durba.tv Open in urlscan Pro
103.138.151.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Submission: On August 06 via api (August 6th 2023, 5:03:29 pm UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 9 countries across 28 domains to perform 211 HTTP transactions. The main IP is 103.138.151.26, located in Bangladesh and belongs to PURPLEITLTD-AS-AP Purple IT Ltd, BD. The main domain is durba.tv.
TLS certificate: Issued by R3 on June 21st 2023. Valid for: 3 months.

This is the only time durba.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	103.138.151.26 103.138.151.26	138358 (PURPLEITL...) (PURPLEITLTD-AS-AP Purple IT Ltd)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8 10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
8	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	52.56.87.167 52.56.87.167	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1 2	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
3	52.218.106.200 52.218.106.200	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:225... 2600:9000:225e:9000:c:6264:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	13.42.206.47 13.42.206.47	16509 (AMAZON-02) (AMAZON-02)
211	40

34 103.138.151.26 (Bangladesh)

ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD)
PTR: bd12.exonhost.com

durba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.87.167 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (Grosse Pointe, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.118.247 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.106.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

t2ocreaspalladium.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9000:c:6264:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

htlp.emp.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.206.47 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-206-47.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158	532 KB
34	durba.tv durba.tv	556 KB
33	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 295622	282 KB
15	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 42038 hal900022.redintelligence.net — Cisco Umbrella Rank: 311929 hal900019.redintelligence.net — Cisco Umbrella Rank: 263415	105 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 326	303 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 418	219 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	220 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633	6 KB
8	gstatic.com fonts.gstatic.com	182 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	4 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 121	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24618 api.webgains.io — Cisco Umbrella Rank: 53518	31 KB
3	amazonaws.com t2ocreaspalladium.s3-eu-west-1.amazonaws.com	56 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 43845 medialead.de — Cisco Umbrella Rank: 43588	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	169 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 134200	6 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16587	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1446	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	418 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 10419	1 KB
1	emp.de htlp.emp.de — Cisco Umbrella Rank: 567432	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 194309	401 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 67240	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 42287	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 191162	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	599 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1869	249 B
211	28

	Domain	Requested by
38	pagead2.googlesyndication.com	durba.tv pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
34	durba.tv	durba.tv
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com durba.tv 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net
10	s0.2mdn.net	durba.tv s0.2mdn.net
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com durba.tv
9	securepubads.g.doubleclick.net	durba.tv securepubads.g.doubleclick.net
9	www.googletagmanager.com	durba.tv adv.office-partner.de www.googletagmanager.com 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
8	hal9000.redintelligence.net	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com hal900022.redintelligence.net hal900019.redintelligence.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	durba.tv securepubads.g.doubleclick.net hal900022.redintelligence.net hal900019.redintelligence.net
4	hal900022.redintelligence.net	1 redirects 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com hal900022.redintelligence.net
4	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	t2ocreaspalladium.s3-eu-west-1.amazonaws.com	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
3	hal900019.redintelligence.net	hal9000.redintelligence.net hal900019.redintelligence.net
3	www.googletagservices.com	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	cdn.retailads.net	1 redirects futalis.de
2	www.awin1.com	1 redirects 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
2	8019191.fls.doubleclick.net	1 redirects durba.tv
2	pv.medialead.de	hal900022.redintelligence.net 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	durba.tv
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
1	m.exactag.com	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
1	htlp.emp.de	hal900019.redintelligence.net
1	futalis.de	hal900019.redintelligence.net
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	medialead.de	1 redirects
1	track.webgains.com	durba.tv
1	adv.office-partner.de	hal900022.redintelligence.net
1	ad.doubleclick.net	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
211	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
english.durba.tv
twitter.com
www.linkedin.com
pinterest.com
courstika.com

Subject Issuer	Validity	Valid
*.durba.tv R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
htlp.emp.de Amazon RSA 2048 M02	`2023-02-23` - `2024-01-30`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Frame ID: 0E36A00E48FDABD47844A9D4C7C89B6A
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 895B02025329DEDC8473C93639F4D3F3
Requests: 1 HTTP requests in this frame

Frame: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB113DF3F577514EED879E656DB2AD77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940863611100170&output=html&adk=3046330955&adf=2044148826&lmt=1691341397&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691341397207&bpp=4&bdt=927&idt=226&shv=r20230802&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5606509097784&frm=20&pv=2&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076758&oid=2&pvsid=3856904036096227&tmod=1864798881&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: F22439E14D307583A405724F926A6438
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47B9C48DFED27A28683E591621511807
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D97504EA45C20385A5AE1802CF5611A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032307272333000/amp4ads-v0.mjs
Frame ID: D60A13CFEBCBA8930240208389C132DF
Requests: 15 HTTP requests in this frame

Frame: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9DF88A5B4EC988A425DCFC6937AD40FD
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXtXmQLDD9Kyzs_yHyBrkNEMHnpUAa4i_P0G7YBp5vV8BmhHawnIrpbFnJd1P5AfrtRl0nqh-d0AjMLFiG-NXN5TK20qJE-hTEhCLzQqPGGnTfEYbnLFGsNwboL50ieuRn1Cq9waX22d6pnXYFz9XFPMny7w9kq0QQ8rB567zG3JrOz8p0
Frame ID: 96721E2CC0520CB4AA2E8BEC84A6106D
Requests: 5 HTTP requests in this frame

Frame: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5A6C84BB55F18A00884D132412AB763
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYl9_A3QEwAQ&v=APEucNXgIDrLcubSHjGxZS6QPIQR4y98WvBJBSazDdqy3lR-zWugWcNIAM_4q3O2b_5nL603PLtNx37dc90khPkwvFauTj78BZggkE-0rniQLO9aC5c6_xFyalNegeKZYM-4kD6nPqcLwqToqe1mtXv7EUzYPQdISf_uWUf7-FYcZ-YVJP9vcwQ
Frame ID: 3A4EAD2E8DE0AA15475FB668B01FB58A
Requests: 5 HTTP requests in this frame

