,600,160&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1696468195084&rpt=268&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C020 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9uNxJ26nW_Du91usj29NqvQ9XGcS01Bl0vMK6a2w6BfbNBoimh8PCbhy7TuA_LhJLQSgfi4fpaRHtyUY3t96gdglOIb35MsS1kNyj&sig=Cg0ArKJSzDYfIy32Y418EAE&id=lidar2&mcvt=1023&p=0,0,600,120&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1696468195048&rpt=240&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F011 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYWUe9UwfWSCfKg4jGm-RmSZKkxzwda8r7uK5EHkWQ4rADrB_cNOmeZeeySgqWFr9Wx2Ot2mvi5h5hoLeZDr3U4PTF2dKfdy9b9Hmaxuh_z-UNE7ONn6IgguWPOP_AHuAjdybekub00SPq&sai=AMfl-YRPely_O91evoyxz-2yUe-1KPHiT5d4jRfghq6nx7QPfx8BbcrPtgdet7Lza_oBfHWE4MWLdtbvkrp5Qq0Q-JIVs7Y4FEAZstVhp9clVvDp2ea_tZbj2uR27jSo&sig=Cg0ArKJSzKikwqoh-b_xEAE&cid=CAQSPADICaaNGqXYAH7aQtSQyYjVPQ9DdXMblmNe-_rV32uBrf7oaPXQd8zq0Jj0Q4PdQFV7z1h_kmTKzsv_jBgB&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=963,1003,1003,1003,1003&tos=963,40,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1696468195121&rpt=653&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B5B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
31486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 16:25:10 GMT
expires
Thu, 03 Oct 2024 16:25:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A59A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ccad342eb87e633874b1543e6762fdd6ef1b9944021beabe39245a2a8824a5c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ojab1zQDjJ65X3ZzURyY_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://brainden.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ojab1zQDjJ65X3ZzURyY_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 01:09:56 GMT
expires
Thu, 05 Oct 2023 01:09:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame A59A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=391758873652409&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 8B5B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 20:04:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 20:04:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 991D 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2FZh5AweZY3HDM2i-wbE1LbwDAAAAAA4AeAEAg&bg=!_P-l_7DNAAYMG8UMLBs7ADQBe5WfOB7I3jZIM8o-xZ38waaFsE0Qcf9sordcvZqVVWyFxFia1RJj4FOQXmOSsoExg-DeAgAAAJNSAAAABWgBB5kC_qEhc_CRG-2YHDydLUMP_MWQDer0k_5o1XpduhC5QOIOQU_JWkuQOcuwUoicaOKOWUY0thoQnAdJNq1eMJhROWj0XEKBX5w5FlCRPQrjWrygxxKVSXAj8hSJEsjUgjw3FjqcodmfcPqlNa_dkECx4aTB0s7dMYuig5_hgOnxAzMh68QNzxr2LEjEB2Ru1puyPotsAq3D7YslWCe3SXRfc_5i_FBlbxtu-Pzdy4O-i3GpK2bdcssb1cKIenunQaUzX9YkCZ4HzQJuObyj0_86hbvAkJA6yaztYGBYbbBEkZwcAWsfq0zI-prjOAfLCqt1TXM-fmn8_rIXPqduh8mrYJSeaHsQJyAVI1FNlxQRpdXKn5NmVlidFW9I09PYkUtfi0ZgJrzhM7iY_MTfqu5WmIlNMirBbwaZfyMFdbrivLqgFXXV9fkCIwhVUjhs5EgV2Ta8DGblKGeptGUufXMecCLjfJ5ETnqJx_OvksjHxglLxl4KMBuHkYIHrQrMnOlHyn87hexTQv2IO_i3F6GF3Pz_47Que3tbkvfijeKjZlkUBbVUyfV1XoA2fMZfejxr517dc996nSYLaeAwIZca8CT2Cc9HiwLhwtm2LeX01wHDT-du1Q_RkndcbE98TEFLBcqx_DlcJIxXlhMuJEfpzTMdkyhOuFWh3U6LwUQNuKuU1SmuJI-nsUu1CFpeNZdYEM9uKLkcILKrN09yN_yAhcjhE4vf1-THI1ZdxC_vumyChy2EkJgg-T-JqV54jbbO0hL4YHgeWSi9cbC3TfyzbiKwefC1mBs898McnGiG-8kcmlHw--v8V86fG1cfiNsqqAWO7IoidP-4Dk3qzaatRao2H7cCmSSEnMcC5kpwRk32Z9DittdxxxuY6CZdV-IJkPURyK1sNv63LkLPG_Y6mux7LRjGKEcWudGvHS9Wxdt8VUi7N_FF-U3se71bTNLJegaixmAjSx5tVerhN3pKiA02z94eemLYJNkeS4DL1zevJuWQx6fE6TGM5F0xBNw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8B5B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EPt2Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=391758873652409&bg=!V1SlVBvNAAbjlzx0w5c7ADQBe5WfOMshpCRUMC6T4tzNYCIMGtOdGztcMzga-aClJ0bWWnq9Zc4w9dvsOQufKWdXfDDwAgAAAFpSAAAAB2gBB5kCrZIemci-MgB7OhLbUz5ptpBseV8OYe-IEVEQ6r_fyuqr3BQ1tACZ8XlgfmX1Su70cbqR_o7XfP7lqixtl0uIQY-05d59JDwfoydJ4zhcjEAMSAsZN-oYd1xhQQv5Wycq6ETCaAUAc95MXdw7GkX6CnjCEJZq_jZxx3tIQAKMnpGaEE6RXXB_r7tM4ktE0SgYsy-eddthVsxN6D6ihEkhAsxErgTtsAlB1MMGo952EKW3GLUtmUGIDu1hAv33r8PeT_Mc26U5_q8B2ypLb52RDT_c4XIwzKz32fh-ZGypgSu0lkEIbgDJV8O93B_DK2oFP2ChGtPdSjveNwBoBOTaLzvyax0mc5Wb4FYIKI2Ebow9hTZAkYFgmRVTtlbcBULhMnZo7hjgqIbHjmMjqc-g0HvZL_NH2szteV4AkcridrMjw-D9w4Bhf1TSgUvijtx_ZfSq6amWpiJKxWcCxrqrOaht1tH_tO7iC6EyIddyo0LxQF2J6gBaaG1BkUBnnhUthzssVv9fx_vg6GsWhq4RZeFksiSdtIrnvZ4H0Pucp29B9-WLHzUMazMKGgGrnSQciKrtgps2RD5GwGj8O86qQYUO3Y6Q6Ih5Z988D0GQQXpIRgIguGDoS5utprIetJcaJzjPcYruG7mko_VX-gyJBUsVpXBPZuGgRHQYPHy5x5aV56rFLlAAtAH_IxjBDX1ceEUBOjJEdcmq6mKR2aO96HJcBaKKvIOw7QlVj3024vxHtXD1cjsbECs22V7USwNdrEfTWEQWi4PMnR1Mlu4mC4nHkbwNCJENor4KuCFXSTGMgge07Hpo1VPn8RiDJc76EZb73ji7lIgxJ4KgEc-UW6BrWxdnIXuAxKiErfaftnmveWpJBN-RWSiedUUUOr9-z2qjIOEHlAXdGfCvE0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brainden.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame F011 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6607018233703&version=m202309260101&ct=76&x=1&cor=993287135480613900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 87B0 		299 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff48ea78d15508%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=220&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:57 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
WMFGUAWZcBUV7syzhKJa+QW4S0wI77C9SXxilBZfIIs/pv2u4VyjPqe4VXmBRueGM5qpuUpAoN+3AYsdH190Uw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 28 Sep 2024 03:12:20 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2395 		299 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26f98cbb792bd4%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=114&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:57 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
WMFGUAWZcBUV7syzhKJa+QW4S0wI77C9SXxilBZfIIs/pv2u4VyjPqe4VXmBRueGM5qpuUpAoN+3AYsdH190Uw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 28 Sep 2024 03:12:20 GMT
8kLUhvtA78c.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/ Frame 87B0 		523 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/8kLUhvtA78c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff48ea78d15508%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=220&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebb41c3c11598b4dedf5f5e0c6c81a84f89a3350d72d8c76f7021a61dc995de4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FTlmSqkBdZtiljFsb1Qkng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138228
