filmbirodalmak.com Open in urlscan Pro
2606:4700:3033::ac43:a653 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://filmbirodalmak.com/
Effective URL:
https://filmbirodalmak.com/
Submission Tags: tranco_l324
Submission: On November 26 via api (November 26th 2021, 8:57:30 am UTC) from DE — Scanned from DE

Summary HTTP 172 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 20 domains to perform 172 HTTP transactions. The main IP is 2606:4700:3033::ac43:a653, located in United States and belongs to CLOUDFLARENET, US. The main domain is filmbirodalmak.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.

This is the only time filmbirodalmak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3033::ac43:a653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:3ba6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.20.229.67 104.20.229.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	185.51.66.79 185.51.66.79	47381 (SERVERGAR...) (SERVERGARDEN-AS Servergarden Kft.)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:303... 2606:4700:3031::ac43:81b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
9	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
7	52.30.186.231 52.30.186.231	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:303... 2606:4700:3039::6815:c053	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
3 6	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
3	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
172	24

17 2606:4700:3033::ac43:a653 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

filmbirodalmak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3ba6 (United States)

ASN13335 (CLOUDFLARENET, US)

paslsa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.51.66.79 (Hungary) 1 redirects

ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU)

gahu.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.projectagora-adtag-library.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:81b0 (United States)

ASN13335 (CLOUDFLARENET, US)

aghtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.30.186.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com

projectagora-483829-hdb.adomik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3039::6815:c053 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 84.200.5.215 (Germany) 6 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.46.85.162 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	adform.net adx.adform.net track.adform.net s1.adform.net	190 KB
27	2mdn.net s0.2mdn.net	814 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	193 KB
18	ad4m.at ad4m.at as.ad4m.at	82 KB
17	filmbirodalmak.com 1 redirects filmbirodalmak.com	356 KB
9	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	73 KB
9	googletagservices.com www.googletagservices.com	173 KB
9	blau.de 3 redirects partner.blau.de portal.blau.de	9 KB
7	adomik.com projectagora-483829-hdb.adomik.com	721 B
6	telefonica-partner.de 3 redirects www.telefonica-partner.de	2 KB
5	gemius.pl 1 redirects gahu.hit.gemius.pl ls.hit.gemius.pl	15 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net	2 KB
3	adnxs.com ib.adnxs.com	3 KB
3	projectagoraservices.com ads.projectagoraservices.com	5 KB
2	taboola.com cdn.taboola.com	149 KB
2	4dex.io script.4dex.io	23 KB
2	projectagora-adtag-library.com cdn.projectagora-adtag-library.com	114 KB
2	statcounter.com secure.statcounter.com c.statcounter.com	14 KB
1	aghtag.tech aghtag.tech	108 KB
1	paslsa.com paslsa.com	2 KB
172	20

	Domain	Requested by
27	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net
18	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
17	filmbirodalmak.com	1 redirects filmbirodalmak.com
15	track.adform.net	cdn.projectagora-adtag-library.com s1.adform.net
12	ad4m.at	s1.adform.net ad4m.at
9	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
9	www.googletagservices.com	partner.blau.de www.googletagservices.com s0.2mdn.net
9	s1.adform.net	cdn.projectagora-adtag-library.com track.adform.net s1.adform.net
7	projectagora-483829-hdb.adomik.com	filmbirodalmak.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	partner.blau.de	3 redirects www.telefonica-partner.de
6	www.telefonica-partner.de	3 redirects as.ad4m.at
6	as.ad4m.at	ad4m.at as.ad4m.at
6	adx.adform.net	cdn.projectagora-adtag-library.com s1.adform.net
4	gahu.hit.gemius.pl	1 redirects filmbirodalmak.com gahu.hit.gemius.pl
3	ad.doubleclick.net	www.googletagservices.com
3	portal.blau.de	as.ad4m.at
3	www.lead-alliance.net	3 redirects
3	ib.adnxs.com	cdn.projectagora-adtag-library.com
3	ads.projectagoraservices.com	filmbirodalmak.com
2	cdn.taboola.com	aghtag.tech cdn.taboola.com
2	script.4dex.io	cdn.projectagora-adtag-library.com script.4dex.io
2	cdn.projectagora-adtag-library.com	ads.projectagoraservices.com cdn.projectagora-adtag-library.com
1	ls.hit.gemius.pl	gahu.hit.gemius.pl
1	aghtag.tech	paslsa.com
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	filmbirodalmak.com
1	paslsa.com	filmbirodalmak.com
172	28

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
paadserver.projectagora.info R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
cdn.projectagora-adtag-library.com R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.adomik.com Amazon	`2021-03-03` - `2022-04-01`	a year	crt.sh
www.telefonica-partner.de R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
partner.blau.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-14` - `2022-01-18`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://filmbirodalmak.com/
Frame ID: 277814EE56BFC852CD19668C4B50E783
Requests: 45 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 108334A98BFB100AFE9359F7356EF148
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=41375934;rtbwp=QmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0;rtbdata=ZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2;csid=125670;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 0149C93375FD6CFA398F12DA4CC61EF7
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=vaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 1FAFCEBE639CE86A9BB068BE77862E2D
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=TDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 599286F2AB5EBC03420A956358D80A8E
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D582BA03A2D60D2158CE11F074473858
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 76C28F316B7837FB94D423D0069F7C7E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 53D3AA655EE9A59E6A4E5B7D8EB6874A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=48877&b=zmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuW&f=8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVck&c=970&d=250&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=5a81315f03726adc0e5bb211d6c6ccbc%2F609229074801655565&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046134&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375934%3Bcrtbwp%3DQmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0%3Bcrtbdata%3DZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2%3Bccsid%3D125670%3Badfibeg%3D0%3Bcdata%3D0IHOdooR7IJaGTVQTVjase_bHw7t-YM2BMrYUWyfMvoQ4wpR7hswRxPKXCPOX06Yfx6II5lAR0kQcgIWx4DCtM-try9DQsw1zqKELgO5xyfrGk7O_0R3WffMaiprXqhzxXceJbfdRzajJrRic18mTsz7uqd_INGXDScNA8ep1CejW4NcHoZMhdrHRgWlGgsWJ-Qdocv0rje9Gt54sLHTwLcaTenTCnZGc701JlN_s_XWSUoOJFAn0KNB8MjFWfZFVGgdqT4g6bpzzZpP0RlfjD83YsIRt2uOIBeLTkG_OoMVQarY2XvABrbIIoAY68hrKuJ3voty071PFwKoweVoVfdzJlMbr9AHC7by61Ail0EzZoxBzoWtNw53LCUhUgcoObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: B46255F45C32232D91268D26C5B9274C
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=gACsYH3uPzeoZoCA-WY7RbW0nVNy8arb&g=eeab8e5a9e3e179d50703f828b6db607%2F5393401300115855885&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DvaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM2o-AP4xF6iK-Bn-YIArWbhtrf3AJAnpA6fx6II5lAR0mFez1ZeYRC0Dxny5ThIHomWlLKJUU6Roptrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipCjU2X3C5rACQQdbdn0_M3RLBuMNV6Zq7Ald-VChFnAZMW05aIDhKXwT9YJjo5LAXBtaEHeEbtxJBEeWhPSEnnT7aULzXA4sDDUkia289t9PJBMaf8DcGuF2D4rC0yjIz3aBcny_cOWHtYxw6OOwOQqrNCCz8U-gAWZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zen9Ij0udmFKUPWenBf9JqIObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: 2397B1D24510AB85134F4BC0182A8BED
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: A618337865C3629EDB596CB20CC77C0D
Requests: 3 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D
Frame ID: 8A97FAEF6F51D29931AC03C30765A254
Requests: 3 HTTP requests in this frame

Frame: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665
Frame ID: 015EF1FED7AD527F4BEE933DAE270E02
Requests: 1 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=970x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D
Frame ID: 58F3F002FDFD76F123E97868B6AE7068
Requests: 3 HTTP requests in this frame

Frame: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665
Frame ID: AB0080442EB81615BFD96B29C967CFCF
Requests: 1 HTTP requests in this frame

Frame: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D
Frame ID: 8017E606E0F6800653EBC9A6919D1976
Requests: 3 HTTP requests in this frame

Frame: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&wfid=117665
Frame ID: 7D397BD887670CC6735CBCDFD935321D
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s
Frame ID: 3FB60BBB99B6BFFA0B22BBAC2FFA1B1F
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299084063;dc_ver=81.235;dc_eid=40004000;sz=970x250;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=1597572915;ord=u8vqoc;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBCckoneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D970x250%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=60;prcl=s
Frame ID: 68F885BAD26DB9630D7A31D10BEBFBF4
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=494004076;ord=fh39tv;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=67;prcl=s
Frame ID: 81762BDE5E648763A0CDE4FEF3572C28
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 944D591B2F9B1330D5A977B2BC907181
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 14071DD5EFB08FB627553BA5ED763986
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA05B712D319920467BE3F9863C20A70
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
Frame ID: 63FD5535C6AE93FE72DFA046ED1CB607
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
Frame ID: 2808BD80ABDB8A3D3B2372824C922FC9
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
Frame ID: 324C8D27CF2C6564E9FD1B3E79C73589
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 63B16AA3B55776B0B44E94EEBBD086F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: F9A4B8693FAC3272E773672962664331
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 25BB82CFB8D9AB3D310F78FE2F6E68F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FilmBirodalmak.com online film - Érvénytelen film!

Page URL History Show full URLs

http://filmbirodalmak.com/ HTTP 301
https://filmbirodalmak.com/ Page URL

Page Statistics

172
Requests

99 %
HTTPS

46 %
IPv6

20
Domains

28
Subdomains

24
IPs

7
Countries

2321 kB
Transfer

6023 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://filmbirodalmak.com/ HTTP 301
https://filmbirodalmak.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://gahu.hit.gemius.pl/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbirodalmak.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=165&lsdata=61UaPh4QXuBUIlqBV4fFCeYOreJwNFcTcasfdynvSDn.z7m4jSPXEWqAKpbS6n6QjM_cSEZsKtCE42SfKhXFqPp3AnLJ/DT2WVKMBjWkXT/&fpdata=3kC1dAifmJhCve9MASVGSS2OpK.8l7EYVFtICF0Kvcb.37&vis=1&fpcap= HTTP 301
https://gahu.hit.gemius.pl/__/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbirodalmak.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=165&lsdata=61UaPh4QXuBUIlqBV4fFCeYOreJwNFcTcasfdynvSDn.z7m4jSPXEWqAKpbS6n6QjM_cSEZsKtCE42SfKhXFqPp3AnLJ/DT2WVKMBjWkXT/&fpdata=3kC1dAifmJhCve9MASVGSS2OpK.8l7EYVFtICF0Kvcb.37&vis=1&fpcap=

Request Chain 85

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665

Request Chain 87

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665

Request Chain 89

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&wfid=117665

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
filmbirodalmak.com/
Redirect Chain

http://filmbirodalmak.com/
https://filmbirodalmak.com/

8 KB
3 KB

364ms
323ms

Document
text/html

2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2473dd4eb09195c6f544ed51a5a254e7a5d62c8401d7fcce315d83d8d7cace8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex, nofollow
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORJDujUXz%2BXaTidlRs4j5VTa5lce59R3d44L3PIsce6vOgNRRLgoyCQCgoajk2Xfxr5HYSmtdquVzZqaBy%2FxeshzIienjeGkedzI0M8ax%2ByzT3zIOfh0AsGWZ7uYXvbO065Auw%2FkjqNHWBpnt3g4QTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b41e8b8eca8375e-MXP
content-encoding: br

Redirect headers

Date: Fri, 26 Nov 2021 08:57:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Nov 2021 09:57:24 GMT
Location: https://filmbirodalmak.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuKo%2Bp3cfqCAoalSqr6vCyjX8VQ3gxLN0DDg802z0HbaeqFzZpEH0nlI9BITZ8%2F09a%2BgZ5egpRJ6x1uIsNyIWUWraVQHSI6PkAx3l5Jko2PjpldU%2Fn3CFMb%2Bj8PXgLwyfqlHXradW6jLGJcnyTkZmeQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b41e8b868ad0e1a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fonts.css
filmbirodalmak.com/css/ 2 KB
808 B 28ms
26ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/fonts.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db592f30aedc9f14ad1ea2114df068014a6f2828f87760cf45dc1bbdf656dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179611
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAd%2B3%2BZzuC8hvSN74xSJDEKMuE%2FzCFgMacLBQFIm%2Fn6s5LZpGR4ANXydAaLANacdlEtgx8wN5YhwqfeLFi6J7SIhLPtLFhXvf920j5F6c2WYs%2BsDuY8V0FOPqDdOHSBu5fe3W27FAiZ2OCWnNTggHQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a02375e-MXP
expires: Wed, 01 Dec 2021 07:03:53 GMT

GET
H2 200 framework.css
filmbirodalmak.com/css/ 9 KB
3 KB 33ms
32ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/framework.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4081beedf97eb012fe236ebc9169a96831e12110d39bc2dbfb48583d35fb18e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 208889
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vz7e28efivkbw9V%2B0W%2Fmp5J%2FVj2rbh0c%2BLLaveu4kp64782CsW3pMQlVzA62UHI8aMU1s3R53T3sFmWxJE7wmJEYLu3Ggabl9ewMtwGV2C3JPFzS%2Fcu9j9aP0PZPr4R%2BoP1aaGRyYlP%2F25pgdPuAeYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a08375e-MXP
expires: Tue, 30 Nov 2021 22:55:55 GMT