Frame: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34BBA32F0F34513BB03E12E060C75134
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF7A1770FD09BC9588A7C96716E14870
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI
Frame ID: 89859CC60B8B8A320C0B6421C5EAB6BE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
Frame ID: 8BC2214E1AF01AD392216DBB8AE0B318
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8B70B1C3DBA097B417C69F804DFF0663
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: A54DA56D07691DD1D855667CCE28F977
Requests: 13 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B9E5AD27A8A125E127396FC3023BA0AC
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 2D6211E820C3A60800EF43B625157724
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336
Frame ID: 780103B19DFE9B5C89F97F4CC4B89E9E
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Frame ID: D80EDC6A8E797C12184F313B902B44B1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C8C010CE2B864988FFCFB9633C81129
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: AFF84F792B8D2C5692FCC0A4F6B5A139
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172
Frame ID: 6C5F79A5B8DDC615A26216E4D93E3766
Requests: 2 HTTP requests in this frame

Frame: https://htlp.emp.de/
Frame ID: 25491D8918079C3C949500E1B08EC97E
Requests: 1 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Frame ID: 89691C95E9F579ECE9C9E202BF26F15A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

United States Announces Scholarship Program to Empower Women

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

211
Requests

93 %
HTTPS

45 %
IPv6

28
Domains

40
Subdomains

40
IPs

9
Countries

2680 kB
Transfer

6410 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/DurbaTvOfficial/

Search URL Search Domain Scan URL

URL: https://english.durba.tv/
Title: English Version

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://durba.tv/?p=13666
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=United+States+Announces+Scholarship+Program+to+Empower+Women&url=https://durba.tv/?p=13666
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/&title=United+States+Announces+Scholarship+Program+to+Empower+Women
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://durba.tv/?p=13666&description=United+States+Announces+Scholarship+Program+to+Empower+Women&media=https://durba.tv/wp-content/uploads/2023/07/Screenshot-2023-07-03-204110-660x330.png
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://courstika.com/
Title: Courstika

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&C=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM-SW1qe4JGIyJ.SghAmEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM-SW1qe4JGIyJ.SghAmEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

Request Chain 116

https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEANZ5F3z-5-z00PJjWwPbGA&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJWRZOnxCgMU6LgfbUckRVU&google_cver=1

Request Chain 151

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336

Request Chain 153

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=41719900115455404444554012408019&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172

Request Chain 196

https://www.awin1.com/cshow.php?s=2481820&v=14172&q=372914&r=296283&pref1=41719900115455404444554012408019&pv=1 HTTP 302
https://htlp.emp.de/

211 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
durba.tv/united-states-announces-scholarship-program-to-empower-women-2/ 101 KB
20 KB 1645ms
517ms Document
text/html 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed / PHP/8.1.21
Resource Hash: 94f8d7bd15aa29bd70b759dd1d041157a678c571a86f35d5d4528e080b1a2167

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Aug 2023 17:03:14 GMT
link: <https://durba.tv/wp-json/>; rel="https://api.w.org/" <https://durba.tv/wp-json/wp/v2/posts/13666>; rel="alternate"; type="application/json" <https://durba.tv/?p=13666>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://durba.tv/xmlrpc.php
x-powered-by: PHP/8.1.21

GET
H2 200 style.min.css
durba.tv/wp-includes/css/dist/block-library/ 95 KB
13 KB 236ms
233ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 16:58:43 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 05:09:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12701
expires: Sun, 13 Aug 2023 16:58:43 GMT

GET
H2 200 classic-themes.min.css
durba.tv/wp-includes/css/ 291 B
292 B 235ms
234ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/css/classic-themes.min.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 16:58:44 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 05:09:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 211
expires: Sun, 13 Aug 2023 16:58:44 GMT

GET
H3 200 wp-emoji-release.min.js Show response
durba.tv/wp-includes/js/ 18 KB
5 KB 627ms
625ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 05:09:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 style.css
durba.tv/wp-content/plugins/taqyeem-buttons/assets/ 4 KB
1 KB 216ms
215ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 04 Nov 2021 16:46:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 971
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 style.css
durba.tv/wp-content/plugins/taqyeem/ 7 KB
2 KB 217ms
215ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/plugins/taqyeem/style.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 04 Nov 2021 16:46:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1507
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 style.css
durba.tv/wp-content/themes/sahifa/ 198 KB
35 KB 366ms
365ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/style.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 285e5b51d1772ca942a380e84f4aa96547ef5081fe80c119d579a5cf4e198924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35875
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 skin.css
durba.tv/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
1 KB 435ms
434ms Stylesheet
text/css 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1196
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 802 B
751 B 95ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 17:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:46:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 17:03:16 GMT

GET
H2 200 jquery.min.js Show response
durba.tv/wp-includes/js/jquery/ 88 KB
30 KB 437ms
436ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/js/jquery/jquery.min.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 05:09:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30376
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
durba.tv/wp-includes/js/jquery/ 13 KB
5 KB 571ms
570ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 05:09:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4603
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 tie.js Show response
durba.tv/wp-content/plugins/taqyeem/js/ 3 KB
822 B 572ms
572ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/plugins/taqyeem/js/tie.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Thu, 04 Nov 2021 16:46:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 789
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 98ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8M7BDLCXS4

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8167a83c86e2127d11c1cd6151bdad64ac1d78c62393df15cf65d76d52b66561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 06 Aug 2023 17:03:17 GMT

GET
H3 200 new-logo.png
durba.tv/wp-content/uploads/2022/05/ 70 KB
71 KB 970ms
968ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2022/05/new-logo.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: e7035f7fddcf296a520091223d5add29d7c6aa63ac0072213fb7e2cb27c5bb0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 09 May 2022 07:31:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 72135
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 147ms
95ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b58cca69a4e16879b9cf17d55cb61c11c729b5378a7c06933af0d8359d23a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27706
x-xss-protection: 0
server: cafe
etag: 44 / 19575 / m202308010101 / config-hash: 16920917814545374618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:17 GMT

GET
H3 200 Screenshot-2023-06-16-230937-310x165.jpg
durba.tv/wp-content/uploads/2023/06/ 6 KB
6 KB 633ms
631ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/06/Screenshot-2023-06-16-230937-310x165.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 8f32d2bcaf84f4e202b810b4f444683b51bfa13fb6a5d97e746ad0114776932d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Fri, 16 Jun 2023 17:30:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6141
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 139ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1940863611100170

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66b65720e9f538138875c542e7aedecacfda2a7fcb1c677733e396b7b21aafdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50573
x-xss-protection: 0
server: cafe
etag: 8879106480462128771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:17 GMT