x-fb-debug
6izf2XeRaSxlapwQkPMzYdueyBKmjRta9xHlgiT9hFUfVNL2Ki0QUA0OgeooCOynA3D5WNbVMTqOwoCqd9g+jw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 03 Oct 2024 19:22:57 GMT
8kLUhvtA78c.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/ Frame 2395 		523 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/8kLUhvtA78c.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=113269252928&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26f98cbb792bd4%26domain%3Dbrainden.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fbrainden.com%252Ff1d62bad2fe0b6%26relation%3Dparent.parent&container_width=114&font=arial&href=http%3A%2F%2Fbrainden.com%2Fcolor-illusions.htm&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebb41c3c11598b4dedf5f5e0c6c81a84f89a3350d72d8c76f7021a61dc995de4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FTlmSqkBdZtiljFsb1Qkng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138228
x-fb-debug
6izf2XeRaSxlapwQkPMzYdueyBKmjRta9xHlgiT9hFUfVNL2Ki0QUA0OgeooCOynA3D5WNbVMTqOwoCqd9g+jw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 03 Oct 2024 19:22:57 GMT
csi
csi.gstatic.com/ Frame D2EA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lnchd1ut&c=3716479275237&slotId=1858239637618.5&qqid=COrGwsDc3YEDFShMwgodUFEPGg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1935&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1xi&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231002_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.99.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Oct 2023 01:09:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
r1---sn-1gi7znek.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,ita... Frame D2EA
Redirect Chain
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,itag...
  • https://r1---sn-1gi7znek.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,ipby...
326 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-1gi7znek.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61BEAE937C3C4AA9DF3882348CD22B1B4793C29C.4ACD222C0E10FAC4523CA441576AAAFD44AC3381/key/cms1/mh/g_/pl/33/redirect_counter/1/rm/sn-4g5ede7z/req_id/6c370fdd2a6336e2/cms_redirect/yes/ipbypass/yes/mip/2a01:7e01:e001:1c8::202/mm/42/mn/sn-1gi7znek/ms/onc/mt/1696467193/mv/u/mvi/1?file=file.mp4
Protocol
HTTP/1.1
Server
74.125.108.198 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 05 Oct 2023 01:09:58 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4005240/4005241
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4005241
Last-Modified
Thu, 20 Jul 2023 21:38:43 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 05 Oct 2023 01:09:58 GMT

Redirect headers

date
Thu, 05 Oct 2023 01:09:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/html
location
https://r1---sn-1gi7znek.c.2mdn.net/videoplayback/id/5eaceb5342cb098d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1728004196/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/61BEAE937C3C4AA9DF3882348CD22B1B4793C29C.4ACD222C0E10FAC4523CA441576AAAFD44AC3381/key/cms1/mh/g_/pl/33/redirect_counter/1/rm/sn-4g5ede7z/req_id/6c370fdd2a6336e2/cms_redirect/yes/ipbypass/yes/mip/2a01:7e01:e001:1c8::202/mm/42/mn/sn-1gi7znek/ms/onc/mt/1696467193/mv/u/mvi/1?file=file.mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=900