GET
H2 200 jquery-ui.min.css
filmbirodalmak.com/css/ 21 KB
4 KB 29ms
28ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/jquery-ui.min.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242ffc00ec4efc941b30d0a1635970f9cf9be7308c8ecfc875c421ae3decd2dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570272
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whbzYL%2BFfHBnepIeQyDe4MS8gPZTw0R6U2dBT6tTli1G2mRqplKm63PK8HnOaXvmLfZfUBrobd%2FvhTZUu%2B7qatIdZzRXytgpy28I5DIET5%2BBvuAmlKYkw0nXSV0%2B2FoW6uDGLSim1raFv4sHbbxxY7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a0b375e-MXP
expires: Fri, 26 Nov 2021 18:32:51 GMT

GET
H2 200 jquery-ui-1.9.2.custom.min.css
filmbirodalmak.com/css/ui-lightness/ 27 KB
6 KB 30ms
29ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/ui-lightness/jquery-ui-1.9.2.custom.min.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d8aea93fc18dc96667fd5854053284bae2070a23c62b933314a988affe9552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZmsuxlob%2ByQqwvGnL1A1XjjbWJ3Uhc8Y23b6Nuf0a0DukUuXFkRb6z3DD%2FT%2F4f6hEg6XpmK7ap9jJB9e8eb5gQfqqAwwu9gNqIPe7gsrfSwgzLnwbp%2B%2FgKKU6PKi8UTo6YIyJyKSyPQDY19Db9s%2FW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a0c375e-MXP
expires: Thu, 02 Dec 2021 07:27:47 GMT

GET
H2 200 main.css
filmbirodalmak.com/css/ 7 KB
2 KB 27ms
26ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/main.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d777cd34cba73e955529099f84daea00980ade3931a2318066c198996f27094

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 09 Mar 2017 07:06:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc4Hx9sgXGwBY9BxYqr95FEl9dx9L857oJN5nA8Dn2ZWuPJfVng0oDFuRjgCgTorOeswPHyxKSvm3Y4hQaunSV%2FYkkFcVskWy6Cne26eaXYX04rUkYS43BEhOn3pNgw4JrP5AtCYYbAMpUBBizZ%2Bq6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a11375e-MXP
expires: Fri, 26 Nov 2021 18:34:36 GMT

GET
H2 200 tooltip.css
filmbirodalmak.com/css/ 448 B
608 B 26ms
25ms Stylesheet
text/css 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/css/tooltip.css
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4b67e166b62584feaf4ffb68a5df29b74efcf2971972c0017c690830aad72c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136207
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWwR6zsRTMZVNcaOFEDJxke7ciUiS2ehYA4wWxkA77RD%2FsnL%2BacltAX2Wc2xpe03SxfDGUdKXUgyWpRBU7wg0lZ0puuXFG4QOoQo9rTe83A1OL3zeH814zr9SWxr%2B%2B6CYw0CBciWw9%2BHn9UYd44PVAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a12375e-MXP
expires: Wed, 01 Dec 2021 19:07:17 GMT

GET
H2 200 modernizr.js Show response
filmbirodalmak.com/js/ 12 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/js/modernizr.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c518eebb6659a43f42ebbba7df54b5033a887090f0cb7b3185a3897d8e8e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 572010
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iLljQ96Zn0V2zRYcAjZZbJJy2fUtMk2fz4D%2FwBJDmk3F5Brvy4e4z9xfaUSXSCYhfdVDjxWDGQvoWLT9ipsSndXTAOg2%2BI0r0ukk0U8nkfbB9hlZh6xSRcNW%2BuysChm8w6SJMjrVJUTAS%2Bqv17TXX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a13375e-MXP
expires: Fri, 26 Nov 2021 18:03:54 GMT

GET
H2 200 jquery-1.9.0.min.js Show response
filmbirodalmak.com/js/ 91 KB
33 KB 33ms
33ms Script
application/javascript 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/js/jquery-1.9.0.min.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=expytBBHRs7Pr3tAS7wDL8uwOFKz8EsizfGS2OLbGIkQ4%2FA1wKprJ1ZUyxr9qgAidniNh2zn6V3M61IKN5ya65nrAM22lh9VnfP9VRM%2F9MDX04LQ2cITdq7aHuzlP5UCTVkHykWgK86mzCPLNlIHrqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a14375e-MXP
expires: Tue, 30 Nov 2021 06:19:03 GMT

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
filmbirodalmak.com/js/ 179 KB
50 KB 41ms
41ms Script
application/javascript 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/js/jquery-ui-1.9.2.custom.min.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a870bb30ed31544fcad443f60864bfdc29097e3834fb42477de56f60f90137

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 569162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzjUGFSB9RVD%2F9MoAbCSG%2FBHsAOpq5tBvROOqMNT%2F8IPrnnr4IRfBSQWEtg8Qr6Q2y8%2F5QC1JN%2BUH25lx7vJqX29xAOYgZMkZmiH3H0YXaKiIuML8mJ%2B4jaGP5WG2TWjp4i77SwRfd9ZxxnT6rNdsXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a15375e-MXP
expires: Fri, 26 Nov 2021 18:51:22 GMT

GET
H2 404 jquery.js
filmbirodalmak.com/ 0
0 135ms
134ms Script
text/html 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/jquery.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qe2bBvqdU6reUPCwNlmG10uJUEUGi2WAuR2i4fPjscDwXrtHDwVC6YDt%2FTQLAtXq3wIXpXkTL5RgyCCuCZEBUQlZ8IaRuOrK7eviVPBmFBhGTZrg%2B5s3N0wFnW0StuOgOpCQm%2FbIsnS6Aq2z6FUost8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bb0a18375e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 filmbirodalmak.com.js Show response
paslsa.com/c/ 2 KB
2 KB 92ms
36ms Script
application/javascript 2606:4700:3035::6815:3ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paslsa.com/c/filmbirodalmak.com.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3ba6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04114cc2a9754e569f36ef965eb0f7d419cbdb5da6f9832b0e4264cf6ebbb306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3359
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MDZ5B7QCY08BXJK9
x-amz-id-2: u8zkulkSGYpKWcfLjp9Inb9uxRmquhcxAf8dipyQLz8aAM9OHgcmVPGbSETqZ2IHEJffnAsxuNw=
last-modified: Mon, 19 Oct 2020 20:55:22 GMT
server: cloudflare
etag: W/"a392385499f6e40361db5b0631d3f4f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGJiTJFrvO2F%2F%2FbZGOpJtSRNRRQ0WD23ogq3yUsBLti9RLiqk%2BTnQfdIAEeUpdeyYImKtAxtbz3Ae3QbbI5KIEr%2B4V5K9HmgsHqCmt9GEw8LWfSPRop9fKXwc5mNtp9aZLdIg3bxuvaG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b41e8bd1894375c-MXP

GET
H3 200 logo.png
filmbirodalmak.com/images/ 7 KB
8 KB 32ms
32ms Image
image/png 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filmbirodalmak.com/images/logo.png
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3885152157570cb9bee3c8660fd8df83795381b3383023df21d4b63b50e31886

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7074
last-modified: Mon, 09 Mar 2015 12:53:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzlBA1WVBUlHyA7vptcK1Z1TTLDtJNVQGtEd8MBbUOuAE%2BUMqIrL4sCELs7uTQVs8asOLNJ1PLek7mNMKDVYFI1HmOdjXIP5sgKePHChuaR%2BTIG7CktL7KF61MnKzCNO%2FW1kR9fBY51oggpWbSh5Bt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b41e8bcbb563760-MXP
expires: Wed, 01 Dec 2021 17:32:11 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 4 KB
2 KB 100ms
30ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=1883
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7d7256be48e7af883fb29caa900ae5305b4cac57da9ddf89f4e9e316cd7beb20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 1413
expires: Fri, 26 Nov 2021 08:57:25 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 4 KB
2 KB 21ms
21ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=1889
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 077683acb0df89a05f3ff3d6009e3231abab6f76a11a8e9ac9ce9e34950bd018

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 1418
expires: Fri, 26 Nov 2021 08:57:25 GMT

GET
H2 200 / Show response
ads.projectagoraservices.com/ 4 KB
2 KB 37ms
37ms Script
application/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=1881
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7a43777cc2346fa301c763b97565290920ce508e56b2a03939c1e5988fdcbbaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 1416
expires: Fri, 26 Nov 2021 08:57:25 GMT

GET
H3 200 jquery.js Show response
filmbirodalmak.com/js/ 267 KB
82 KB 55ms
55ms Script
application/javascript 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/js/jquery.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0AhkNP8d5abvHhOoF3FKVpIxlG%2BB6SJFUMc9wwO7yFbcc%2BJXJHuJw2uQ7nBJb%2FJpouA7j8%2Bjf3PXQJyOZISJqsJSk%2FjMq6V4GgzdjSVB3t68moVDmnaMiMif8zvrgmtO9X9%2Fp%2FIauQcpcLfkx1DEYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bcbb383760-MXP
expires: Wed, 01 Dec 2021 22:17:44 GMT

GET
H3 200 jquery-ui.min.js Show response
filmbirodalmak.com/js/ 128 KB
37 KB 48ms
47ms Script
application/javascript 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/js/jquery-ui.min.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b2d78c413afa62796e2ace4d61cdc8a654ffac36c08231ce976dc564ec3eb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 569162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Mar 2015 12:53:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bs9xQKkmTlMwDlr0Vg5rtsku5O42KMxUoIjOrwKIjF0YdHBwWX8j6YQfNfS46V50j1hcLyxVHsg20Xa0%2B9U2xb6cri6Q8xV49%2B3mHvC3N1hNK9dO6NVyiWsEEMrtDs9N%2FmmLkYCnp8A7WBt23oVjOTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6b41e8bcbb543760-MXP
expires: Fri, 26 Nov 2021 18:51:23 GMT

GET
H3 200 ODelI1aHBYDBqgeIAH2zlBBHWFfxJXS04xYOz0jw624.woff
filmbirodalmak.com/fonts/ 59 KB
60 KB 73ms
73ms Font
font/woff 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/fonts/ODelI1aHBYDBqgeIAH2zlBBHWFfxJXS04xYOz0jw624.woff
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea056984afed1728b11f4c626481c170b7f87c2986c0e3ef197d78410e084df2

Request headers

Referer: https://filmbirodalmak.com/css/fonts.css
Origin: https://filmbirodalmak.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60924
last-modified: Mon, 09 Mar 2015 12:53:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPhdA473LL6Mu%2FtWG0slECczoXlH1sDuR1Q%2BZxycDSQUrik5unfIFE8Sb8MGO5mE2MeJGH2Ahee8YYbJUTWpiiy8w%2FTJzg5O1WG62UaLVnKhP6otjhg4lJAwU1TI93cankumkQX8g6O1SXik6vtbRIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b41e8bb782e3760-MXP

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 39 KB
13 KB 119ms
51ms Script
application/x-javascript 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 11:08:17 GMT
server: cloudflare
age: 34616
etag: W/"61656ca1-9cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6b41e8bc5f7254b7-MAN
expires: Fri, 26 Nov 2021 11:20:29 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 1013 B
842 B 153ms
147ms XHR
application/json 104.20.229.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11191431&u1=02F8DDE0C6FF4F71FC29FFE08CBC559A&java=1&security=26cc5c84&sc_snum=1&sess=30eed3&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//filmbirodalmak.com/&t=FilmBirodalmak.com%20online%20film%20-%20%C3%89rv%C3%A9nytelen%20film!&invisible=1&sc_rum_e_s=714&sc_rum_e_e=718&sc_rum_f_s=0&sc_rum_f_e=709&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63e56c13d19ffe6df5e254b672706d4d6445562858c9f1026e9482e51d36e21e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b41e8bccfcf54b7-MAN
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://filmbirodalmak.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xgemius.js Show response
gahu.hit.gemius.pl/ 40 KB
11 KB 103ms
31ms Script
application/x-javascript 185.51.66.79
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to

Full URL: https://gahu.hit.gemius.pl/xgemius.js
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.51.66.79 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),
Reverse DNS
Software: GHC /
Resource Hash: 48a1892702c799884e5400853305046424ec0f0a2e4a4c3d36018cb5c5080fac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 13:46:08 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Fri, 26 Nov 2021 20:57:25 GMT

GET
H2 200 pav2.min.js Show response
cdn.projectagora-adtag-library.com/adtag/latest/ 28 KB
7 KB 90ms
19ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=1883
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 11:43:28 GMT
server: UploadServer
etag: "ab106322a67600becd8aad86f9e06b5f"
vary: Accept-Encoding
x-goog-hash: crc32c=EMIgqg==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycduBH458Gz_haJwrHqCicqVcdew1Yel-xvDwjVzsSwcI8imLHTD9PyjUhPZRd4BT9H1gPU9nsZxMhR8jry5otg
content-length: 6854
expires: Fri, 26 Nov 2021 13:57:25 GMT

GET
H3 200 toadOcfmlt9b38dHJxOBGAAD_zxmsR6vL1X3tnvCZYo.woff
filmbirodalmak.com/fonts/ 59 KB
60 KB 30ms
30ms Font
font/woff 2606:4700:3033::ac43:a653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filmbirodalmak.com/fonts/toadOcfmlt9b38dHJxOBGAAD_zxmsR6vL1X3tnvCZYo.woff
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88d545d09f5a4eee8a6b03986dde1d6afd9e4d1a28327ebc4ebb90c0ebbb917

Request headers

Referer: https://filmbirodalmak.com/css/fonts.css
Origin: https://filmbirodalmak.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60744
last-modified: Mon, 09 Mar 2015 12:53:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbEsGt%2FbYhHqYKTHdldl5tSfgrtfsGOyLB6kwD54PT7H9grsJ9Frnq99jxBo7C0aQgRBg3gQRu1BlejS7TZjOJni%2Bmbjc1zh12OdVtq7Z6JHJQKZ39DLENFykeGiwW0rM6fGlBKGja2DuYddWi6VUQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b41e8bcbb5a3760-MXP