GET
H3 200 tie-scripts.js Show response
durba.tv/wp-content/themes/sahifa/js/ 72 KB
21 KB 204ms
203ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/js/tie-scripts.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 20763
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 ilightbox.packed.js Show response
durba.tv/wp-content/themes/sahifa/js/ 78 KB
23 KB 233ms
232ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23859
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 comment-reply.min.js Show response
durba.tv/wp-includes/js/ 3 KB
1 KB 214ms
213ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-includes/js/comment-reply.min.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Wed, 25 May 2022 06:16:53 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 search.js Show response
durba.tv/wp-content/themes/sahifa/js/ 15 KB
3 KB 226ms
224ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/js/search.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3390
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 akismet-frontend.js Show response
durba.tv/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 628ms
626ms Script
application/javascript 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/plugins/akismet/_inc/akismet-frontend.js
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
content-encoding: br
last-modified: Fri, 23 Jun 2023 04:51:07 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2819
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 body-bg7.png
durba.tv/wp-content/themes/sahifa/images/patterns/ 21 KB
21 KB 628ms
627ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by: Host: durba.tv
URL: https://durba.tv/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21146
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 home.png
durba.tv/wp-content/themes/sahifa/images/ 1022 B
1 KB 622ms
621ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/themes/sahifa/images/home.png
Requested by: Host: durba.tv
URL: https://durba.tv/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1022
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 stripe.png
durba.tv/wp-content/themes/sahifa/images/ 93 B
112 B 620ms
619ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: durba.tv
URL: https://durba.tv/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 93
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 fontawesome-webfont.woff2
durba.tv/wp-content/themes/sahifa/fonts/fontawesome/ 75 KB
75 KB 205ms
204ms Font
font/woff2 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: durba.tv
URL: https://durba.tv/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://durba.tv/wp-content/themes/sahifa/style.css
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:11:03 GMT
x-content-type-options: nosniff
age: 165134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 19:11:03 GMT

GET
H3 200 BebasNeue-webfont.woff
durba.tv/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 542ms
541ms Font
font/woff 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://durba.tv/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by: Host: durba.tv
URL: https://durba.tv/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer: https://durba.tv/wp-content/themes/sahifa/style.css
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 19 Jun 2023 16:58:11 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19996
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 97ms
43ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:44:44 GMT
x-content-type-options: nosniff
age: 127113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:44:44 GMT