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
content-length
0
expires
Thu, 05 Oct 2023 01:09:57 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| $ function| jQuery function| input_default object| jQuery171002697717358650409 boolean| pp_alreadyInitialized object| googletag object| dataLayer function| FastClick boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget object| smoothScroll undefined| api object| sumome object| webpackJsonpsumome function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue object| sumo string| GoogleAnalyticsObject function| ga object| FB boolean| google_measure_js_timing number| google_unique_id object| gaGlobal object| __buffer object| gaplugins object| gaData function| showhide boolean| doresize object| scroll_pos boolean| hashtag object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients number| google_srt object| google_logging_queue number| tmod object| google_persistent_state_async object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp boolean| __smLoaded object| jQuery110206532304734336885 boolean| currentUrlIncluded object| GoogleGcLKhOms

42 Cookies

Domain/Path Name / Value
brainden.com/ Name: __smVID
Value: e5c37ed1a316bdc34f0ba213e33c121e8ab2d64d5dd08c68f5bfcc450fb9254f
.brainden.com/ Name: _ga
Value: GA1.2.826834096.1696468193
.brainden.com/ Name: _gid
Value: GA1.2.104535873.1696468193
.brainden.com/ Name: _dc_gtm_UA-261914-9
Value: 1
.brainden.com/ Name: __gpi
Value: UID=00000c8e1a6c8b5a:T=1696468192:RT=1696468192:S=ALNI_MYxl5OqVfKh6S3CyuroyWVf2tH0eQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlOQQLn8R4Sxc-6xjBMLAqWEryCUMvrnP6XLpo8Yfrsrv0owIWOYhFy8bdu-Io
.brainden.com/ Name: _ga_054PM9V6YC
Value: GS1.2.1696468192.1.0.1696468192.0.0.0
.brainden.com/ Name: __gads
Value: ID=acf004303860b869-22c300372ddf000d:T=1696468192:RT=1696468193:S=ALNI_MZKuKTMA_vM33DXONKpG6bOhdQi7Q
.adfarm1.adition.com/ Name: UserID1
Value: 7286275416233146518
.simpli.fi/ Name: suid
Value: 8B44BBE51768432590C590EB8328B7A3
.doubleclick.net/ Name: APC
Value: AfxxVi7JdRSRbIn8-TBl0-oYZGjM_4n0tIAFbJdA_3KFQ03_aZmiyA
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: 0V6IVe4H1QOcSf5
.adnxs.com/ Name: uuid2
Value: 6998582322493736533
.blismedia.com/ Name: b
Value: 651E0CE36C15B56A93DCAD7FBLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22096EC5FF-050A-411A-3B26-1B326E89B464%22%7D
.casalemedia.com/ Name: CMID
Value: ZR4M47lDFHm88rTZ0OLaDgAA
.casalemedia.com/ Name: CMPS
Value: 1117
.casalemedia.com/ Name: CMPRO
Value: 1117
.de17a.com/ Name: guid
Value: 1.8961212147350390079
.teads.tv/ Name: tt_viewer
Value: 240a349f-a62f-40cf-a012-7e131de4e9cb
.w55c.net/ Name: matchgoogle
Value: 5
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>=t:w8i!]tbPl1M>e)ZlrFUfJ+tGXxo@@ND)SL]XhFK/>A-:W1=mDt/f+aaV9s8CB!`3If)y3KL9D3I?+uHat<R
.adform.net/ Name: uid
Value: 938206215567518812
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZR4M4wAAA1z73wA4
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22096EC5FF-050A-411A-3B26-1B326E89B464%22%7D