GET
H2 200 projectagora.min.js Show response
aghtag.tech/libs/ 366 KB
108 KB 95ms
43ms Script
application/javascript 2606:4700:3031::ac43:81b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aghtag.tech/libs/projectagora.min.js
Requested by: Host: paslsa.com
URL: https://paslsa.com/c/filmbirodalmak.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:81b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b47ea38ab42540ac291495c4907c9a4fd0e57531988de7bcd6bbc6693c0f3ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2902
cf-ray: 6b41e8bdad523748-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 109815
x-amz-id-2: ila+p59kPIdnjM+unVmG4DiiI/mEiZ1bqnGHnE7Dsj0tzR7/ZPXgB5Mt3VhIGal7cQ2DT5Pp16U=
last-modified: Thu, 25 Nov 2021 10:08:23 GMT
server: cloudflare
etag: "26bdb5fc1647093e3d48060894cd987d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DJPf766eZkqO9%2BrXCzEkBdNP5kkUm4jo85wZhDveFJgCi4u02683%2Fu5rjX7h64MAy3Ew23AAr9dcxD1hoAL4LaXNFLFORNmKKRJoDfhPppR5TrseqL9RsS%2Bn0cmr4TWPRz9eIcR01D%2FIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 1BACBM6XB2KXKETP
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 prebid.js Show response
cdn.projectagora-adtag-library.com/prebid/latest/ 336 KB
107 KB 30ms
30ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 13:47:14 GMT
server: UploadServer
etag: "1766ed9e832250268e13e963571b5fc5"
vary: Accept-Encoding
x-goog-hash: crc32c=WEArlA==
content-type: text/javascript
x-goog-storage-class: STANDARD
cache-control: private, max-age=18000
accept-ranges: bytes
x-guploader-uploadid: ADPycdurBXxgBZ1ybpGuktx_oF7MWvNcfjFDnEPiwczmLHg5A6rMJAUY9t1pZQXABRweZqF0hV_OuB7dLWG5RNZWrw
expires: Fri, 26 Nov 2021 13:57:25 GMT

GET
H2 200 fpdata.js Show response
gahu.hit.gemius.pl/ 287 B
401 B 30ms
30ms Script
application/x-javascript 185.51.66.79
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to

Full URL: https://gahu.hit.gemius.pl/fpdata.js?href=filmbirodalmak.com
Requested by: Host: gahu.hit.gemius.pl
URL: https://gahu.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.51.66.79 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),
Reverse DNS
Software: GHC /
Resource Hash: 6cb09011cb8977ced63d0f7b7b90da6aee88a3cebdae794d2befc1dace5f55b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 287
expires: Sun, 26 Dec 2021 08:57:25 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1083 5 KB
3 KB 89ms
27ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gahu.hit.gemius.pl
URL: https://gahu.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 78b758cfdf74b56afd024c2923e78575633be6ab0eb809eb87efc65b0fc4a8c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
expires: Sun, 26 Dec 2021 08:57:25 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2716
content-encoding: gzip

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
936 B 83ms
29ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 689189
x-amz-request-id: tx24904699bb274cfc93012-0061961d50
x-amz-id-2: tx24904699bb274cfc93012-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfyfZjZUr5%2Bj8DxymtvMTg9rVpdw5YpjLPnjxLP2yRXTTj9fSVuiqfGDET8tml0AaNBigwinhtAJwRTSXGYfHxU4w783cAkZJFYkpt83eLADG3ktO67rl2qe6gNdf0T7unTCcqhqtMoNsVuU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1637227780937425
cf-ray: 6b41e8bebd51599b-MXP

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 151ms
101ms XHR
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTcwMjQ0NyZ0cmFuc2FjdGlvbklkPWRlYjNhMDYxLWVmNzAtNDJkMy1hZmQ3LWQ2YWQ4Zjk0YzZlZQ%3D%3D&pt=gross&stid=fcc998e7-3ac9-4a01-a6fe-7f5992f24212&fd=1

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

45999859f60e659acdd05b2a4d24b6a48702b6f5e1de0074ac6db42c7dad3766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 40ms
16ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5a987bf16001d981ba0f75cfe41f8013bdba9a9361ceacadfef1581feb0fe67a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 08:57:25 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1158b32b-e878-4334-8f60-e3405552655e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://filmbirodalmak.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
822 B 57ms
34ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

816c3ad96f7f2c3d23f4da1b990c9414bb7642cc4dce004ba47f183418a80317

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 08:57:25 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: df7e899b-f9df-46bc-8c61-c94b918504e1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://filmbirodalmak.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 171ms
123ms XHR
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTcwMjQ0NiZ0cmFuc2FjdGlvbklkPTE5NTFiMjNlLWEzZGYtNDA0Mi04MGY4LWViYTM2YmQ2MzE2OQ%3D%3D&pt=gross&stid=834cba5c-6249-484b-b1bd-61b50f347b66&fd=1

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7a626c64f093b44a7ac51ee879478dcf7c6b683c584b4a7d6ffbcb244775474d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 97ms
76ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

83f9a71a2233cf0a26cdd0c096bf7f9a7ec7470920d07475977fa4fe9e78fa15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 08:57:25 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 81b4b821-8aa3-4fca-a426-4316daa37778
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://filmbirodalmak.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
2 KB 145ms
99ms XHR
application/json 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTcwMjQ0NSZ0cmFuc2FjdGlvbklkPTNjNzAxNzBkLTczN2MtNDk4Mi1hNTRhLTkzY2M4MDQwZDE3ZQ%3D%3D&pt=gross&stid=c2503c35-9d25-4003-b788-be3971ffb157&fd=1

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

280103fff1ebf2aa2025fd49aa5c1170535f2b9b067797d137bd78123167e034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/filmbirodalmakhu-f15440618/ 146 KB
24 KB 201ms
161ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/filmbirodalmakhu-f15440618/loader.js
Requested by: Host: aghtag.tech
URL: https://aghtag.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.95.1.2-11.94.6 /
Resource Hash: 72351f98bc45a03f1ff6975aece96a95cb529b8dfce9c8a3a3c75bdbf055ee99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: xvyYMNzKTKefYWHZU7HZU94g_gfoxDOK
content-encoding: gzip
etag: "a46dd5d217f94ba9996ae119bfaa20528971b4b7"
age: 0
via: 1.1 varnish
x-cache: MISS
x-from-cache: 1
content-length: 23655
x-amz-id-2: OBCoX1Cb7eRs4vREVBnddHAp70ZiVfLccaWyWTqQZK6u5ebgR9XOfRDC0Ey8qNfhclvPLlyGZv8=
x-served-by: cache-cdg20727-CDG
last-modified: Wed, 24 Nov 2021 15:10:39 UTC
server: obaker.95.1.2-11.94.6
x-timer: S1637917046.564363,VS0,VE145
date: Fri, 26 Nov 2021 08:57:25 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 3T2X6DY9TAR4Y0CP
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 20
x-cache-hits: 0

GET
H2

200

rexdot.js Show response
gahu.hit.gemius.pl/__/_1637917045521/
Redirect Chain

https://gahu.hit.gemius.pl/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbirodal...
https://gahu.hit.gemius.pl/__/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbiro...

169 B
423 B

89ms
89ms

Script
application/x-javascript

185.51.66.79
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to

Full URL: https://gahu.hit.gemius.pl/__/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbirodalmak.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=165&lsdata=61UaPh4QXuBUIlqBV4fFCeYOreJwNFcTcasfdynvSDn.z7m4jSPXEWqAKpbS6n6QjM_cSEZsKtCE42SfKhXFqPp3AnLJ/DT2WVKMBjWkXT/&fpdata=3kC1dAifmJhCve9MASVGSS2OpK.8l7EYVFtICF0Kvcb.37&vis=1&fpcap=
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: H2
Server: 185.51.66.79 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),
Reverse DNS
Software: GHC /
Resource Hash: ff237943e77e179956e5f089eb5d2714635aa1b8622c326d7ef74187492d899b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 25 Nov 2021 08:57:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1637917045521/rexdot.js?l=100&id=.KtFN.QpmSnBQbxWdy71UfTXfZtdQLr7_c8iA0s0lJD.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffilmbirodalmak.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=165&lsdata=61UaPh4QXuBUIlqBV4fFCeYOreJwNFcTcasfdynvSDn.z7m4jSPXEWqAKpbS6n6QjM_cSEZsKtCE42SfKhXFqPp3AnLJ/DT2WVKMBjWkXT/&fpdata=3kC1dAifmJhCve9MASVGSS2OpK.8l7EYVFtICF0Kvcb.37&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 25 Nov 2021 08:57:25 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 71ms
35ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 687051
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx6b3eb6a6ba944d8ba7d25-0061961d7e
x-amz-id-2: tx6b3eb6a6ba944d8ba7d25-0061961d7e
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEFcWQvMfRgNpGlWudoBXynsem0vkcNZ%2BDOyF2WRxrAUd4hwLxCbAUmfWOf3LatIP8PUnvkuSjVnoW8LcC2fVGWeIT%2BSgMhPu0KfWIWUBWYEPgNMUfA7SPlUgQ31jzdicEYVL0zvD1Grv97w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b41e8bf1af2d61c-MXP
access-control-allow-headers: Authorization

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0149 1 KB
2 KB 21ms
20ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=41375934;rtbwp=QmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0;rtbdata=ZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2;csid=125670;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

07678c774a4d7001bfcf7f63792e8bb5de610969474ea9ccc677a826f6d20f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1243
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 0149 58 KB
24 KB 83ms
19ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:02 GMT
server: nginx
etag: W/"612c9d22-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 131ms
28ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYzI1MDNjMzUtOWQyNS00MDAzLWI3ODgtYmUzOTcxZmZiMTU3IiwiaG9zdG5hbWUiOiJmaWxtYmlyb2RhbG1hay5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IkFERk9STSJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNDk3NjQyMF9maWxtYmlyb2RhbG1hay5jb21fcm9zXzk3MHgyNTAiLCJzaXplcyI6W3sid2lkdGgiOjk3MCwiaGVpZ2h0IjoyNTB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTQ5NzY0MjBfZmlsbWJpcm9kYWxtYWsuY29tX3Jvc185NzB4MjUwIiwiaWQiOiIxMzcxZDlhMThhN2RjNDkiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4xMDk0ODYzNTgwMzI5NTg5LCJzaXplIjp7IndpZHRoIjo5NzAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTQ5LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMF9maWxtYmlyb2RhbG1hay5jb21fcm9zXzk3MHgyNTAiLCJpZCI6IjEzNzFkOWExOGE3ZGM0OSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjEwOTQ4NjM1ODAzMjk1ODksInNpemUiOnsid2lkdGgiOjk3MCwiaGVpZ2h0IjoyNTB9LCJ0aW1lVG9SZXNwb25kIjoxNDksImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=c2503c35-9d25-4003-b788-be3971ffb157&part=0&on=0
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 132ms
29ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjEzNzFkOWExOGE3ZGM0OSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMF9maWxtYmlyb2RhbG1hay5jb21fcm9zXzk3MHgyNTAifQ%3D%3D&id=c2503c35-9d25-4003-b788-be3971ffb157&won=true
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1FAF 1 KB
2 KB 21ms
21ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=vaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a529e42f212e8fc3af2f63dee6781610dd980d3da63aaeded22e556c78fc537f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1278
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 1FAF 58 KB
24 KB 99ms
40ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:02 GMT
server: nginx
etag: W/"612c9d22-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 129ms
30ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiYzI1MDNjMzUtOWQyNS00MDAzLWI3ODgtYmUzOTcxZmZiMTU3IiwiaG9zdG5hbWUiOiJmaWxtYmlyb2RhbG1hay5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IkFERk9STSJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNDk3NjQyMF9maWxtYmlyb2RhbG1hay5jb21fcm9zXzk3MHgyNTAiLCJzaXplcyI6W3sid2lkdGgiOjk3MCwiaGVpZ2h0IjoyNTB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTQ5NzY0MjBfZmlsbWJpcm9kYWxtYWsuY29tX3Jvc185NzB4MjUwIiwiaWQiOiIxMzcxZDlhMThhN2RjNDkiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MC4xMDk0ODYzNTgwMzI5NTg5LCJzaXplIjp7IndpZHRoIjo5NzAsImhlaWdodCI6MjUwfSwidGltZVRvUmVzcG9uZCI6MTQ5LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMF9maWxtYmlyb2RhbG1hay5jb21fcm9zXzk3MHgyNTAiLCJpZCI6IjEzNzFkOWExOGE3ZGM0OSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjEwOTQ4NjM1ODAzMjk1ODksInNpemUiOnsid2lkdGgiOjk3MCwiaGVpZ2h0IjoyNTB9LCJ0aW1lVG9SZXNwb25kIjoxNDksImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNDk3NjQyMl9maWxtYmlyb2RhbG1hay5jb21fcm9zLTJfMTYweDYwMCIsInNpemVzIjpbeyJ3aWR0aCI6MTYwLCJoZWlnaHQiOjYwMH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMl9maWxtYmlyb2RhbG1hay5jb21fcm9zLTJfMTYweDYwMCIsImlkIjoiMTRhMDhmZmVjYjM4NTE5Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMTc5ODU3MDQxMDkwMDAxOSwic2l6ZSI6eyJ3aWR0aCI6MTYwLCJoZWlnaHQiOjYwMH0sInRpbWVUb1Jlc3BvbmQiOjE2MiwiYWZ0ZXJUaW1lb3V0IjpmYWxz&id=c2503c35-9d25-4003-b788-be3971ffb157&part=0&on=1
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 129ms
30ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=ZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTQ5NzY0MjJfZmlsbWJpcm9kYWxtYWsuY29tX3Jvcy0yXzE2MHg2MDAiLCJpZCI6IjE0YTA4ZmZlY2IzODUxOSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjE3OTg1NzA0MTA5MDAwMTksInNpemUiOnsid2lkdGgiOjE2MCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjoxNjIsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=c2503c35-9d25-4003-b788-be3971ffb157&part=1&on=1
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 131ms
30ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjE0YTA4ZmZlY2IzODUxOSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMl9maWxtYmlyb2RhbG1hay5jb21fcm9zLTJfMTYweDYwMCJ9&id=c2503c35-9d25-4003-b788-be3971ffb157&won=true
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 5992 1 KB
2 KB 21ms
20ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=TDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c3a81f8cfa8a64d4f39f133cb00164ad7fd06be512d3dee960be3fbf7c5d55b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1279
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 5992 58 KB
24 KB 93ms
47ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:56:02 GMT
server: nginx
etag: W/"612c9d22-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 119ms
30ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=ZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTQ5NzY0MjJfZmlsbWJpcm9kYWxtYWsuY29tX3Jvcy0yXzE2MHg2MDAiLCJpZCI6IjE0YTA4ZmZlY2IzODUxOSIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjE3OTg1NzA0MTA5MDAwMTksInNpemUiOnsid2lkdGgiOjE2MCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjoxNjIsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fSx7InBsYWNlbWVudENvZGUiOiIxNDk3NjQyMV9maWxtYmlyb2RhbG1hay5jb21fcm9zLTFfMTYweDYwMCIsInNpemVzIjpbeyJ3aWR0aCI6MTYwLCJoZWlnaHQiOjYwMH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IkFERk9STSIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMV9maWxtYmlyb2RhbG1hay5jb21fcm9zLTFfMTYweDYwMCIsImlkIjoiMTVhYzljOWNjMjkzNDY3Iiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAuMTc5ODU3MDQxMDkwMDAxOSwic2l6ZSI6eyJ3aWR0aCI6MTYwLCJoZWlnaHQiOjYwMH0sInRpbWVUb1Jlc3BvbmQiOjE3MiwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJBREZPUk0iLCJwbGFjZW1lbnRDb2RlIjoiMTQ5NzY0MjFfZmlsbWJpcm9kYWxtYWsuY29tX3Jvcy0xXzE2MHg2MDAiLCJpZCI6IjE1YWM5YzljYzI5MzQ2NyIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLjE3OTg1NzA0MTA5MDAwMTksInNpemUiOnsid2lkdGgiOjE2MCwiaGVpZ2h0Ijo2MDB9LCJ0aW1lVG9SZXNwb25kIjoxNzIsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=c2503c35-9d25-4003-b788-be3971ffb157&part=1&on=1
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H/1.1 204
No Content /
projectagora-483829-hdb.adomik.com/ 0
103 B 29ms
28ms Image
text/plain 52.30.186.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://projectagora-483829-hdb.adomik.com/?q=eyJpZCI6IjE1YWM5YzljYzI5MzQ2NyIsInBsYWNlbWVudENvZGUiOiIxNDk3NjQyMV9maWxtYmlyb2RhbG1hay5jb21fcm9zLTFfMTYweDYwMCJ9&id=c2503c35-9d25-4003-b788-be3971ffb157&won=true
Requested by: Host: filmbirodalmak.com
URL: https://filmbirodalmak.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-186-231.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 26 Nov 2021 08:57:25 GMT
Server: nginx