GET
H3 200 Dadasdas-1-310x165.png
durba.tv/wp-content/uploads/2023/06/ 105 KB
105 KB 558ms
556ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/06/Dadasdas-1-310x165.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 13a0f5571bba02f136a154431d02557ff5fea56d65feb566f9ef0f3994fc6020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Fri, 16 Jun 2023 12:52:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 107052
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 %E0%A6%97%E0%A7%8D%E0%A6%AF%E0%A6%BE%E0%A6%B8%E0%A7%8D%E0%A6%9F%E0%A7%8D%E0%A6%B0%E0%A6%BF%E0%A6%95-%E0%A6%9A%E0%A6%BF%E0%A6%B0%E0%A6%A4%E0%A6%B0%E0%A7%87-%E0%A6%A6%E0%A7%82%E0%A6%B0-%E0%A6%95%E0%A...
durba.tv/wp-content/uploads/2023/08/ 3 KB
3 KB 559ms
553ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/08/%E0%A6%97%E0%A7%8D%E0%A6%AF%E0%A6%BE%E0%A6%B8%E0%A7%8D%E0%A6%9F%E0%A7%8D%E0%A6%B0%E0%A6%BF%E0%A6%95-%E0%A6%9A%E0%A6%BF%E0%A6%B0%E0%A6%A4%E0%A6%B0%E0%A7%87-%E0%A6%A6%E0%A7%82%E0%A6%B0-%E0%A6%95%E0%A6%B0%E0%A6%BE%E0%A6%B0-%E0%A6%89%E0%A6%AA%E0%A6%BE%E0%A6%AF%E0%A6%BC-%E0%A6%93%E0%A6%B7%E0%A7%81%E0%A6%A7-%E0%A6%9B%E0%A6%BE%E0%A6%A1%E0%A6%BC%E0%A6%BE%E0%A6%87-110x75.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: a7f3b18db82a5a99fdd7dc1d4f4fb743790d33ab73e4293f992afa24a6c5b223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Fri, 04 Aug 2023 18:31:06 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2562
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 Islamic-Girl-Names-From-M-110x75.jpeg
durba.tv/wp-content/uploads/2023/07/ 3 KB
3 KB 560ms
554ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/07/Islamic-Girl-Names-From-M-110x75.jpeg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 4f288a114954b0efde62bbb8eb26b69ed469b74e839eb32ae8c31538fd255b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Thu, 20 Jul 2023 11:23:30 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2873
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 %E0%A6%A6%E0%A7%8D%E0%A6%B0%E0%A7%81%E0%A6%A4-%E0%A6%93%E0%A6%9C%E0%A6%A8-%E0%A6%95%E0%A6%AE%E0%A6%BE%E0%A6%A8%E0%A7%8B%E0%A6%B0-%E0%A6%89%E0%A6%AA%E0%A6%BE%E0%A6%AF%E0%A6%BC-Weight-loss-tips-110x7...
durba.tv/wp-content/uploads/2023/07/ 17 KB
17 KB 562ms
556ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/07/%E0%A6%A6%E0%A7%8D%E0%A6%B0%E0%A7%81%E0%A6%A4-%E0%A6%93%E0%A6%9C%E0%A6%A8-%E0%A6%95%E0%A6%AE%E0%A6%BE%E0%A6%A8%E0%A7%8B%E0%A6%B0-%E0%A6%89%E0%A6%AA%E0%A6%BE%E0%A6%AF%E0%A6%BC-Weight-loss-tips-110x75.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 82beb3975f3a23e0cf6d51a6dd5f6c2918cb58902cbb0a0a57eca15a16808cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Thu, 20 Jul 2023 11:02:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17304
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 Screenshot-2023-07-12-232406-110x75.png
durba.tv/wp-content/uploads/2023/07/ 7 KB
7 KB 563ms
558ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/07/Screenshot-2023-07-12-232406-110x75.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 156aba2e743d45bc7e7c318f93d1a56cbf6aab6cafb40c9d52d32e53b4698389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Wed, 12 Jul 2023 17:24:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7516
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 Screenshot-2023-07-08-163821-110x75.png
durba.tv/wp-content/uploads/2023/07/ 17 KB
17 KB 564ms
559ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/07/Screenshot-2023-07-08-163821-110x75.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: ee097d3a3aa53bf13132ebc0f90c6914c9d70d41d23a807cc866184d6194ac8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Sat, 08 Jul 2023 10:38:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17109
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 SSC-%E0%A6%B8%E0%A7%8D%E0%A6%AC%E0%A6%BE%E0%A6%A7%E0%A7%80%E0%A6%A8-%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%E0%A6%A6%E0%A7%87%E0%A6%B6%E0%A7%87%E0%A6%B0-%E0%A6%B8%E0%A7%83%E0%A6%9C%E0%A6%A8%E...
durba.tv/wp-content/uploads/2022/06/ 4 KB
4 KB 572ms
567ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2022/06/SSC-%E0%A6%B8%E0%A7%8D%E0%A6%AC%E0%A6%BE%E0%A6%A7%E0%A7%80%E0%A6%A8-%E0%A6%AC%E0%A6%BE%E0%A6%82%E0%A6%B2%E0%A6%BE%E0%A6%A6%E0%A7%87%E0%A6%B6%E0%A7%87%E0%A6%B0-%E0%A6%B8%E0%A7%83%E0%A6%9C%E0%A6%A8%E0%A6%B6%E0%A7%80%E0%A6%B2-%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A6%B6%E0%A7%8D%E0%A6%A8%E0%A7%87%E0%A6%B0-%E0%A6%89%E0%A6%A4%E0%A7%8D%E0%A6%A4%E0%A6%B0%E0%A6%AB%E0%A7%8D%E0%A6%B0%E0%A6%BF-%E0%A6%AA%E0%A6%BF%E0%A6%A1%E0%A6%BF%E0%A6%8F%E0%A6%AB-1-110x75.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 47bd05f890f08bc94f9c793a5541edb9612a90b051ab4785ff65fa2aaf236ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Tue, 14 Jun 2022 06:10:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4049
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 Dadasdas-1-110x75.png
durba.tv/wp-content/uploads/2023/06/ 20 KB
20 KB 576ms
572ms Image
image/png 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2023/06/Dadasdas-1-110x75.png
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 52bf4e79953547be2f6a18a505b45195c2922c5aa53ec236c8c3fc4f2262caa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Fri, 16 Jun 2023 12:52:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20148
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 %E0%A6%AB%E0%A6%B2%E0%A7%87%E0%A6%B0-%E0%A6%B2%E0%A6%BE%E0%A6%9A%E0%A7%8D%E0%A6%9B%E0%A6%BE-%E0%A6%B8%E0%A7%87%E0%A6%AE%E0%A6%BE%E0%A6%87-300x169.jpg
durba.tv/wp-content/uploads/2021/07/ 12 KB
12 KB 565ms
561ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2021/07/%E0%A6%AB%E0%A6%B2%E0%A7%87%E0%A6%B0-%E0%A6%B2%E0%A6%BE%E0%A6%9A%E0%A7%8D%E0%A6%9B%E0%A6%BE-%E0%A6%B8%E0%A7%87%E0%A6%AE%E0%A6%BE%E0%A6%87-300x169.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 77694c58d7ea7f2503a53c5064a70dea03129f4435c695ffd7d91be6ec8d0285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Sun, 18 Jul 2021 15:29:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12489
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 %E0%A6%B8%E0%A7%81%E0%A6%B8%E0%A7%8D%E0%A6%AC%E0%A6%BE%E0%A6%B8%E0%A7%8D%E0%A6%A5%E0%A7%8D%E0%A6%AF-%E0%A6%A7%E0%A6%B0%E0%A7%87-%E0%A6%B0%E0%A6%BE%E0%A6%96%E0%A6%A4%E0%A7%87-%E0%A6%AF%E0%A7%87-%E0%...
durba.tv/wp-content/uploads/2021/09/ 10 KB
10 KB 567ms
563ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2021/09/%E0%A6%B8%E0%A7%81%E0%A6%B8%E0%A7%8D%E0%A6%AC%E0%A6%BE%E0%A6%B8%E0%A7%8D%E0%A6%A5%E0%A7%8D%E0%A6%AF-%E0%A6%A7%E0%A6%B0%E0%A7%87-%E0%A6%B0%E0%A6%BE%E0%A6%96%E0%A6%A4%E0%A7%87-%E0%A6%AF%E0%A7%87-%E0%A7%AC-%E0%A6%96%E0%A6%BE%E0%A6%AC%E0%A6%BE%E0%A6%B0-%E0%A6%96%E0%A6%BE%E0%A6%AC%E0%A7%87%E0%A6%A8-300x169.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 10853de6f347a3d732fb3b00b21fc24852b691cc69804bbf5886a7b34188079a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Mon, 27 Sep 2021 13:23:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10477
expires: Sun, 13 Aug 2023 17:03:15 GMT

GET
H3 200 %E0%A6%AC%E0%A7%8D%E0%A6%B2%E0%A6%BE%E0%A6%A1-%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A7%87%E0%A6%B6%E0%A6%BE%E0%A6%B0-110x75.jpg
durba.tv/wp-content/uploads/2021/11/ 3 KB
3 KB 567ms
564ms Image
image/jpeg 103.138.151.26
PURPLEITLTD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durba.tv/wp-content/uploads/2021/11/%E0%A6%AC%E0%A7%8D%E0%A6%B2%E0%A6%BE%E0%A6%A1-%E0%A6%AA%E0%A7%8D%E0%A6%B0%E0%A7%87%E0%A6%B6%E0%A6%BE%E0%A6%B0-110x75.jpg
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.138.151.26 , Bangladesh, ASN138358 (PURPLEITLTD-AS-AP Purple IT Ltd, BD),
Reverse DNS: bd12.exonhost.com
Software: LiteSpeed /
Resource Hash: 4c3f164fbd748c461898b4b78aa62a9f646a0c297b5c619189c61605bd8d2dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:15 GMT
last-modified: Tue, 23 Nov 2021 12:47:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3210
expires: Sun, 13 Aug 2023 17:03:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 78ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8M7BDLCXS4&gtm=45je3820&_p=1192933615&cid=1526146155.1691341397&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691341397&sct=1&seg=0&dl=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&dt=United%20States%20Announces%20Scholarship%20Program%20to%20Empower%20Women&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8M7BDLCXS4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://durba.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 398 KB
126 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20263
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 05 Aug 2024 11:25:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/ 372 KB
125 KB 129ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1940863611100170&plah=durba.tv&bust=31076758