.dotomi.com/ Name: DotomiTest
Value: 12943908195c191c
.yahoo.com/ Name: A3
Value: d=AQABBOMMHmUCEIbPD10_iCbM1bQT0CJhdrYFEgEBAQFeH2UnZQAAAAAA_eMAAA&S=AQAAAkWx95OCs5KDJQ4Vgr-lPAs
.ctnsnet.com/ Name: gid_CAESEIMxeX00psyETXTmbDrwT6U
Value: 1
.ctnsnet.com/ Name: cid_ec9b5d17d3924f8aabf74f1bfa18b94e
Value: 1
.quantserve.com/ Name: d
Value: EDwBCQGOKoEA
.quantserve.com/ Name: mc
Value: 651e0ce3-b7c4e-44587-d61ff
brainden.com/ Name: __smToken
Value: QBQnabj2Mv2WNuvdi9OxpHo8
.turn.com/ Name: uid
Value: 8385751231712044091
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.demdex.net/ Name: demdex
Value: 07279703043179339040733623499675540878
.awin1.com/ Name: awpv14702
Value: 412871|1696468196|e59cf640-631b-11ee-8502-226591661de6
.ihg.demdex.net/ Name: ihg
Value: 07279703043179339040733623499675540878
.tribalfusion.com/ Name: ANON_ID
Value: aEntuJRZdySbAIUMnXUx7Id8FpZcZcO7tfTgHmZdZbpNHrxrFnCZcFIZdPdroWmZcHfOXQml2f0Lw9JIYYVrdD9HtCi3KFQo
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5NjQ2ODE5NnZsZWExZGUyMDIzMTAwNTAzMDk1Njg5MzkxNjgwOTMxWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRRTUdINGZqZkQxR1ZmeEg1SFl0R3RaWldTNlM0VEc2ZFRSQjdib25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyOF9XRUJHQUlOU01PU1RMWTExNzY3OQ
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023100503095689391680931X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTM0MDAwMDAwMDA2MTY5NjQ2ODE5NnZsZWExZGUyMDIzMTAwNTAzMDk1Njg5MzkxNjgwOTMxWDExNzY3OVYxMjI2MTMyNzAyT

9 Console Messages

Source Level URL
Text
rendering warning URL: http://brainden.com/color-illusions.htm(Line 9)
Message:
The key "target-densitydpi" is not supported.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

720c9e365d604e6d1d08db005271e195.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
brainden.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ihg.demdex.net
imasdk.googleapis.com
load.sumo.com
load.sumome.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
r1---sn-1gi7znek.c.2mdn.net
r4---sn-4g5e6nzs.c.2mdn.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sumo.com
sync-tm.everesttech.net
sync.teads.tv
t.adcell.com
toplist.cz
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
104.102.45.165
104.18.25.173
104.18.26.193
104.26.7.27
142.250.181.225
142.250.184.200
142.250.184.206
142.250.184.227
142.250.185.129
142.250.185.134
142.250.185.170
142.250.186.102
142.250.186.106
142.250.186.34
142.250.74.194
142.250.99.120
151.101.130.49
157.240.251.35
157.240.251.9
167.233.13.224
169.150.247.37
172.217.16.130
172.217.16.194
172.217.16.196
172.217.18.2
172.67.74.129
178.250.1.9
185.5.82.77
185.89.210.153
195.210.28.61
2.16.97.41
213.155.156.166
216.58.206.34
216.58.206.46
2606:4700:20::681a:ad1
2a00:1450:4001:4c::9
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a03:2880:f084:105:face:b00c:0:3
34.95.89.54
34.96.105.8
35.186.193.173
35.190.0.66
35.204.74.118
35.86.95.232
37.157.3.30
46.228.164.11
51.89.9.253
52.211.186.134
52.211.226.215
52.29.154.74
74.125.108.198
74.125.13.233
74.125.133.156
84.200.5.215
85.114.159.118
88.86.101.2
89.207.16.201
91.228.74.166