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0149 33 KB
16 KB 99ms
59ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41375934;rtbwp=QmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0;rtbdata=ZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2;csid=125670;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:27:40 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1FAF 33 KB
16 KB 89ms
53ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=vaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:27:40 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 5992 33 KB
16 KB 79ms
57ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=TDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:27:40 GMT

GET
H2 200 impl.20211124-11-RELEASE.js Show response
cdn.taboola.com/libtrc/ 612 KB
125 KB 17ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211124-11-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/filmbirodalmakhu-f15440618/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 15fd592c9c93ee2f5fc7ec099f10f6992144a31e2ac293e395a9fd44d14dba70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: FtRkgy69nIrrmqOdWUI6wpe1Vj.._8NF
content-encoding: br
etag: "0ade19cda2b4dc8d02f6d32e05469392"
age: 24448
x-cache: HIT
content-length: 128101
x-amz-id-2: 0repGrTDhnG8v9tyCSB+jx2leRfLxdWse/FrEs7ExXW5tcciSuhzv4y4AkbWSPKfFqayd6VUOyU=
x-served-by: cache-cdg20727-CDG
last-modified: Wed, 24 Nov 2021 10:09:23 GMT
server: AmazonS3-br
x-timer: S1637917046.741044,VS0,VE0
date: Fri, 26 Nov 2021 08:57:25 GMT
vary: Accept-Encoding
x-amz-request-id: 1YP9SRTV4Q01N7PN
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 97
x-cache-hits: 72784

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1FAF 7 KB
4 KB 21ms
21ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=vaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;3177;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|1;fd=0|2&CREFURL=https%3A%2F%2Ffilmbirodalmak.com%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ba6d873abc2e9b00046f16fc0c8a9b2ee60851a3710bb99d5eb7ae2a1b8f12d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3449
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 5992 7 KB
4 KB 21ms
21ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=41375910;rtbwp=eHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0;rtbdata=TDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2;csid=125944;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;9652;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|0|1;fd=0|2&CREFURL=https%3A%2F%2Ffilmbirodalmak.com%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

957d0b7e03bb8db2bc75032de0a6ef5924e3cf8822473f8e04f7f9ead8b30b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3454
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0149 7 KB
4 KB 21ms
21ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=41375934;rtbwp=QmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0;rtbdata=ZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2;csid=125670;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;9183;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|0|1;fd=0|2&CREFURL=https%3A%2F%2Ffilmbirodalmak.com%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8dc25daebc5481a809b02bfe2ed390498f61d1644f4fc0365b6580c8fda6dcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3414
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1FAF 36 KB
12 KB 90ms
39ms Script
application/javascript 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64926
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH99KNvPTGU5Vla1s15tSUJWXoKZ0vjFX3OkuMg3G4pXgjaVvD2DPbWwDGI8vD4O%2FrLCgtCT1ImK4YSgG4mZms11D1fG%2FuvnZt7fsv%2BBEnWbJ1ELNnwx0JCBE31%2F6QrFYVy8%2BZA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b41e8c0cb71599b-MXP
expires: Thu, 25 Nov 2021 14:55:19 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 1FAF 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=41375910&csi=xdFp98iZP1W0sSQnKEcqws-4eFYgVrM9FLB2aGn2tWPrygPkIxxfk6stETyAlgnzASVWhIJPqJA8FP_L0NYG6mQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5992 36 KB
13 KB 87ms
37ms Script
application/javascript 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64926
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzH%2Fu%2FqgSvqr2uOvo47Rth0V6hLXlcJofcYpAo6Gp3yeAmBNCjG5ZA%2BLV954clTSR%2BCa5WqqIIhrpzb%2FP5gdbVKpilKyqWIN2SD%2FKUH6Otc4MTezaFhopl64DlKJ%2B0u5DqlEGm4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b41e8c0cb7d599b-MXP
expires: Thu, 25 Nov 2021 14:55:19 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 5992 35 B
471 B 20ms
19ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=41375910&csi=TbGTO_7Yb-17T73v01vKvzbKrISrMaQuFLB2aGn2tWPrygPkIxxfk2Ukwu814cL45Cn7wKdrX8ErVOm_dM2ChWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0149 36 KB
12 KB 71ms
39ms Script
application/javascript 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64926
x-guploader-uploadid: ADPycdtXvXkNTikigjdIbYNhxiQLD-4AZAv9bzOL91Gi0Vasqu-NthMEIEUtuuiuVaKDT9UyXdL8EGeHFPeRkpk5qsfqo-CjnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z%2FzIjljwFRVH5Yh3YhiVzTEV2WMWN2%2FHj3TebIyn99MCk6wMrOk2SQYTiN%2BMedlT4CUYjm%2FcOaoWeu0TTV5DoFOsOEOrMStuP7Lq5f89Ae6nO8PzT21nrL4xhBiuxH8OzgO%2FVk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b41e8c0cb76599b-MXP
expires: Thu, 25 Nov 2021 14:55:19 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 0149 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=41375934&csi=LNqYnOEoMEZOfzfYMc1t6PSipYpEG2SAFLB2aGn2tWMJDwKV3Zer3GUkwu814cL4jiICZtu5JOY1Y2LQsyvPvWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:25 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 1FAF 34 KB
15 KB 21ms
21ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:31:02 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 5992 34 KB
15 KB 20ms
20ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:31:02 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 0149 34 KB
15 KB 21ms
21ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 27 Nov 2021 12:31:02 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D582 2 KB
2 KB 61ms
36ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires: Fri, 26 Nov 2021 09:57:25 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 572556
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvDMfUJhydpIjp6k%2FmK1ADxh7FFZInfKuBoxJWoO2yG0ToShQEEZM%2BRGeW2NN4uIWVQkwprnA8BhybFb63WNKxWyTAm%2Bazw%2FDkgLiWyvLLTlNggFN0TYYDKTmFQw7TmgOjlwmBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b41e8c15e403752-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame 76C2 2 KB
2 KB 53ms
30ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires: Fri, 26 Nov 2021 09:57:25 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 572556
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FqoDc5tecPxSh0uSwGdC7Xj0ODz%2BKJv27wKweYpD1LxOSkEeqIyrKiKoYPfcKFSUfnVvtDZ4mbwo5r4w%2F%2F478mB5sky43%2FUQTWaGpOSSNYJ2J9Wwa6adE%2BPHkJ60irm3WN7bdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b41e8c15e433752-MXP
content-encoding: br

GET
H3 200 frame.html Show response
ad4m.at/ Frame 53D3 2 KB
2 KB 61ms
47ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:25 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires: Fri, 26 Nov 2021 09:57:25 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 572556
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0e1joYPITYWxaw%2FVyhWcjDaoOhECAJgSNK0nCUa6QpAAzI5fRw6YD%2BwFo%2FTXUQeCwVc6FpnDg20%2FLvJV9k%2BvLcvFfkGJdmB0heD%2BrjVoLKQ7lYFy1dIjJd3ioxLjNEsWco1pJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b41e8c15e423752-MXP
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 1FAF 1 KB
2 KB 52ms
52ms XHR
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1df5b285ca2d85dba7517893c89b2de34bc331f7d00b50f1978d6a57aa39b00

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6b41e8c23eb95a13-MXP
date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSXZoBF2uFT4WxkqE2qnQotodRdK8SP4OcQw9kc3j%2FC87uGsdKp3uKYAQt7Qa3bux%2B7IztG1NRA%2FECOHNadYHUMXEHRqRKjVKuCUmnEVRYeoE9ZzTnikpvxAbLNHn5Jb84qVIkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://filmbirodalmak.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 84ms
62ms Preflight
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://filmbirodalmak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://filmbirodalmak.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6OtrsD4Oy%2FgL5or3wNvWQw22iNAZOg7cRhRaeTOj3eZxVeMDYVDuqY6PDQj39ids1PNSUnl6G7MnvS7CGTJC%2Fpz0DAJi%2B9tt6RPVhhgSGFbb1dfRqohoSoYgTbXsjwj7zwWOd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b41e8c1dd8e5a13-MXP

POST
H3 200 rs Show response
ad4m.at/ Frame 5992 1 KB
2 KB 62ms
61ms XHR
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e68cf08ae8daf78c70aee380314eedbd0b8ab9fc231ad9cd8d94cb902907187

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6b41e8c22e8a5a13-MXP
date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YFNHlPW8gCv%2FKhqrULEt1x4C86qF9MSYuXFM8JTHtd3wK8xy1xtMd6u5KIbe%2Bo1gett92OJFHVjf1eUwq8A0tF4cux%2BvO52TLxwYYTnhlX5tf6QA%2Fo%2F8SwHgBRTGUit3Ap%2BfOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://filmbirodalmak.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 73ms
53ms Preflight
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://filmbirodalmak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://filmbirodalmak.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOEE0rY1HcKt03Vfl%2FrKF0IJM52ZmOTtd8blIvhv3fRx5KgMwrI9CPlRzYP8m52epR0QderJJoJpuDDPYqwyrD8l79POp0oxe0IENZuL44d3mjvs%2F8EVOVUYzTtnrUAWo2joZCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b41e8c1dd885a13-MXP

POST
H3 200 rs Show response
ad4m.at/ Frame 0149 1 KB
2 KB 57ms
56ms XHR
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5c95ba07f61a3e9f196f9349fa59829214307a8f73e7fc2ee234e2a42a1b5f

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6b41e8c22e9f5a13-MXP
date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chcg69i7jbHEpGKbNAwOMQtJrkwPXSJYcKh6AMQCjaQeIAjUzEvD1pLyNNOIFTl26VQcMmOlqSD%2BqUH75q7t1YsoIB0%2BkONNNW%2Bup7E9nYqNU1u1H5q6C%2BBpE8N%2FGXOW2CiIzEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://filmbirodalmak.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 74ms
56ms Preflight
text/plain 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://filmbirodalmak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://filmbirodalmak.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UWVisOcj%2BSpM62PrmIcivaEPCmvF6fk95eWK5rgzATakIiiJNZrKolIrCN23H8jTnTcagFmDlHRYITS%2B5ugDmZpX1ZCjm0xIxRHosbwynGGVJ6V%2BCHfJ3DnsubbL%2FWKLOwhEsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b41e8c1dd835a13-MXP

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame B462 1 KB
638 B 61ms
50ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=48877&b=zmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuW&f=8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVck&c=970&d=250&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=5a81315f03726adc0e5bb211d6c6ccbc%2F609229074801655565&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046134&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375934%3Bcrtbwp%3DQmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0%3Bcrtbdata%3DZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2%3Bccsid%3D125670%3Badfibeg%3D0%3Bcdata%3D0IHOdooR7IJaGTVQTVjase_bHw7t-YM2BMrYUWyfMvoQ4wpR7hswRxPKXCPOX06Yfx6II5lAR0kQcgIWx4DCtM-try9DQsw1zqKELgO5xyfrGk7O_0R3WffMaiprXqhzxXceJbfdRzajJrRic18mTsz7uqd_INGXDScNA8ep1CejW4NcHoZMhdrHRgWlGgsWJ-Qdocv0rje9Gt54sLHTwLcaTenTCnZGc701JlN_s_XWSUoOJFAn0KNB8MjFWfZFVGgdqT4g6bpzzZpP0RlfjD83YsIRt2uOIBeLTkG_OoMVQarY2XvABrbIIoAY68hrKuJ3voty071PFwKoweVoVfdzJlMbr9AHC7by61Ail0EzZoxBzoWtNw53LCUhUgcoObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec724a5dffff035f1cf49b2311beb291c06b2c82602ed65281b4b8b335ae970