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1940863611100170

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5935cc076e7dc6c35c3f52108f2de092a26b2cb7e3581f9e4f9585f25df34703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128275
x-xss-protection: 0
server: cafe
etag: 3262054001063664557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 895B 10 KB
5 KB 75ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1940863611100170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 18:47:57 GMT
etag: 12368291122986407432
expires: Sat, 19 Aug 2023 18:47:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 5335ms
5334ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3856904036096227&correlator=876236126530966&eid=31076768&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=22935321778%2CA123&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x250&ifi=2&adks=3609021547&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691341397322&lmt=1691341397&adxs=302&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&frm=20&vis=1&psz=997x250&msz=997x250&fws=0&ohw=0&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=true&dlt=1691341396280&idt=999

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c319c0707315d0c3ceb1077fa4421cc74b7abe466d26b6cea0672c2a136b9289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13785
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://durba.tv
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 5551ms
5545ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3856904036096227&correlator=876236126530966&eid=31076768&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=22935321778%2CC123&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x250%7C250x250&ifi=3&adks=606243964&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691341397331&lmt=1691341397&adxs=322&adys=719&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&frm=20&vis=1&psz=620x250&msz=620x250&fws=0&ohw=0&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=true&dlt=1691341396280&idt=999

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a03e0a5514da49d858919d815cba1bacc4490a382f53b9a469326cb019ee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9938
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://durba.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 5692ms
5690ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3856904036096227&correlator=876236126530966&eid=31076768&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=22935321778%2CD123&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x250&ifi=4&adks=448711673&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691341397339&lmt=1691341397&adxs=322&adys=1171&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&frm=20&vis=1&psz=620x250&msz=620x250&fws=0&ohw=0&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=true&dlt=1691341396280&idt=999

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

858e7b5065a5b009e2b3dd0b566f6013dc12bd30053dbffe07dd13dbd821717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11371
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://durba.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 5394ms
5393ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3856904036096227&correlator=876236126530966&eid=31076768&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=22935321778%2CE123&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x250&ifi=5&adks=993506203&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691341397343&lmt=1691341397&adxs=322&adys=1645&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&frm=20&vis=1&psz=620x250&msz=620x250&fws=0&ohw=0&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=true&dlt=1691341396280&idt=999

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27b3ca49c133816c78267aabec24ea162b87352b45c0770638e5dc0f7456fef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11355
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://durba.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
14 KB 6147ms
6146ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3856904036096227&correlator=876236126530966&eid=31076768&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=22935321778%2CB123&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C320x250&ifi=6&adks=2902998198&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691341397346&lmt=1691341397&adxs=322&adys=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&frm=20&vis=1&psz=620x250&msz=620x250&fws=0&ohw=0&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=true&dlt=1691341396280&idt=999

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae11617e429c8aff1d8a0c2efdd760e26b80c8b20335dea6ec970aa3d68fec2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://durba.tv
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB11 6 KB
3 KB 93ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:17 GMT
expires: Mon, 05 Aug 2024 17:03:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
599 B 82ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=durba.tv&callback=_gfp_s_&client=ca-pub-1940863611100170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1940863611100170&plah=durba.tv&bust=31076758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abb15c464d26c1ec13135b9b8b39fd79de2f6be9b5664b34d59cef66c62817d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F224 0
188 B 228ms
227ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940863611100170&output=html&adk=3046330955&adf=2044148826&lmt=1691341397&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdurba.tv%2Funited-states-announces-scholarship-program-to-empower-women-2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691341397207&bpp=4&bdt=927&idt=226&shv=r20230802&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5606509097784&frm=20&pv=2&ga_vid=1526146155.1691341397&ga_sid=1691341397&ga_hid=1192933615&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076758&oid=2&pvsid=3856904036096227&tmod=1864798881&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:17 GMT
expires: Sun, 06 Aug 2023 17:03:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 123ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 125ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 81ms
80ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d7aec717ce26b10029182302ebd741a118198568d1978e49c68d128a74c7385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11909
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Aug 2023 17:03:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47B9 13 KB
5 KB 22ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 11:52:35 GMT
expires: Mon, 05 Aug 2024 11:52:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5D97 783 B
1 KB 82ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce8f9725f86eb3bc055a701ce0423d041e9372b4bd4b5d4aca154a0daf4dd3d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BsatEA5zwuOZfgzlNc72dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-BsatEA5zwuOZfgzlNc72dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:18 GMT
expires: Sun, 06 Aug 2023 17:03:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 47B9 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 09:37:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5D97 0
0 123ms
122ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=3856904036096227&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 47B9 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wsAFHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
128ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=3856904036096227&bg=!1Nel14PNAAZGOVy5Zjk7ADkAdvg8Wq4w7bTUUJuuAvXfsnbbrZZnfEJsdoXnrNiGbsnPZv0YK4koLVbKHVmEWCtrTVyMHdRjAA8CAAAAaVIAAAAIaAEHmQKfX8cMsgnB2i2k4vNpaoQtSCDxel7EpRxSb1M6d6QHLv75E1VSZvDwYZIoNoGUyYuKbtxyuhQ7wEUaEtgbxFe0LIMOsQLZegJZhdccNUgp_dcahd27b82Qtao1RYT8iNakZbQrymHD690HWYKLBfcJx3m1npcKcCk4crx6AWT8-8dscfnxvZDHuVokFafMi5Ul5Y2NurqvmbtdvHI89KS8xSdr4S0PhJwX4-kgveXV2ERBXq0ps3HMMCEFb9PWN3rlsaVrbdZXOC26w2cJwzTTiaXM0-8l4-gNyFdtVf3j9mei9JiaP-UH2rxHmnGdcdGBidyY3nsNxwZDsrI-pvi_dVfj1yJ_hGbxOzEUotJWZs3nr1MorW0ONFIUZwB6h68Zq4cAdqSJxenF5fFsfu0uWSV1RffUefKM2XBdc-i-KRcvyQXMH33KSFiYRsqVLhx1rnXXJqncVYvwIdTatIi9FZL60xEo7VBhasEh4kudGxkfWxKwirAxEQ_oxGrr8VkBocS0p7dfZdkVYe_yezH1NF2TrHwElizp8ekn-5iUMgD0QqYCA0o0RHCTOuRleUKIaKgRGNMuCcYePPQhAceqSJTzSJKe1UB185zMh6oen7M1BbfeQPdiSX5RMjE-2TkvOcH1yUQ6gaYH40H_uvbYedZjNCdWw3906igzmDnIWJnlgPcZLHKg3jiuupe6OeB8v6okD3nIdFtf6V4d4FBbmSJLxBV64TZHH_ljYgX2MxoYrXXtFzkDI4TbfgD2lYHNz1Ok6tSJN1_-5V0vFXNBVz0KYOYLVaskPLsHQGBqDXUW4ahcQhimyylc7ZGLT6EQL8J5lKAMJqCzaqyBlRDkHVz68w60BJBv6_GZkUSpKMdq6CRazRB-CqCy0ZOwhlM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032307272333000/ Frame D60A 222 KB
62 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1135e95b9d102ffc76a7ac50b9e2ba153b824975fb393acd25d98d0b033f845d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:36:21 GMT
age: 408421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: sffe
etag: "32ba98a1696d4860"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 23:36:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032307272333000/v0/ Frame D60A 15 KB
5 KB 136ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:36:21 GMT
age: 408421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 23:36:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032307272333000/v0/ Frame D60A 94 KB
28 KB 128ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:36:21 GMT
age: 408421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 23:36:21 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032307272333000/v0/ Frame D60A 5 KB
2 KB 135ms
72ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:36:21 GMT
age: 408421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 23:36:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032307272333000/v0/ Frame D60A 40 KB
13 KB 124ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 23:36:21 GMT
age: 408421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 23:36:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D60A 14 KB
1 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:05:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 17:03:22 GMT