028858fccd07bd37e8c54ec2a5fe177c7cc04fefa904248e185291ec4278357e
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
046978e743926431380d6e5647366f5dbb2be67c3fe25238d9ae154a4fc636df
05cf122f10dbfe25d2581086af738fac5caddacda98d5a76f61e9e8a98598179
08a82b3fec078e2a60ae3d845ab4914c98be2a0d5774777c330e37958b6874be
0a367d8042637af557bdcc07494e924f9b30ebf43b8405109a4e82705909c773
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
103b381a26289c435a8563c67534fe312e9d0135280f6facc67f201a24c69a36
112617feae7042d4ea92a25c3bab71f294a2325e2c360dcd25d6571987d17cc7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12baa7ed5333863913fe9f5045696e951dc5a71964d8efa5c02e4d8476395098
131d95934ca1c4b25d07cf2ee94d1d8f988fb300e89a30d2c3812d253c5c7d7d
13d668b2ba98c170ed5dc6433d2e615687d8659f0219a4299b9d88289771b883
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19785fb269860bcc9053b4417b220ada50878f42dbd877d0c7aa799da1f78e19
1992f532ce7b9b0fbb2a1d087e93297a2a6a63df656089de68c904d2bfeac7f2
1bdc24f7e998a3e9dfe529050f363cc146ae9c744973406b22ce407ff50373b5
1c4c23bb417e41359262ea5caa69f6dba165a58b33039ac8cd392e34477d4ea4
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dc412192fb68bcbe593695702821ca662c5e24010638fe385416b8da4137391
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f24e8f10c99fa1d34ca7a86688ee4672b198d56ad435100dfb35e02b38c06ca
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd8b60fb3034c1a262f1ae761dc7dedde7f6f86bb8f0ff69c0a37d041655108
2242566923867423d2f65aec243d8e8c65224b0eb1015a3018e007a02cf692b9
22d79e738ae734a0093967891f75eb9969e0537585091818ddfc97dd2e9cd3f8
256c79888a6676c4424dfa8ead805aa62007a91f0a98c9dbb1d250a75ddbc780
2649394e4e1c43964efa7a3770c4db05cd5f8e3f6f25f541ab2864f46e89ed2a
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2bd04f73111427a6fa4240c968eff556e1e679f3ac0d53275534f9c333df6d7d
2ced9e6410071bf872dba61354d250ed31081d57b6bfe04465293f340d8db5fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc8dd9f9ce34108d7b8ef1655164e4335554dc58a7890d8550ac2e4aaa7057
360cec85957e15e7588b9a815c62ff8fd9f0186fc7f80a683acff4f2d2e7ae75
36ec5ec1949e3e6314d4cf1a390bf07ba4c1c686a7e3aeec1473997497e1ddf6
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
397fba39b6f7d81ba6541d01622036114a8badcb7dfcc84acf2a7ece8231e717
3a3887aa62f7f1cbc9b675bc7cb09deb3d80ca7d80cfbeda9d2235bdc3ac5c1e
3beae74d220768812d80f736aec7fcf3270415f2c38585d75a6041d8ab1d4d0b
3d6703eb597a1276bedd932419051b87ec9cfe91b76b28e9681e3948b5ef1ff2
3eff6e5130084dae8474c00e8b7bae18e7c0b1edfb37a078033f6705b7824dac
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3fe93e9bbbeb10cb06b197c50c2518d9fdad988b2dd9145584cc363bf7fd566d
40e237e41566635defeb915fefb866159c153593555a6e7b9b1d7cc432ec6c92
436022579a3314a2563eeabde4b3d42b91f0756699ace658b69a545191baeeb1
4387bfa240636d2c7173cd0e1e50ea469cd005bcd98f6c311a894bdc2fc49fac
4495afc40ad9dcae2f5e1e0eafcd3127aeee313383fbca0cd286b8d68fdc5807
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469b0958916a52f883642b0e5e11057e88a3ef05cbfeca6ac4353fed5fb14546
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5592b7f5a16224b8d18b0c1d2dd571315cfc1661a75fb7096acc04786842d8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