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b41e8c2a8c4599b-MXP
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2397 1 KB
2 KB 54ms
45ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=gACsYH3uPzeoZoCA-WY7RbW0nVNy8arb&g=eeab8e5a9e3e179d50703f828b6db607%2F5393401300115855885&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DvaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM2o-AP4xF6iK-Bn-YIArWbhtrf3AJAnpA6fx6II5lAR0mFez1ZeYRC0Dxny5ThIHomWlLKJUU6Roptrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipCjU2X3C5rACQQdbdn0_M3RLBuMNV6Zq7Ald-VChFnAZMW05aIDhKXwT9YJjo5LAXBtaEHeEbtxJBEeWhPSEnnT7aULzXA4sDDUkia289t9PJBMaf8DcGuF2D4rC0yjIz3aBcny_cOWHtYxw6OOwOQqrNCCz8U-gAWZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zen9Ij0udmFKUPWenBf9JqIObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0de777fbb42971860ebc70a29a0f6bebcff460151f8aa27e7192411a623f3bd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b41e8c2a8c6599b-MXP
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame A618 1 KB
606 B 60ms
51ms Document
text/html 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7768c66b0c81a862bc365d1013f470efe8a80a40c302d26f2a1e88fa1c3b0a2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://filmbirodalmak.com/

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b41e8c2a8bf599b-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.14/one-ad/ Frame 2397 80 KB
11 KB 65ms
65ms Stylesheet
text/css 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.14/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=gACsYH3uPzeoZoCA-WY7RbW0nVNy8arb&g=eeab8e5a9e3e179d50703f828b6db607%2F5393401300115855885&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DvaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM2o-AP4xF6iK-Bn-YIArWbhtrf3AJAnpA6fx6II5lAR0mFez1ZeYRC0Dxny5ThIHomWlLKJUU6Roptrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipCjU2X3C5rACQQdbdn0_M3RLBuMNV6Zq7Ald-VChFnAZMW05aIDhKXwT9YJjo5LAXBtaEHeEbtxJBEeWhPSEnnT7aULzXA4sDDUkia289t9PJBMaf8DcGuF2D4rC0yjIz3aBcny_cOWHtYxw6OOwOQqrNCCz8U-gAWZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zen9Ij0udmFKUPWenBf9JqIObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed135c9f441baa1c02773d6f893f8b90651ab7542eea67ce821e5ea55dad3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=gACsYH3uPzeoZoCA-WY7RbW0nVNy8arb&g=eeab8e5a9e3e179d50703f828b6db607%2F5393401300115855885&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DvaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM2o-AP4xF6iK-Bn-YIArWbhtrf3AJAnpA6fx6II5lAR0mFez1ZeYRC0Dxny5ThIHomWlLKJUU6Roptrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipCjU2X3C5rACQQdbdn0_M3RLBuMNV6Zq7Ald-VChFnAZMW05aIDhKXwT9YJjo5LAXBtaEHeEbtxJBEeWhPSEnnT7aULzXA4sDDUkia289t9PJBMaf8DcGuF2D4rC0yjIz3aBcny_cOWHtYxw6OOwOQqrNCCz8U-gAWZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zen9Ij0udmFKUPWenBf9JqIObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 3340
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=82325
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Fri, 26 Nov 2021 08:01:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b41e8c31b393752-MXP
cf-bgj: minify

GET
H2 200 tb.php Show response
www.telefonica-partner.de/ Frame 2397 737 B
497 B 55ms
22ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telefonica-partner.de/tb.php?t=117665V1225138142F&click=&subid=oneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

2cb0f4f5bee2c3711f29773991b289eff6745885dd7582af65732fbe0b9fd686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: application/javascript

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.14/one-ad/ Frame B462 80 KB
11 KB 47ms
47ms Stylesheet
text/css 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.14/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48877&b=zmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuW&f=8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVck&c=970&d=250&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=5a81315f03726adc0e5bb211d6c6ccbc%2F609229074801655565&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046134&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375934%3Bcrtbwp%3DQmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0%3Bcrtbdata%3DZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2%3Bccsid%3D125670%3Badfibeg%3D0%3Bcdata%3D0IHOdooR7IJaGTVQTVjase_bHw7t-YM2BMrYUWyfMvoQ4wpR7hswRxPKXCPOX06Yfx6II5lAR0kQcgIWx4DCtM-try9DQsw1zqKELgO5xyfrGk7O_0R3WffMaiprXqhzxXceJbfdRzajJrRic18mTsz7uqd_INGXDScNA8ep1CejW4NcHoZMhdrHRgWlGgsWJ-Qdocv0rje9Gt54sLHTwLcaTenTCnZGc701JlN_s_XWSUoOJFAn0KNB8MjFWfZFVGgdqT4g6bpzzZpP0RlfjD83YsIRt2uOIBeLTkG_OoMVQarY2XvABrbIIoAY68hrKuJ3voty071PFwKoweVoVfdzJlMbr9AHC7by61Ail0EzZoxBzoWtNw53LCUhUgcoObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed135c9f441baa1c02773d6f893f8b90651ab7542eea67ce821e5ea55dad3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=48877&b=zmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuW&f=8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVck&c=970&d=250&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=5a81315f03726adc0e5bb211d6c6ccbc%2F609229074801655565&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046134&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375934%3Bcrtbwp%3DQmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0%3Bcrtbdata%3DZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2%3Bccsid%3D125670%3Badfibeg%3D0%3Bcdata%3D0IHOdooR7IJaGTVQTVjase_bHw7t-YM2BMrYUWyfMvoQ4wpR7hswRxPKXCPOX06Yfx6II5lAR0kQcgIWx4DCtM-try9DQsw1zqKELgO5xyfrGk7O_0R3WffMaiprXqhzxXceJbfdRzajJrRic18mTsz7uqd_INGXDScNA8ep1CejW4NcHoZMhdrHRgWlGgsWJ-Qdocv0rje9Gt54sLHTwLcaTenTCnZGc701JlN_s_XWSUoOJFAn0KNB8MjFWfZFVGgdqT4g6bpzzZpP0RlfjD83YsIRt2uOIBeLTkG_OoMVQarY2XvABrbIIoAY68hrKuJ3voty071PFwKoweVoVfdzJlMbr9AHC7by61Ail0EzZoxBzoWtNw53LCUhUgcoObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 3340
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=82325
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Fri, 26 Nov 2021 08:01:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b41e8c31b3c3752-MXP
cf-bgj: minify

GET
H2 200 tb.php Show response
www.telefonica-partner.de/ Frame B462 737 B
495 B 57ms
24ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telefonica-partner.de/tb.php?t=117665V1225138158F&click=&subid=oneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

e710b7d9ac7e4585d46cd32ec76f750424cfc036bdddf5500a66eb8db20349bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: application/javascript

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.14/one-ad/ Frame A618 80 KB
11 KB 47ms
47ms Stylesheet
text/css 2606:4700:3039::6815:c053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.14/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c053 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed135c9f441baa1c02773d6f893f8b90651ab7542eea67ce821e5ea55dad3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 3340
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=82325
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Fri, 26 Nov 2021 08:01:46 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b41e8c31b3e3752-MXP
cf-bgj: minify

GET
H2 200 tb.php Show response
www.telefonica-partner.de/ Frame A618 737 B
498 B 55ms
22ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telefonica-partner.de/tb.php?t=117665V1225138142F&click=&subid=oneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

ff3f26af45aa53e8e34fd8c8adb8952f74daf99fde3f00336c67dffd950be785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: application/javascript

GET
H/1.1 200
OK / Show response
partner.blau.de/blau/ Frame 8A97 1 KB
929 B 66ms
15ms Document
text/html 78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D
Requested by: Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117665V1225138142F&click=&subid=oneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 82ea06c734f2b3cb26d4e05c6e02054431c17e384f5585803790758afb4ec539

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

postview.gif Show response
portal.blau.de/nws/img/ Frame 015E
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNo...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211126095726592369849...

43 B
763 B

34ms
9ms

Document
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=a3a2c5b03a00902b0f97f3d3ae41de20%2F11431173444594047574&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046139&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DTDzh2E8KtACrrEbdxDq2-KxrwDLpGC-DfsjJc6N7xxcB8KVP69ZRjdZoOBUBnOpYOloJpMEcKD6TR6mOTRiuJgHlaUeiej3zEs6FRpUNARgTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH0tnV6tTt7IVwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MMO7dDSAHNFk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM26ccnz2BJrkrP0LdqA1gLUtfTsdGNrh04fx6II5lAR0mFez1ZeYRC0AvHKpSFLg04Vk8BxFhqpAhtrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipQx3J_nyfc45xqjxviAEOLJwM8SGzoB-wLpynPSQrUoj7Z-an-bxg86__rLjPex1a0xAbUouQHSPj7BT-GUhn9c-8HwCRDxcm7HI-F7IdEckjM-WAyUM5bl2D4rC0yjIz3aBcny_cOWGnUWS_5mB6OjOeOXost_u8WZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zczZoxBzoWtN9byBWpOvyXQObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 26 Nov 2021 08:57:26 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
ETag: "2b-5adc50abeeb00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-NODEIP: 78.46.85.162
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984975X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665

GET
H/1.1 200
OK / Show response
partner.blau.de/blau/ Frame 58F3 1 KB
927 B 60ms
13ms Document
text/html 78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=970x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D
Requested by: Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117665V1225138158F&click=&subid=oneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8670f2b7c0366314312bb087c69594b4c16790b0a10a4cd7703a1d2a7e4cf9b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

postview.gif Show response
portal.blau.de/nws/img/ Frame AB00
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNo...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211126095726592369849...

43 B
763 B

35ms
11ms

Document
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48877&b=zmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuW&f=8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVck&c=970&d=250&e=sV-msNoUtizRwDIXg_tXUZcnUfZqs-Qw&g=5a81315f03726adc0e5bb211d6c6ccbc%2F609229074801655565&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046134&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375934%3Bcrtbwp%3DQmfC8sHhAv54YZWmyZJmmBzfO80lTnEc0%3Bcrtbdata%3DZPkCbhmZbT827Q2a7zmUfo1owb3xWV9ZctofonAOlRiCzAYAG0jh8U70vTFmFgOJVdbe4pXGUn5O1fdtUl636w45kwMS-enpyt70_wNbNNkTp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVysSl6X2ac1xjk1OFUqqHHxqGmIKw7q5WYvYPa8lODiS0xjmYbHqNHy0tIH0ewKtsWNxJ3JFWgHaiY3X5zpS9Sg2%3Bccsid%3D125670%3Badfibeg%3D0%3Bcdata%3D0IHOdooR7IJaGTVQTVjase_bHw7t-YM2BMrYUWyfMvoQ4wpR7hswRxPKXCPOX06Yfx6II5lAR0kQcgIWx4DCtM-try9DQsw1zqKELgO5xyfrGk7O_0R3WffMaiprXqhzxXceJbfdRzajJrRic18mTsz7uqd_INGXDScNA8ep1CejW4NcHoZMhdrHRgWlGgsWJ-Qdocv0rje9Gt54sLHTwLcaTenTCnZGc701JlN_s_XWSUoOJFAn0KNB8MjFWfZFVGgdqT4g6bpzzZpP0RlfjD83YsIRt2uOIBeLTkG_OoMVQarY2XvABrbIIoAY68hrKuJ3voty071PFwKoweVoVfdzJlMbr9AHC7by61Ail0EzZoxBzoWtNw53LCUhUgcoObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 26 Nov 2021 08:57:26 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
ETag: "2b-5adc50abeeb00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-NODEIP: 78.46.85.162
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665

GET
H/1.1 200
OK / Show response
partner.blau.de/blau/ Frame 8017 1 KB
930 B 58ms
14ms Document
text/html 78.46.85.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D
Requested by: Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117665V1225138142F&click=&subid=oneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.85.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads1.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c07e6243dd6ae6d69a29200267a9fff4c81a1dfff9b0e796a2629890f0fe42a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

postview.gif Show response
portal.blau.de/nws/img/ Frame 7D39
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117665V1225131106M&subid=oneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117665&s_id=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211126095726592369849...