GET
H3 200 bn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D60A 4 KB
4 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bn.png

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9e9b6bc88e14ccbe87ca4e10301dbee8c20eaa9ae6da371386e9a2bd5e022f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 21:57:25 GMT
x-content-type-options: nosniff
server: cafe
age: 68757
etag: 9699036136494587712
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4229
x-xss-protection: 0
expires: Sun, 06 Aug 2023 21:57:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D60A 344 B
368 B 22ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26595
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 07 Aug 2023 09:40:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11239926725467732603/ Frame D60A 29 KB
29 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11239926725467732603/14763004658117789537?w=600&h=314

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df953c3ba85cac2dd98fe8bc4100af80cbe622cbc8979c8b79fd87e54ce24ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 22:29:54 GMT
x-content-type-options: nosniff
age: 66808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29584
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 01:46:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 22:29:54 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1678622530178460603/ Frame D60A 4 KB
4 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1678622530178460603/14763004658117789537?w=100&h=100

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada11c3f281c582ee26642d14f650c2bff75e4cba6c83cb7cefe539c4780ff1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 04:39:52 GMT
x-content-type-options: nosniff
age: 131010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3835
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 15:16:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 04:39:52 GMT

GET
DATA 200
OK truncated
/ Frame D60A 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 538d2f693d349250b4e9432302676cac927443a059f6e6147d5285a817f83334

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D60A 33 KB
33 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 129561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:04:01 GMT

GET
H2 200 container.html Show response
11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9DF8 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:17 GMT
expires: Mon, 05 Aug 2024 17:03:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9672 624 B
246 B 62ms
61ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXtXmQLDD9Kyzs_yHyBrkNEMHnpUAa4i_P0G7YBp5vV8BmhHawnIrpbFnJd1P5AfrtRl0nqh-d0AjMLFiG-NXN5TK20qJE-hTEhCLzQqPGGnTfEYbnLFGsNwboL50ieuRn1Cq9waX22d6pnXYFz9XFPMny7w9kq0QQ8rB567zG3JrOz8p0

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:22 GMT
expires: Sun, 06 Aug 2023 17:03:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9DF8 86 KB
29 KB 148ms
147ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:22 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DF8 42 B
63 B 124ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxUzCuDgCMA8mIioa260Kuo9xQvX2iP1n1RpimyBx8P5QJwqbmn2rDSdp5yhJz_upgfMmGohyon_2NHZuukbsArxt6JRXSo-HfLGuYVgGTYUpyOUI

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DF8 0
20 B 124ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16049341340656741611&x=1&ct=77

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 9DF8 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 9DF8 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DF8 179 KB
57 KB 99ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:22 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D60A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

33ms
32ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Sun, 06 Aug 2023 17:03:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9672
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&C=1

43 B
632 B

34ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXtXmQLDD9Kyzs_yHyBrkNEMHnpUAa4i_P0G7YBp5vV8BmhHawnIrpbFnJd1P5AfrtRl0nqh-d0AjMLFiG-NXN5TK20qJE-hTEhCLzQqPGGnTfEYbnLFGsNwboL50ieuRn1Cq9waX22d6pnXYFz9XFPMny7w9kq0QQ8rB567zG3JrOz8p0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9672
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM-SW1qe4JGIyJ.SghAmEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXtXmQLDD9Kyzs_yHyBrkNEMHnpUAa4i_P0G7YBp5vV8BmhHawnIrpbFnJd1P5AfrtRl0nqh-d0AjMLFiG-NXN5TK20qJE-hTEhCLzQqPGGnTfEYbnLFGsNwboL50ieuRn1Cq9waX22d6pnXYFz9XFPMny7w9kq0QQ8rB567zG3JrOz8p0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9672
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

43 B
841 B

32ms
32ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXtXmQLDD9Kyzs_yHyBrkNEMHnpUAa4i_P0G7YBp5vV8BmhHawnIrpbFnJd1P5AfrtRl0nqh-d0AjMLFiG-NXN5TK20qJE-hTEhCLzQqPGGnTfEYbnLFGsNwboL50ieuRn1Cq9waX22d6pnXYFz9XFPMny7w9kq0QQ8rB567zG3JrOz8p0