50be17b8a7b0e0f13a9e06508ae46ee05610000edf03e0f207e93475918f1ea2
519a1ef49142810b03eeedcc5be783ab02b1444f35789fd5d61deb7ae19ffb2e
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
53b2564030707bccb5237ecac105a1758172972bf9abfcad686f6bf2413bedce
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f6a639549d231d3e82fab85f1c1e0c4b64db09016332febdbf26a2fe49a307
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5e668b4b06d7b41ad5451294a2a77c73d56340777296fa988fe5346a73ab86ce
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
645aae9e9198754f291f814922f493c1e77639b7971bcc29d3cd2d13e6042d93
6475207ee556a72dd327dbfa85d0964acdcc683a2dac2ed6f8e8624c26fdbc49
65c9c27d0e126484fb8cae7654caf8ec2a7a8f350fefc51ff7615883d8d0aa7f
6664c9a5b39c619ae2330f99e8db964a2e671f3950cccc07cc379abdedaf14c9
66d70ae3f17f9ae5a3ad2d73751822a47d7e1a4e6296a5431925489b9df99aab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d5c89c37de2253f017356ebcc1a0b3a7431fd5eada0deeaa6cbded7a7400183
70e6f374b290dc44eb173d5088ba377b32a1979c7c336abe5aba705d5ef5049a
718ca327bad6a6647936f8c048408e139ba6ca2643abefb5ed6a7b7045db1d79
71926221f69da9f1c1b1f36cd184bfb5bedd507cd5e81c98e88af88e95b1d8f1
724dd2969e04a30abdd11225a88e64c0f26885e58185ce7ed80d5f10fffa839f
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
72a52ae85fdb6f1344947ec429ba06fe6dd78d6e710868415091def57e34e07d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
747c818e059d3a1396c97c72773078adef871bb6834b45dec94872a61fccdc98
75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
75ce2e189b45017b0d54f2fc303d4956df3401116e908a38eb4de68db40209bb
76e64ae3d9284451a2203be57a91a4f62a3aab5bec260628ad79830685c1fe4b
7782afe7cdc15c07b48ad7b23e3eecf6bbc22c75b2243d09631d7b411cd29ded
7a4d24b4e2048cc64b642c7bb4eeffde59737da7465dbaca354d7d07f34fca66
7f68e2e6ac3ece6f38b8f06c3ac641666bd86ad003c818303d183c5d592e0c42
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
80d539dea4a56dc4049513725abb8bffb1c5e627c9429d7bb420e616cd3c2ccf
8206a54720788b6f48aa14363c8de48f6ed349bab47798275244b89712e3055b
88b224b1c939068504d47d50c99ccb1754ff2083c7993de1ff0c388ef42ccddb
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff
8bd9ea457d1fe4bf8ff55bc4066f6ceb02a577f324f80104bf8bbe3c41fbba4f
8d2507c13ad428930800095ccb9123a31fda708815d2dc40e38167db3cfc35ce
8efe124176fbad3141c31d1b0a0ee61d59babdd9f0a81134ae1b94b1eac111b3
942e85bc8725ae46fdd93360ddb4987a1397d64ef3dd1566eff74eb4bd7ae56e
952c2238f1de01ea8248e7764e45f7ae90305dc7460eb0c89d494ed1bb25317d
95d35caf8056c0e55a5155e7fed360277d3d2848f5c96a1223c685af25e654d9
967e3dcc0e04dd65db7d8a8ef4deaf6a84c773b890abacf7e2d08f7e68175bb8
96ee53048e2b6bf53d6597432a7e9da11516183b3ee71dfcf95f192fdf35b80d
98c0683b66372ac32b5209e1c696543d5499b8537057b5b375ec7fff4450babc
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a42d4f7e07c285821664bdc966bd76a84cdb8b95213e708d781960e49c287d1c
a68670db0d673392194d69e07ed4e636c1c4e7b1d0b73f344f2d5844b217044f
a9b1fe7e29399fc441dd425404db012c9d7663f5fb0b6e5eabebc6f230c606ad
af3db9dd15940cc0ea6dd33ab403dd3dfff66cc2fa1db32fe31adf5b12c35a19