43 B
763 B

35ms
10ms

Document
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&wfid=117665
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=48870&b=BjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcM&f=jpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9&c=160&d=600&e=gACsYH3uPzeoZoCA-WY7RbW0nVNy8arb&g=eeab8e5a9e3e179d50703f828b6db607%2F5393401300115855885&i=20773&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637917046136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D41375910%3Bcrtbwp%3DeHHzQNwWjZ2Fadn6Q5s4PKzboUFQG3yp0%3Bcrtbdata%3DvaoHHWsZTCynnJsae5AJSe8QIX39AVtJrCzeYikLU_09ztIdt-Pk9rKp2roO6C5QJ5Ja-CPA-UsbmEer6qmX7qh-5gGoFN0cCo2RMuX03eITp4VUY_zFvyBkuie81k-TKlg9RA8My5tZfq612HEEbW5JG4z1-Lk4Md7wbpAkDL5PvT_qR-3rylaY5VMFcbGRwlH6wKvYbfITwYEunSfQ3ZX_AyjjYOQnc9K3VSMKfFh0nLO9DM955qakEE8vUSVVQX_u7dsxDVhjk1OFUqqHH1kr-RilFxPJwJSlYXlq0oCfKXC_5qF5f4Uijrq1zwd3MWx9JB75XxJk9JUJFwE_MQ2%3Bccsid%3D125944%3Badfibeg%3D0%3Bcdata%3DG6OAa3LqqtRaGTVQTVjase_bHw7t-YM2o-AP4xF6iK-Bn-YIArWbhtrf3AJAnpA6fx6II5lAR0mFez1ZeYRC0Dxny5ThIHomWlLKJUU6Roptrm4lj_PnKoB7Bh41qgHVUkbQlrFdsGDK8ZE_S9QM0nonxMEBZ8ipCjU2X3C5rACQQdbdn0_M3RLBuMNV6Zq7Ald-VChFnAZMW05aIDhKXwT9YJjo5LAXBtaEHeEbtxJBEeWhPSEnnT7aULzXA4sDDUkia289t9PJBMaf8DcGuF2D4rC0yjIz3aBcny_cOWHtYxw6OOwOQqrNCCz8U-gAWZUYY4h6cfZPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zen9Ij0udmFKUPWenBf9JqIObeTa5CHmM8pnkTpCdy6-w2%3B%3BCREFURL%3Dhttps%253a%252f%252ffilmbirodalmak.com%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 26 Nov 2021 08:57:26 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
ETag: "2b-5adc50abeeb00"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 26 Nov 2021 08:57:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
X-NODEIP: 78.46.85.162
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984971X117665V1225131106MSoneidBjRsgfqAjxs1GrtxHMt5u9t66pt4TeTExcMoneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&wfid=117665

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 58F3 9 KB
5 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=970x250&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Nov 2021 09:50:01 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8017 9 KB
4 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Nov 2021 09:50:01 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8A97 9 KB
4 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.blau.de
URL: https://partner.blau.de/blau/?nw=lea1&affiliate=117665&s_id=117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&camp=channel7&size=160x600&clicktag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D&clickTag=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 26 Nov 2021 09:50:01 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 58F3 41 KB
17 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 12:23:00 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 8017 41 KB
17 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 12:23:00 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 8A97 41 KB
17 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 12:23:00 GMT

GET
H2 200 B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C12... Show response
ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/ Frame 3FB6 52 KB
24 KB 96ms
73ms Document
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

cafe /

Resource Hash

e58d0117cb0301bd1b7f81e8f754481e6ee5e9c2ca6c27fc2ab2a96f89598b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 08:57:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 24458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25532621.299084063;dc_ver=81.235;dc_eid=40004000;sz=970x250;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=1597572915;ord=u8vqoc;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php... Show response
ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/ Frame 68F8 52 KB
25 KB 78ms
64ms Document
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299084063;dc_ver=81.235;dc_eid=40004000;sz=970x250;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=1597572915;ord=u8vqoc;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBCckoneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D970x250%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=60;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

cafe /

Resource Hash

52d7d5bd8dcbe1a04d9e80990266feeb0d48d5aee594921f95d32a73475454b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 08:57:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 24526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=494004076;ord=fh39tv;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C122... Show response
ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/ Frame 8176 52 KB
24 KB 70ms
66ms Document
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=494004076;ord=fh39tv;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=67;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

cafe /

Resource Hash

9416e6451b09eb3aa4ccdc41312786617aeb111b848e0d1daccd674fb44edfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://partner.blau.de/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 08:57:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 24494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 68F8 8 KB
4 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299084063;dc_ver=81.235;dc_eid=40004000;sz=970x250;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=1597572915;ord=u8vqoc;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBCckoneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D970x250%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138158FSoneid8RdFDf2jRJTd7ZtgHYt3uqCkk2UPTwTBVckoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=60;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 08:56:50 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 68F8 169 KB
59 KB 62ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 68F8 41 KB
15 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 08:13:47 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8176 8 KB
3 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=494004076;ord=fh39tv;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidsC-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=67;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 08:56:50 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 3FB6 8 KB
3 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:56:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Dec 2021 08:56:50 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8176 169 KB
59 KB 65ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8176 41 KB
15 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 08:13:47 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3FB6 169 KB
59 KB 64ms
20ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FB6 41 KB
15 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 08:13:47 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 944D 22 KB
8 KB 33ms
10ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 08:13:47 GMT
expires: Sat, 26 Nov 2022 08:13:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1407 22 KB
8 KB 28ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 08:13:47 GMT
expires: Sat, 26 Nov 2022 08:13:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA05 22 KB
8 KB 25ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 08:13:47 GMT
expires: Sat, 26 Nov 2022 08:13:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68F8 119 KB
36 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 08:57:26 GMT

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/18373065803625922560/ Frame 63FD 38 KB
9 KB 30ms
16ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78696719113f1066e1f39d111c220286e5f6b492576c200c3c2c63821cc51926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
expires: Sat, 26 Nov 2022 08:57:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Jun 2021 15:37:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 68F8 0
60 B 83ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf-TZzXqXTZDee0rL5wccuuI2eGfr8UKQ_FnjHlqo0rl8JxcDSdoZej4s04GtRWt1J1CIXCHP14B3pmMzmzPT8bAVvtiZHbS4GNaz8P_86v2lKXlaDcQz9aSTVULwbPuv0aUoKsg&sig=Cg0ArKJSzMoxXj586TAMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=87&cisv=r20211111.17924&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8176 119 KB
36 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 08:57:26 GMT

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/1261076069478301696/ Frame 2808 38 KB
9 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e19597f6e52b66101135e1ba58e56df065e593a5ee677ea8fab5b3bb8b79c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
expires: Sat, 26 Nov 2022 08:57:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Jun 2021 15:37:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8176 0
524 B 64ms
41ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuSqtyHc9bhyhxb9viZ5FmlIu8_MccNY8UqnpeNnZpJ8_4AlmlhtvWO2yyoswWfUdqEiYM92bMJtbka-C1--Q49QuqofmoZRJzm8V_DlKkYh-yqGsmQn5mZ-LK9JYnzok70NVoug&sig=Cg0ArKJSzNYzDMXkFmqOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&cbvp=1&cstd=99&cisv=r20211111.90296&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FB6 119 KB
36 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Nov 2021 08:57:26 GMT

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/1261076069478301696/ Frame 324C 38 KB
9 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e19597f6e52b66101135e1ba58e56df065e593a5ee677ea8fab5b3bb8b79c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
expires: Sat, 26 Nov 2022 08:57:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Jun 2021 15:37:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FB6 0
60 B 50ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI0xh_7YxuM996uJSa4CahDbxxCBaTyqnajTR_lramzmsW6WWl9c6RFSof_vwPQ6QZD4j4GsQvzN7cfj0WXxikD_CP2pbj5HNrBTtkYxSCrvbLOg-L4l0gz5lt5XOG3ks64HP8Mw&sig=Cg0ArKJSzPwrNyuXj4M_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=108&cisv=r20211111.59897&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 63FD 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 63FD 60 KB
24 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 08:57:26 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame AA05 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:37:47 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 2808 110 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2808 60 KB
24 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 08:57:26 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1407 35 KB
13 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:37:47 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 944D 35 KB
13 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:37:47 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 324C 110 KB
38 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 08:30:44 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 324C 60 KB
24 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 08:57:26 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 68F8 0
23 B 58ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf-TZzXqXTZDee0rL5wccuuI2eGfr8UKQ_FnjHlqo0rl8JxcDSdoZej4s04GtRWt1J1CIXCHP14B3pmMzmzPT8bAVvtiZHbS4GNaz8P_86v2lKXlaDcQz9aSTVULwbPuv0aUoKsg&sig=Cg0ArKJSzMoxXj586TAMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&vt=11&dtpt=140&dett=3&cstd=87&cisv=r20211111.17924&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8176 0
23 B 51ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuSqtyHc9bhyhxb9viZ5FmlIu8_MccNY8UqnpeNnZpJ8_4AlmlhtvWO2yyoswWfUdqEiYM92bMJtbka-C1--Q49QuqofmoZRJzm8V_DlKkYh-yqGsmQn5mZ-LK9JYnzok70NVoug&sig=Cg0ArKJSzNYzDMXkFmqOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&vt=11&dtpt=130&dett=3&cstd=99&cisv=r20211111.90296&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3FB6 0
23 B 45ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI0xh_7YxuM996uJSa4CahDbxxCBaTyqnajTR_lramzmsW6WWl9c6RFSof_vwPQ6QZD4j4GsQvzN7cfj0WXxikD_CP2pbj5HNrBTtkYxSCrvbLOg-L4l0gz5lt5XOG3ks64HP8Mw&sig=Cg0ArKJSzPwrNyuXj4M_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=120&dett=3&cstd=108&cisv=r20211111.59897&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3163536BLAU_AFFILIATE/B25532621.299075426;dc_ver=81.235;sz=160x600;u_sd=1;mco=AFF_la_117665_-;pid=BLU_AFF_POV_EXA_35008;dc_adk=3710336998;ord=z3hp62;click=https%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26deepurl%3Dhttps%253A%252F%252Fpartner.blau.de%252Fa%252F%253Fi%253Dclick%2526client%253Dblau%2526camp%253Dlpurl%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117665C1225138142FSoneidjpPaEfQk6AaMCgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nCNy8arbasuid__adfPros%2526affiliate%253D117665%2526lpurl%253D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=3,https%3A%2F%2Ffilmbirodalmak.com$2,,,https%3A%2F%2Fpartner.blau.de%2Fblau%2F%3Fnw%3Dlea1%26affiliate%3D117665%26s_id%3D117665V1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%26camp%3Dchannel7%26size%3D160x600%26clicktag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117665C1225138142FSoneidjpPaEfQk6AaMVgSYHetxuWCRRJUKTzT67T9oneid__asuidgACsYH3uPzeoZoCA-WY7RbW0nVNy8arbasuid__adfPros%2526deepurl%253D$0;xdt=1;crlt=PPDYXr3NKh;sttr=45;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 2808 52 KB
52 KB 8ms
7ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:51:57 GMT
x-content-type-options: nosniff
age: 329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:06:57 GMT

GET
H3 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 2808 48 KB
48 KB 10ms
10ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:50 GMT
x-content-type-options: nosniff
age: 396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2808 7 KB
5 KB 34ms
19ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad527e563053f3f7a7a1585b3c7c7bf9cb6a6eada47df7ab6a8ff6dac86a459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5116
x-xss-protection: 0

GET
H3 200 60005582_20211111040031828_STANDARD_160x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2808 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211111040031828_STANDARD_160x600_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6ea4d1ad812c451fb9ac2b469f5791747a76a8c487575eacfc204f3309fbe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 14:06:02 GMT
x-content-type-options: nosniff
age: 67884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2078
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 12:00:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 14:06:02 GMT

GET
H3 200 60005582_20211111035611204_STANDARD_160x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2808 6 KB
6 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211111035611204_STANDARD_160x600_INTRO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d936e2ab016310375fbdc0d9ee148d5432e72baf135554e8900e9228e7653d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 23:14:23 GMT
x-content-type-options: nosniff
age: 34983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6614
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 11:56:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 23:14:23 GMT

GET
H3 200 60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2808 33 KB
33 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2880bdc39c703a4b50c412c073649ae598ae74f859c4058cb7452f83eaef568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=4gx537LRzF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:07 GMT
x-content-type-options: nosniff
age: 79159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33377
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:36:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 10:58:07 GMT

GET
H3 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 324C 52 KB
52 KB 8ms
7ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:51:57 GMT
x-content-type-options: nosniff
age: 329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:06:57 GMT

GET
H3 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 324C 48 KB
48 KB 10ms
10ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:50 GMT
x-content-type-options: nosniff
age: 396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H3 200 60005582_20211111040031828_STANDARD_160x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 324C 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211111040031828_STANDARD_160x600_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6ea4d1ad812c451fb9ac2b469f5791747a76a8c487575eacfc204f3309fbe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 14:06:02 GMT
x-content-type-options: nosniff
age: 67884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2078
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 12:00:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 14:06:02 GMT

GET
H3 200 60005582_20211111035611204_STANDARD_160x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 324C 6 KB
6 KB 13ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211111035611204_STANDARD_160x600_INTRO.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d936e2ab016310375fbdc0d9ee148d5432e72baf135554e8900e9228e7653d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 23:14:23 GMT
x-content-type-options: nosniff
age: 34983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6614
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 11:56:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 23:14:23 GMT

GET
H3 200 60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 324C 33 KB
33 KB 14ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2880bdc39c703a4b50c412c073649ae598ae74f859c4058cb7452f83eaef568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1261076069478301696/160x600.html?e=69&leftOffset=0&topOffset=0&c=0nzXaBgdjT&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:07 GMT
x-content-type-options: nosniff
age: 79159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33377
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:36:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 10:58:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 324C 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e03d6783bf2b18c690d780c31adb549d9307afa35658a688bf99a8bb8b56ca61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5165
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2808 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 08:57:27 GMT

GET
H3 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 63FD 52 KB
52 KB 7ms
6ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:51:57 GMT
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:06:57 GMT

GET
H3 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 63FD 48 KB
48 KB 8ms
8ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:50:50 GMT
x-content-type-options: nosniff
age: 397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H3 200 60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63FD 33 KB
33 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211006013651166_XIA_11T-5G_Solo_Asset.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2880bdc39c703a4b50c412c073649ae598ae74f859c4058cb7452f83eaef568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:58:07 GMT
x-content-type-options: nosniff
age: 79160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33377
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:36:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 10:58:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 63FD 7 KB
5 KB 26ms
25ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82f1c05df51d60048b99c556d6a690de7ad79a23122b3868c3f3067155541e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5111
x-xss-protection: 0

GET
H3 200 60005582_20211116015043040_STANDARD_970x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63FD 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211116015043040_STANDARD_970x250_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3afb0bbf69f68693d6e59c1a474b98f42410b0ad1bb2b623a0c0c7e668575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 14:26:44 GMT
x-content-type-options: nosniff
age: 66643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1918
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:50:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 14:26:44 GMT

GET
H3 200 60005582_20211116015217300_STANDARD_970x250_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 63FD 10 KB
10 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211116015217300_STANDARD_970x250_INTRO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d3b952c56109f1941f908001c05a79598a749518e4552a5ebde78635c002834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18373065803625922560/970x250.html?e=69&leftOffset=0&topOffset=0&c=UugbiYdIQp&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:24:07 GMT
x-content-type-options: nosniff
age: 59600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9791
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:52:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Nov 2021 16:24:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 324C 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 08:57:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 63FD 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 08:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 08:57:27 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 63B1 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 19:39:44 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame F9A4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 19:39:44 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 25BB 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 19:39:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1407 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk2mwdqGgYdyiII-x7gPY1oLIBAAAAAA4AeAEAg&bg=!gYKlgsbNAAZQLpa_UC47ACkAdvg8WsyQwYVktsrsAX7DKFOkYFVnVBk088e559xJMazBgsEkcdY2kgIAAAEzUgAAAD9oAQcKAIqHGB1RPgIC97z3pDQ52XwEpdSSLSybT68x4GsYpvVosO1zGf2_WGhuIIrzvEKCrYlyDp_R-7Mj1wWjEjkoNXhQTWunZlBSfvszlFW7rM8RJOi2akU4WsfJLR5GOSLYBfuH0XDwEyXn6IRHsOHRRjVlTOBWp31YTdhXw4T9x5N2CsBCHBoEhcUnxOaZAujUKKwWGQgG5_6Np3cwPQEiPx0jgSoYIJBaDLwrqPhaH7plg0HK4xRD6-3Ib6UPNDhFR1IWs7vmu3SIBDcPquqjukn20ueLCZRcnsstfGGrsb4VOqBjZ8tgW9o1dW-BdRmDHAjPDeCYiudRlYnQI4Z2YRmnnrYj7VFhUrGIibkmxkmDDJWAq44FpQs6a1UQU_PyVrE4tuG7fq9-kypeviVezrlRsoHwuiF7KwHYeobXcd6Z48MhSuM6wx5ZKaRBy_43Ld0f9vpeRaIXFbChkEWcBbpQq_vuIr1xqTyMgYuYXarA2dG5nykfu2wDWJEmLBeMSNSGRB5ebo1M7dPcaEfs-wYDa9SzslwcWZKXmoyq5BudLymTP78cLF2JxkzGbU2lWeR8JXnPvfTw66C5EAp9KGGVylbwBR6ekf5kIutw3lkIP3YFj3YbLD0Pvdl9-CnIo9PEVIJzyIHj_RZOfaGay7mV7jg-Hdg9QApeneAcbVDYspmS5Um2JfvBzGEw2lRaql2DiobMrBEGqbG44oLzUJQeDdqdLkcpSlKMHeA_I4ntJiEJeyGWzrLtdGMWyxjqW4y86_1jfVkVsu9lc12Mn409zTLC3ZLrbAY2AzUnnbp4t4lCVw5HBZBY6cpgfoOcrBaFnXCsrIpK1OTgWZUkUP_nFZPy5yYVtg1uA5graQfyc-rpLPwbKOU4OqpihXoJzmMbvuAI_8Ty_25JXoUzrRpmzeboua9ux9Rswpdc8JaJcCLyS16MsTWvJbZhWuD0sVsIh1ltMFZfJSOBpv0XW37mZ0xd29FKcrIQBF5sAMsG9_2ztUog_aSfCKpHVpWriwm3UF1Tgeu7VcwpdnPpgGbvpG4L_FP6ZTS6JAmTe1S7YRa1IBKHyawYiIiYaa80dwO7qrrWTHtmH3LACZxmoUjsUKRPjT-BVpHSjI8JoJ56Gk0FZ9wLAQb6CNSSjpW0PZLoWViwLOA4Vbd5L1WZFcylooZWV0I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA05 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxTgCdqGgYb2mIMai-gasxIU4AAAAADgB4AQC&bg=!HR6lHlrNAAZQLpa_UC47ACkAdvg8Wo9LjyrrZtrCKn0fK_GeqItx3hp0H1pvJNKzDtzICVqXxwQYRgIAAAFPUgAAACxoAQcKAALru5kC7SQcEemb4CA4mSVLqTBz0ewljcJPUAIEUsFgPbS2XqUB2GwLvYjYWLvkWFwHLzwhNRxXxPWQDqat6mAnDKTcmRaZ1BVl5ZyMFg4wrHy2wXtChW3MA2fX0cA__piUkp5EaY7aNhzqXxqhh3NJmmX7qDC1uRvLhy6jtPsszpBAMZTWl7mw-GX641tlRKTsjFJlz1TUohrU4P0hrPfsqh0aV-y7X20l9MJWYAt234QmnTlwx3B6BBfObyjaEV9oIRPedYwfiKUw7m9S1TrPuELdqL2IrmxQB-A7EITX5Cp4qftDVealkqf7TesqfERQtW-ozPblIziW7ZT9AK5R5rpKYNIGbamCLTrN416yocPi478_TtnVhPvf3RkauLLKIrJOBUKb4FXLnDgwPUq7S92ZXaPg98FI4Lax6KrDfuXH3ZRR00ciCAUuUxAWfLtl5JBsIOAWIadjMehXm3wPicPNmhgTH9jTHMi8B1lWKW-j4QNt8MOD03g77l52O9Ee5rs236QFgl0pRTeu9iUJKu66KrW8n_CbS5F8jzry3TGtRmpfGTTQV47WFW2_yDxGEA9ztewqvbpM0F8E5G-Xmm4lgQHRDiUrDoTo5TrVT4jg6maVUTsE_FlmjmnIOrS7WkLHtw6wFQ4lBpfRVdRMrvpMikrYGXURGREkUMLdTzWZruPS7P6ji4fJAUmqPF3gSa_yEzZFlYhVjgzfaAxcP_eNwfstocvLlHtb_0dqc7Z8Igk0EaGDo_Eo53o0F2e4jPsoC0_esjQ5H3iKWKUI2QMdWADUVjug9y8yRTkj6s4J3eqtH1PkOjgoZAq01o_GN3UHW9phrCWrVNQ6Ti6krLv9zmIF7CNudfHEg4HVtrdQqC6rVl4lrHKN_px_3OPcy2sZsWEoQTbhoGzzBWLGc7hIH-MnvPYRgjp0BhswWwC4MqNBHFfGrkRtool-IXq0VSkjabjXZpWfymIXS4CTXC1mS6md0soAmKj9Qz1SZFXM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 944D 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq_fPdqGgYe-iIPnMx_APlNmnyAUAAAAAOAHgBAI&bg=!DQ6lDkrNAAZQLpa_UC47ACkAdvg8Wo_5baLPekxqOPdekpXRTXbMBZaYFw-gxFoi_dPVgBAdQTxMeAIAAAFVUgAAACloAQeZAuimarDDNE5F5v7ULse4tM7p9f1xXTnYoHPt_xmDypY8v5hKk_eJrpqIz1JJBtnVr9wDdZ3InzwXC6ePCCt6NWhMkupgmvvKKS3_OAvwZf5P8Aw21ntttZH_Qf2hns4JaC43bg-5CzbX67jzsatkgityBvRyUcnCRTPLux4Rahg65sjI7ISrQ8lBTeiygS5cChGzQVBiJVNUZLlH666mZkJnr0S5UnEmUkyrFmcZohJ5BgZ9rkrsIdUGM068CxYD24YbkTL60gDe2_pAQNuCeqlba1FdCTPPM-pAUGl18mwAX7J7TN3T1ltJNBkIxACo7Ov1yB7v0ePDDBVjPoZt_xfEjgprjPMmAguwThPbtgoeXEEHZqWlJoQLAkvPCtEuPBADS18HdOdt8TP4oON7NIRqZ4IdjmzdCJ6Jy5NQqfvvZpDiFiOejSweFJGkc1VcPV2DI5HQycm1tZxmKBOVdoK-GTuWVKPIv89KHvNrdpFq2r_RKySJ9HcpC6xeXkVVPfqm6JriuNbBqZFIacboQKC4ojUMzmR6TXmJBAOESxYtlX2GClgPenYuUdRrDVc44QPlksruoUDUNFeh2Yj3A0muGxGayhcUmlSSyMCIhPH-HLSDfhEyhBRs7Vt0L6_ZR1BIb2gZtK33IfvNcsUVOpnP_Pl7qLLx4kFmd7kMg6fCGmZ_K2LRADjlXqgCrq39i0uTbu5fD5W8WKdYbOpeTWzTRTlmRVKKGgyn5809BvvazllO6mUp1RJVi5edvwthDjToaVjEmgCVtlw8r3BT4Su1yuiDHUmVCEEn89KQLTpq5nNacaGfTTNkFvv0MGFNYXMwWK5tcHBg7JxqiZSnAEv13n87okSiLJChFGdMU_-kHrXcRYNs7qkT83gQBuJWBu0rdhIh8775sCGQuUvJn0bLduUGdvxRhY5nZhzt5SSPHC1wwo5GhzkmQ4uDRCKI7Mn2Q1ruDYiwWe1vUEGpQy7lOtYUS8n40FI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 5992 35 B
491 B 21ms
21ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1637917047335

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 1FAF 35 B
491 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1637917047346

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 0149 35 B
491 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1637917047350