b08b16d8dd8cb1e8611cd92a6cf7aafcdc99a837d66a0c25b9df748843675ee5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4024d41ef74cb991281b3daa5cbe1dc84b65cb1b6b34f873658ce83d8da71ae
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
b890c3db5c207710c6c8c3dd9650be82c243058d1b7b99262915df1e0332b5ae
b99ce518c7c138e49876f7cdb03a3bee98e89dd05f9ff5ba373ef094e8557c7d
b9c4e499e5525e681fa7ed97f388d043a1d164364db542a3c69d46b306ed13fa
b9d282f61771a5fc4e99716b7c6938de3fc061e7c687f747832d121f18e28780
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247
bfa42f9fa4a3e06f41d0ec09ad9e7e63f598990a65422ebc84f560213573c65f
c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d
c0db0482de9e9570992678b27d70bbcc8537c3573a0b8e68f44ed1bfb1873c5b
c0fd2f3c6dd14a7bf43482e558c0ef804eb9e15978d7dfb8f584fab22ddbecf6
c2aae91b4ac2a7e4e49202f39ad200b9f99a9fb91179de7636db411ff6f62c99
c42ee1fe09a780d1b95c4d75074fa2134140133846581bc4fae4fdf252da8000
c63348d5a27667933c787b0eb79a73964df0d297e0c1227f3e249b0924a63381
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed
cbed6e25439c01670a91e40645c1bd19e5f49f860407a215ba093d658ea4debb
ccad342eb87e633874b1543e6762fdd6ef1b9944021beabe39245a2a8824a5c8
cd22d958250fdc80ad2cc1c6c9fe5ba6e5bd769887a3b5a71187c3cc2f459091
cf5b3da91a8c5de1d9c95b5aca265c1dc2a0a338f843c662e85c12631f142156
d05c4bd2b8eb99be5773befe83f0e2762fac4ae0e55a8e860302ca5249913371
d1ee9bfe1e1fa353463f887c33e4083b02eb6f637af304f579ef5b01aadb60dc
d1f12f07137e9235db26eff1e2e0919069ec7a4c64411bdf205bcfd86b6ad7bd
d4f13a6e57521e21326273b4142cd973ee1659deb3384e8fe936a72eadf52884
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6a09b790480030b75ee47d0faae1eaa0f0baad0eb791e348e7c41b7f5aa7c3b
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
d834cb935ac534be4a44fa1cf8136f02efb1ff42df91ca1b3c7e93463fd8d801
d97f9a73c25d4849663e696a009e4290bebd9cc755f04750f7aaa0a4a0e9a3f9
da8f6078bba22ec97944f629984b3072e8814a1f96d2ab190a0bb5d361b87933
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
dba9178f3288173408695f6a72dd989b0cb4f266743ae7bdbdd6aae625fbca85
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0523222ab0345be10df58ae0cefc8c40d91fa1ba3ef4ce5d7369f5a818d1ffe
e167b00fd51f0ab7bc8628cc9966c00f35415b5fa81c5bb36464e202f89b7882
e1798c8975355618ad3e7cd8242f2942d7aed051e74769741839356287116e39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaee7416f518d52ff8a8aa3d4bf538626eba2a0bb2d2daa77295dbe19ecb2906
eb4438527b6082eb121f9289e110fb664a7e0ff0ad9f2f460ca4626067341443
ebb41c3c11598b4dedf5f5e0c6c81a84f89a3350d72d8c76f7021a61dc995de4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ff44afc4cc9de4ca156c7a3d8a727c549e0a5865e2c6fa15329cdced24dce
f0552e81c41c1bba2dd5c9ceb2761be86b57c81adf4ebf73db851aa222089d14
f1ab07bcaf6567674cc664619d47e740a7aa11673940e21cb49eb0be6e644b91
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f56383c5309a18f4eaf3a83c632fab6a5d395361693d976422b55fddca60dbac
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fb7ecce78629cd85f2407a55710eb9a3f6e6467eff6fb8df410ac67a6eff33cf
fdec6f4d4096cd7c829f870081c8516f8232cbf6a7af203355425105accbd63c
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2
ff3aea0a59703c58fe9b588f81cb84af1d41459947eabd20db440513164e9f5a