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5992 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=CwC3RlvPMOfA9vYXr9BtWeYOvCCcvLAFgxGHHLBQuD3As-5OzO3thsW9XbmdiymkISDjplBEE7F_rip2Z7tpBwNnnmSy3cUWqubwY3XuYWHxCC98QZ26K5un3Nu7WKdzi0FC0SMXzKzlb_vkVXSLPVvpdC5HDKzNwKdgzRHylso1&unload=8409726422454917086@@41375910,5193679508025803823,100|1091|0|0|0|0|0|0|0||55|0|2464|21e82ff77aae4fef9c1b027f9719e43d-1-2464_712fb984099040808351b98e3fff6032|||1|0|0|3ZOquSX1mlNX7EYoWZQhUcS6hKBkqAwOB1V-lw8pTWj5QYYvrBxMT8kllzAqADQrA7z_uuw_WOM1|i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1||11|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5992 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8409726422454917086@@41375910,5193679508025803823,100|1092|0|0|0|0|0|0|0||55|0|2464|21e82ff77aae4fef9c1b027f9719e43d-1-2464_712fb984099040808351b98e3fff6032|||1|0|0|3ZOquSX1mlNX7EYoWZQhUcS6hKBkqAwOB1V-lw8pTWj5QYYvrBxMT8kllzAqADQrA7z_uuw_WOM1|i9lI0fhyheV42u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKkk_C5STT6De9eF0CTF1uFcx2k1ZolQqiP32Dl0eOqh99i_XJqdVtROsh7sYJS6x4MRuSbLfDOUL2pNp0-JnDFz0PC7_uAK9PJTRrWk3sLeWcn1__105C65w6LJiF5zq0hYkTtD-BVw05AwHQ9td53rsBxs-genSdc1||01|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1FAF 35 B
471 B 21ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=CwC3RlvPMOdmdQ8pk1B8Fa3S62HGVLLHgxGHHLBQuD3As-5OzO3thsW9XbmdiymkISDjplBEE7F_rip2Z7tpBwNnnmSy3cUWqubwY3XuYWHxCC98QZ26K5un3Nu7WKdzi0FC0SMXzKzlb_vkVXSLPVvpdC5HDKzNwKdgzRHylso1&unload=2540055245913444866@@41375910,8373479234439615147,100|1199|0|0|0|0|0|0|0||60|0|2464|daef933fe5cf47b0a41324a152b783d2-1-2464_f00170969cac43d2a2b25ec39ab1f883|||1|0|0|3ZOquSX1mlNX7EYoWZQhUYeaFJ33BLh_TQZPwmovAoPeyB3hFJIAz8kllzAqADQrA7z_uuw_WOM1|duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1||11|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1FAF 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=2540055245913444866@@41375910,8373479234439615147,100|1200|0|0|0|0|0|0|0||60|0|2464|daef933fe5cf47b0a41324a152b783d2-1-2464_f00170969cac43d2a2b25ec39ab1f883|||1|0|0|3ZOquSX1mlNX7EYoWZQhUYeaFJ33BLh_TQZPwmovAoPeyB3hFJIAz8kllzAqADQrA7z_uuw_WOM1|duGtoSVWod542u1ywTJ-2iW46sTwiXja_G0KaHhz55bk_64_SKVARrEkOMSwEW3PkUhB9B9aLKmHtIhdmvD55zvXaLLOuomDJ4cwz19keDp5AXhqa_NqfyNWWpAGJ834FAG3K-_sLAwDeHQnb-2ISq7yvZPg75RQNk-dxS0kyCzwj3JZCgHm0sn1__105C65w6LJiF5zq0hYkTtD-BVw0-X46bD5bKMAsBxs-genSdc1||01|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0149 35 B
462 B 24ms
23ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=CwC3RlvPMOfA9vYXr9BtWeYOvCCcvLAFgxGHHLBQuD0VjI2Pz7vPMHKxgAPnqcGHL3RJaAfsBQ7FZRHLCak1o63x4DOGCpRHkdS8xQYxuzTMkh4AGD3cMA30HFDmlwnxxclZXTwov04UhzQQrSzPg1vpdC5HDKzNwKdgzRHylso1&unload=8409726422454917086@@41375934,4604021869803823696,100|1200|0|0|0|0|0|0|0||152|0|2464|358262d00ee345d4a5c013bfd05fc2f4-1-2464_ebb1c58e5e3e448490882e30f2b1b749|||1|0|0|iUeXoCTmxOe48M5tcwHHbcS6hKBkqAwOnn-jwSXz6Y8C3m6g1WDH78kllzAqADQrA7z_uuw_WOM1|zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1|1|11|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0149 35 B
471 B 20ms
20ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8409726422454917086@@41375934,4604021869803823696,100|1200|0|0|0|0|0|0|0||152|0|2464|358262d00ee345d4a5c013bfd05fc2f4-1-2464_ebb1c58e5e3e448490882e30f2b1b749|||1|0|0|iUeXoCTmxOe48M5tcwHHbcS6hKBkqAwOnn-jwSXz6Y8C3m6g1WDH78kllzAqADQrA7z_uuw_WOM1|zjKEKKDv35cqHMLsI0XOHSeXMffcxBD8RnWrQ-5GKJAJJKC3nhe7MuB87rUVMTESsWm9lSvFgU2Wsb40JI7nO6xI_i4hcc9jBwzrEfMgDr4PspLI-qXwGXqYakUf1BCKVdbe4pXGUn5O1fdtUl636w45kwMS-enp4x2zn8KIpVnUrql_ikHSNG_inpf5T2KoY_iFPTPFVGYPAnihtiRamN0vTMvVe0DWEWgkz8GXMnA1|1|01|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://filmbirodalmak.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://filmbirodalmak.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 68F8 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv46lh582D9t1BjLKemsPUpW3hOzRx47vaIXAB6T1faEmzU7nrArOkUm5y0HymCf2UzwnXwmU4ZFfAoSl0jpPo&sig=Cg0ArKJSzMZ197KSCTCcEAE&id=lidar2&mcvt=1001&p=0,0,250,970&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=34&adk=1597572915&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637917046498&rpt=275&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8176 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbtuNnFceP1ret199_hLylFq4azJYSvIlcPPI8jn4SWA-Uw_8yTSE83bfFvQGFs3VneV4LXcNNjYOk4xf5NbU&sig=Cg0ArKJSzE29eGuT1eJMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=34&adk=494004076&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637917046509&rpt=305&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FB6 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoWp18ue4Yln_v0FbMU1AufbrZdGrvtIAsennVso7iYlDlmAYIEsht7WhE9Ostcz7R2mUONPKHCzYMzF0xerU&sig=Cg0ArKJSzI0lAGlHb8sMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=34&adk=3710336998&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637917046490&rpt=421&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 08:57:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
filmbirodalmak.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v3u3c02aehp60pub53n2s1d6q1
.filmbirodalmak.com/	1970-01-20 16:29:49	Name: sc_is_visitor_unique Value: rx11191431.1637917045.02F8DDE0C6FF4F71FC29FFE08CBC559A.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 18:46:40	Name: is_unique Value: sc11191431.1637917045.0
.statcounter.com/	1970-01-20 16:29:52	Name: is_visitor_unique Value: 1637917045175733708
.filmbirodalmak.com/	1970-01-20 08:27:25	Name: __gfp_64b Value: 3kC1dAifmJhCve9MASVGSS2OpK.8l7EYVFtICF0Kvcb.37\|1637917045
.adnxs.com/	1970-01-20 01:08:13	Name: icu Value: ChgI9K9XEAoYASABKAEw9cKCjQY4AUABSAEQ9cKCjQYYAA..
.hit.gemius.pl/	1970-01-20 08:27:25	Name: Gtest Value: KlQNTRaGQMGGIW5OUe9tQD8issGMXP8c25nSGhyAZ0ntXBG.
.adnxs.com/	1970-01-20 01:08:13	Name: uuid2 Value: 6340442418680739638
.hit.gemius.pl/	1970-01-20 08:27:25	Name: Gdyn Value: KlSz-MaGQMGGIW5OUe9tQD8issGMXP8c25nSGhyAZ0ntFRxSG7RrGS6GuoMBFlMMYH7hRjBGqSRxSG8.
.adform.net/	1970-01-19 23:41:49	Name: C Value: 1
.adform.net/	1970-01-20 00:25:01	Name: uid Value: 8409726422454917086
.adform.net/	1970-01-19 23:08:41	Name: TPC Value: 1637917045802
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: hb3a10fkde72h4cj5ab2kh09hs
.lead-alliance.net/	1970-01-19 23:08:41	Name: ppv1225 Value: 2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros
.blau.de/	1970-01-19 23:08:41	Name: nscQ486 Value: V
.blau.de/	1970-01-19 23:08:41	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTQzMDAwMDAwMDA2MTYzNzkxNzA0NnZsZWExZGUyMDIxMTEyNjA5NTcyNjU5MjM2OTg0OTczWDExNzY2NVYxMjI1MTMxMTA2TVNvbmVpZHptd2FSZjRycTV0UHo5VXBIUXQ4dXF0enpwYUpUd1RLcHVXb25laWRfX2FzdWlkc1YtbXNOb1V0aXpSd0RJWGdfdFhVWmNuVWZacXMtUXdhc3VpZF9fYWRmUHJvczExNzY2NQ
.blau.de/	1970-01-19 23:08:41	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117665_-HTLP&utm_term=AFF_la_117665_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112609572659236984973X117665V1225131106MSoneidzmwaRf4rq5tPz9UpHQt8uqtzzpaJTwTKpuWoneid__asuidsV-msNoUtizRwDIXg_tXUZcnUfZqs-Qwasuid__adfPros&wfid=117665
.doubleclick.net/	1970-01-19 22:58:37	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://filmbirodalmak.com/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://filmbirodalmak.com/(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://filmbirodalmak.com/(Line 31) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.projectagoraservices.com
adx.adform.net
aghtag.tech
as.ad4m.at
c.statcounter.com
cdn.projectagora-adtag-library.com
cdn.taboola.com
filmbirodalmak.com
gahu.hit.gemius.pl
googleads4.g.doubleclick.net
ib.adnxs.com
ls.hit.gemius.pl
pagead2.googlesyndication.com
partner.blau.de
paslsa.com
portal.blau.de
projectagora-483829-hdb.adomik.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure.statcounter.com
tpc.googlesyndication.com
track.adform.net
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
104.20.229.67
142.250.185.226
146.59.30.108
151.101.1.44
185.51.66.79
216.58.212.166
2606:4700:20::681a:9a9
2606:4700:3031::ac43:81b0
2606:4700:3033::ac43:a653
2606:4700:3035::6815:3ba6
2606:4700:3039::6815:c053
2a00:1450:4001:808::2002
2a00:1450:4001:812::2006
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:ba2a
37.157.4.29
37.157.5.71
37.252.173.27
52.30.186.231
78.46.85.162
82.113.101.236
84.200.5.215
04114cc2a9754e569f36ef965eb0f7d419cbdb5da6f9832b0e4264cf6ebbb306
07678c774a4d7001bfcf7f63792e8bb5de610969474ea9ccc677a826f6d20f39
077683acb0df89a05f3ff3d6009e3231abab6f76a11a8e9ac9ce9e34950bd018
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
09a870bb30ed31544fcad443f60864bfdc29097e3834fb42477de56f60f90137
0ad527e563053f3f7a7a1585b3c7c7bf9cb6a6eada47df7ab6a8ff6dac86a459
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d4b67e166b62584feaf4ffb68a5df29b74efcf2971972c0017c690830aad72c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15fd592c9c93ee2f5fc7ec099f10f6992144a31e2ac293e395a9fd44d14dba70
17b2d78c413afa62796e2ace4d61cdc8a654ffac36c08231ce976dc564ec3eb7
242ffc00ec4efc941b30d0a1635970f9cf9be7308c8ecfc875c421ae3decd2dd
280103fff1ebf2aa2025fd49aa5c1170535f2b9b067797d137bd78123167e034
2cb0f4f5bee2c3711f29773991b289eff6745885dd7582af65732fbe0b9fd686
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
3885152157570cb9bee3c8660fd8df83795381b3383023df21d4b63b50e31886
3bfdc8d87d14016b0e20ace72f94c557a7433aedf3ba4e40cd0e3b7b66b4082f
3d777cd34cba73e955529099f84daea00980ade3931a2318066c198996f27094
3ed135c9f441baa1c02773d6f893f8b90651ab7542eea67ce821e5ea55dad3c8
45999859f60e659acdd05b2a4d24b6a48702b6f5e1de0074ac6db42c7dad3766
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
47e19597f6e52b66101135e1ba58e56df065e593a5ee677ea8fab5b3bb8b79c4
48a1892702c799884e5400853305046424ec0f0a2e4a4c3d36018cb5c5080fac
4d3b952c56109f1941f908001c05a79598a749518e4552a5ebde78635c002834
4e68cf08ae8daf78c70aee380314eedbd0b8ab9fc231ad9cd8d94cb902907187
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52d7d5bd8dcbe1a04d9e80990266feeb0d48d5aee594921f95d32a73475454b9
5a987bf16001d981ba0f75cfe41f8013bdba9a9361ceacadfef1581feb0fe67a
5d936e2ab016310375fbdc0d9ee148d5432e72baf135554e8900e9228e7653d5
5e6ea4d1ad812c451fb9ac2b469f5791747a76a8c487575eacfc204f3309fbe5
63e56c13d19ffe6df5e254b672706d4d6445562858c9f1026e9482e51d36e21e
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
6ab3afb0bbf69f68693d6e59c1a474b98f42410b0ad1bb2b623a0c0c7e668575
6cb09011cb8977ced63d0f7b7b90da6aee88a3cebdae794d2befc1dace5f55b7
72351f98bc45a03f1ff6975aece96a95cb529b8dfce9c8a3a3c75bdbf055ee99
78696719113f1066e1f39d111c220286e5f6b492576c200c3c2c63821cc51926
78b758cfdf74b56afd024c2923e78575633be6ab0eb809eb87efc65b0fc4a8c4
7a43777cc2346fa301c763b97565290920ce508e56b2a03939c1e5988fdcbbaa
7a626c64f093b44a7ac51ee879478dcf7c6b683c584b4a7d6ffbcb244775474d
7d7256be48e7af883fb29caa900ae5305b4cac57da9ddf89f4e9e316cd7beb20
7db592f30aedc9f14ad1ea2114df068014a6f2828f87760cf45dc1bbdf656dba
816c3ad96f7f2c3d23f4da1b990c9414bb7642cc4dce004ba47f183418a80317
82ea06c734f2b3cb26d4e05c6e02054431c17e384f5585803790758afb4ec539
82f1c05df51d60048b99c556d6a690de7ad79a23122b3868c3f3067155541e0f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f9a71a2233cf0a26cdd0c096bf7f9a7ec7470920d07475977fa4fe9e78fa15
8670f2b7c0366314312bb087c69594b4c16790b0a10a4cd7703a1d2a7e4cf9b8
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4
8dc25daebc5481a809b02bfe2ed390498f61d1644f4fc0365b6580c8fda6dcb8
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
9416e6451b09eb3aa4ccdc41312786617aeb111b848e0d1daccd674fb44edfa5
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
957d0b7e03bb8db2bc75032de0a6ef5924e3cf8822473f8e04f7f9ead8b30b52
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
a1df5b285ca2d85dba7517893c89b2de34bc331f7d00b50f1978d6a57aa39b00
a2473dd4eb09195c6f544ed51a5a254e7a5d62c8401d7fcce315d83d8d7cace8
a529e42f212e8fc3af2f63dee6781610dd980d3da63aaeded22e556c78fc537f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7d8aea93fc18dc96667fd5854053284bae2070a23c62b933314a988affe9552
aaf23ce0aa0cb4b4c60214d63daae59bbd72e5d856dfc5df91a0d676938dd628
b0de777fbb42971860ebc70a29a0f6bebcff460151f8aa27e7192411a623f3bd
b47ea38ab42540ac291495c4907c9a4fd0e57531988de7bcd6bbc6693c0f3ca7
b5c518eebb6659a43f42ebbba7df54b5033a887090f0cb7b3185a3897d8e8e6b
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba5c95ba07f61a3e9f196f9349fa59829214307a8f73e7fc2ee234e2a42a1b5f
ba6d873abc2e9b00046f16fc0c8a9b2ee60851a3710bb99d5eb7ae2a1b8f12d8
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
c07e6243dd6ae6d69a29200267a9fff4c81a1dfff9b0e796a2629890f0fe42a7
c2880bdc39c703a4b50c412c073649ae598ae74f859c4058cb7452f83eaef568
c3a81f8cfa8a64d4f39f133cb00164ad7fd06be512d3dee960be3fbf7c5d55b8
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
e03d6783bf2b18c690d780c31adb549d9307afa35658a688bf99a8bb8b56ca61
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4081beedf97eb012fe236ebc9169a96831e12110d39bc2dbfb48583d35fb18e
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e58d0117cb0301bd1b7f81e8f754481e6ee5e9c2ca6c27fc2ab2a96f89598b42
e710b7d9ac7e4585d46cd32ec76f750424cfc036bdddf5500a66eb8db20349bb
e7768c66b0c81a862bc365d1013f470efe8a80a40c302d26f2a1e88fa1c3b0a2
e88d545d09f5a4eee8a6b03986dde1d6afd9e4d1a28327ebc4ebb90c0ebbb917
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
ea056984afed1728b11f4c626481c170b7f87c2986c0e3ef197d78410e084df2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
fec724a5dffff035f1cf49b2311beb291c06b2c82602ed65281b4b8b335ae970
ff237943e77e179956e5f089eb5d2714635aa1b8622c326d7ef74187492d899b
ff3f26af45aa53e8e34fd8c8adb8952f74daf99fde3f00336c67dffd950be785

filmbirodalmak.com Open in urlscan Pro 2606:4700:3033::ac43:a653 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

172 Requests

99 %HTTPS

46 %IPv6

20 Domains

28 Subdomains

24 IPs

7 Countries

2321 kBTransfer

6023 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

filmbirodalmak.com Open in urlscan Pro
2606:4700:3033::ac43:a653 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

99 %
HTTPS

46 %
IPv6

20
Domains

28
Subdomains

24
IPs

7
Countries

2321 kB
Transfer

6023 kB
Size

18
Cookies

172 HTTP transactions
0 data transactions