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
an-x-request-uuid: c329fa66-f819-4a77-8274-1e1a79ac502c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9672
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
an-x-request-uuid: 347e8d5a-833c-478d-a7f5-e4138ba8a4c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5A6 6 KB
3 KB 27ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:17 GMT
expires: Mon, 05 Aug 2024 17:03:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D60A 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C60WNVdLPZPykGNOE9u8P5Imq-A7MtPH-caCql5aOEbHSgbznAhABIOrou5wBYJUCoAHQ2cqWA8gBAeACAKgDAcgDCqoEugJP0JFJJAZYS3swPY5prhF1AxZdwbtJLPaSFBB1J5NosfN64_Z3aKyjnARKsNz9TFh_6NR_p4JSAJ2BtMGEZSb7nXq7yTt-5r4vYnU5wCjOOLWatMZ1FSmoqbt5pWLOP1MVwttfKrkCUYcAK9o1fShnHAHoW2cfiiFUdCe71r3iThUbVJgVifl90_aNkzN7sZDxxGFDNzzR8EWtHijo4Y-h4U7LDjB0F89L4_Jq6jgPDbgJcnYfyX8l5ovp8YiYw-3N2hzgQBnh7YXAtiF5_yCiKi9rIw-HNjx6JhwsjeYeEdlkCihxeqNW0oy8nTjH1UZFpeOyAtAige1sVhF5B9g1J9UeSYgeqxTBV548kGpcp6iaDmEUHML-sVzt-rlc60jA3Fiz2FjLOSzFl-ZJj3h46tS6np8Eu8KNJMAEiZTS-6sE4AQBkgUECAQYAZIFBAgFGASAB6yYz5EDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ85ikAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGiDAgqBgoEw7CxAtgTDIgUAtAVAYAXAbIXHwodCAASFHB1Yi0xOTQwODYzNjExMTAwMTcwGK3XlAE&sigh=_hiburi2TwI&uach_m=[]&cid=CAQSTABpAlJWyBySNVurOYYmx6sCP-v3XP_qEip1rrNbUcEJkxoxO5xGaF3RNyXHlQ03P9QqHNbbvhlR5aDJPZjcjsOMVT0VBQMQVATMel4YAQ&template_id=5007&cbvp=2
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DF8 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9584096653553&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DF8 0
20 B 122ms
121ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9584096653553&version=m202307240101&ct=77&x=1&cor=16049341340656742000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9DF8 16 KB
12 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPIw3tsHc4u4qYrBKfg4rCJvmk0zC9IiS21TKesCSNJQc-03gCowRflBZzUtVpuol2_OOlxEw9WL3glegPx8GcOWANpMjvPK9CHUBTlO1B9qKZONswCdYNrpVRBna3QLKa6z5X-33ivZxWXL6EdAhmbtKwPpWs4TgjI7kZFz4d53w6bsc&cry=1&dbm_d=AKAmf-ARsKu4aQdGo2_4omTy-w3HEuttLFbvZIlrfIwGPrTi-G1FKAtkuCZDDTeeV5GvyyDvdoGnU4Bkay6fNhos4VTK-2ckKcVMolmdhZeaU4aPnDE4o-VBn1z0I4Zvr8J1toHh0fSwEalRdpy-d0sbylcBCX1GK1NCny_O8LIabOpRFcBY_N4X38KrjHaEY-TsfM_UwdFiDsp-Tt5-dLIKNU9kwcakUT9PW3zXAUz6-MPmYIbQA16C_mhH3RqbeDpp9FCHcaCtFeewe396wUdC3A9H_hWSUUOQMc9ED11Z1s3bbwxinjhpSUwlogWfVPx31rTTiurrssmbWVWWbkzKz2_6nW2y6kSLdTjpDIvZSSCgYZbp7O9pDsdNbytX2zZmAEeJBLOM0UqfdOOG21XS4lkMsAAWrMM-QfQjdnAMNOoM9rwNaTWhQZvU0ljpWmP3nmROXDscmfjqQLKtBR0WxpBy4KQq6N-7KMXOPSCdnmHzC7HfvRkiCpv-5_Y-KbKWpkI5dm-vUFJD_KPouAVLJ2hrnV4Lme8AEQ_z4AZX-53kaPY2uXeUQIW6fffVKk_QG4E01JLKFRdhNKLfStdosjbR1UZgFUrM96K13Z7Sjp7dAdhME9GokbNMTGtFrZi8tlrn61ZtCXGZWdMZoCahv7npavtzcelcpbzJTJ35aaTBArjTydEohV5036Ha3ifNtmjr9WNKmmBKIHPoTBzxmt6UBUKDifpwf1TurjxLBRkToPeNardUTuntTjUx7vmUlagjm9cI5s5rq8NEMnELvHri20Jdo_eowfhDKXdW3BH_Pem4GpjQR14FbUf0gXvjPw7kx4MVEQnw6ZiayiYYXNTSL6VGhkUr6a_3C2lB6ASke-d0jpmDAytlAFo-UTNTFU6i5DAXh6EkqdO_AKwHv_Csrzb6ObHpwyFDe91TJJbVn-Z_9C8ImHlcYCZTe_x0Zrr2SDrH8WYWvaApsmA2gwozDL9NICp1rQMkgz1KQdRAHkU0Tcp8MLw_H4OdE6fyxXaMsijt2XZtDEHdyrsWsQs9-KosrfeMbSiZfYkwILntJ4xe3nvp09Xb7oAtKbmIHDZheJL4zI8jKaZla4LQV9xqnR-2X45NwXXw7IB2dGZ49hBJzcEepQdrQyPmLYzOD14uERxDlZpZj499WK3PFkVhhym_6XY-9BH9yLpri3QUExD-_eArRJLhsK2y0tKvex-JtLBx7samFaFVuKauT5i-DF6FXZlD_FiIt93Je8DE1pa1mERwh_a95S2CCsaQxu6aiYNToVWiQHJBgY-IlL7jSwjughc-Vq0ea2RtLgwDBztAR0brZheHA6N7un1vQLNclxjgNXJKuy1fWbnyhfk_AgHVvfAa5gIXar-hDL_StbMnX4fxiQo-3ZZ0RCIO61-0TIo1SwUr8SP5QT5cEPKOEiogYUTzJQgmigYnwIxKoMnzEtAYrwatVLFwbJEowZu3F26jC_dzWbmVKP7ZcpPRhDTbzBuaZK0h0QYWcefJuV9vYv-gziqJ0y7hc8Qjp_cUHPj3rFTOpofnNESVerDUa4C-XqKDaRpVZBJsv9MSdOFbEIa2y5tpFTw35-ynRds2JvdiqVT7pF74sdfXDUBonkZT4aJJLucWQ-JjTBHGz64xB7b15z5aJrBFPrwFrb1nVawCY7FoWyF1H_Uy2x6wp7m4nWoHxzUj3BH-ZF-12-EydfDJ68ORBQ5l_xriD2nkvBjw6ZEiq29PxX5OMW3MsnSK42YROv_lnShy-7N-ILsgBEM4MBvtmHjxbkrM4Yl_rVhz4sJCJO5GjSbsddtnyZg4j2Jy5LYSZUrD3NZh6DYziuiNhb0PoCRVA1NZLb0l-DOWHMGNW5uKiB9wdOlKagy62YphdgSiLNEDlfQNPOKz3L68zWROcBOLNEq28hlo1LECOGD2VFhwmDhC-t2HmOOcbC8ZnuEaB1HKXsWL8RAyAnMSHA-Io-KO6Emfw7TP6cN9JdolhOf3sIzW-E0JEY0t5d4O7DVgX8h0NJfwNGwUrnw0KTv7kCKUi6zSyl4iJ61feU560wcE5lYESG9W32drVIt1lPafgxzIGV8vIYsZOOYssciP8VQmYR0YBeAR3teQdmyW_VrKvfxGKqVlZMv9tOV0qlO3ZykZvJH0FhOZ38RWyKjs4ecNchGuKHhRYCpnZO7wnerFogqD3t-zWW5dn7GMe4WfhW88QFjJQYZ2i9nuK73JeTONebF5CeZBI1-bW3leyZc58oxeZR9vxTsL3ZVb8tcSomrsaTIKwTE5q_YTZBO56OQjg6RV6wjlEio0pvqnwOnSHtNLACWdkPFH8XD9hrXaoXDD0noI8tiP43baaqQwpLJ9HVY5GZrajisPSTEwhVUQSjjCd0qXNuheEuek0hum_Ffzeepd3EsZ3wGrWZDAXKyWNi4gevTa_bQd2IastX2WPso0qq1eKYejc0opSCCB-WCON07F8ple3w5r7b4nCMErI3n996MgiSvGxkO_qe5nEZ4qOefV-EsBJo-35ez_O9SNSlAXNvIQSzk-dlIFBSE8dFIgTrFkPS_KHCLo1O2oYS6bXHqakhS0pP0sE1-ZqVWzQqh75iqjXrYy0RsTKCHXMSgWf9GR6-diYPZZ0yovKTeo3qh0l-hmsL7wPCO-LznqFM5yMJ2oMggvauXAbde482ccNNrNbBYb8RtgSL-phYa-3YhaU6WY85QhyknJYQ9aItyyD9LrqjBccfjwIMcQJJUimjF1_ot9TZj3DMt8BXHO4H3triiB4V59VCX0DfTLWdY33VmzJMPaPaZV4NM_eD2jQKtX087GKPOETnQGNTutFSH6-qSYN4szFn2KRwdwCtIelN722VXZ26qpk0lCrInCjIV68-3sOhpCKhCZKWjKHGmwt4zHivPh3hGfjEWNe0_fMEjkhpPqOOFjyV1VdV3jwqOahOepf0xqktUfSn0DeLtwgztzpxdAjJYmtw56SDv4Oqtx5L8EzB38z3oClFEt3xXzmN2JDiJXbf1rrKfMqO320Iw1gij6bst7wTVQETAXbb8-3ArGYXYOLi6Z17GA7ifM_aNXnCP5w7535vdz2LxB1zfTe-gZ3Y7FahbgkfzrqaIIEcuNh8aFCcyenkIZ85DDuuVaV7R4o8UtJS6nIzekRIUhnLnGeoT9OID6D7WnM4rExMu8yhMQn7dUEHpBHssgA2tzzFHCtP5iGMtirVJaZV2KLu3PfoYlXt7l6c8Qms8LnT2WYaAJERK_K-f69sZFGwLEmgdwCxgUFPCFRzadivM5Wa4xpEkzpwejMpuToyGEgd1Tmm3Scgtlif5xPm_AMO3tSxBu2UAFGLaoWDa_2HDX0UvrOKzjOXOnja8a3fkHM7LCSC_b5ud-X2aLj9rPac05njU5i13305oZBypFUHFLPb8YqdHSfCtfK-G4XSPwBFBAyJ8Nneh5vV232iqf0YARd6BgSbfUSa1AGiAnZhdZauHhrEp9WtX1_6RjEgr4PNyIyIakDk3fZzkUl-4Vbr69tyGnx2n1gkqpU0JJpUJrZtoJ6u5NBYuDqZ-gSWzEoO50PhhD7lIHY9NCQTEUvVFXlq7PI5foDgsKD-Y6zmR_ISMMlINX1moONIah6rYKUa1dOWaAmerS1UQjiIB9d3Abqz9_b2jlBIqZ07zdV3xxQkhtwGu72qNYr-GkJjUe4J0g_68LRDzFfBDVP3RbKVwPF9KRxOBTkmdL5DHJ8VP-kReSjz4RKBubAkghQAOT6LVXq4ZncdFnShi5HtFky9vCanA4ywQrYnjdUTuruxe424Ty3u0rTRjWjsYZc8OpjPKNt6IC2xwwHiheISQu6GTVzzGPZdvq8mqLZFlcxBr7hbsKfSevRi8JegrrdKNizjkKwWi47elt8ldpPGu_OeHQSOlmKKO6lnGKeOSfSPn1JPh5gVWsTmvwI6DeMJz1n9HLMIEHdlNYjvvIxZtG5mcgnu-35f70r9UiK-n90ElAO5ap1mhQFoWnhbfNqCSEHgku7GbZfeqS8DmJBQiCFudvZtLL1kvPROI6a-82UL9K-13jUXtcSobjN8umaH_q_ijpskaM4ZTetdhQndxSInDLdd1JBWciKYy5bvSepMgB96cK6GCcDBQiBW-QFckb5JSKlx8v44mnoo3n72XIs2Mueje1I5yIBJjS9QwSGdxNU-4HoTAsSF1NET_AisnZepHt0HxHgp9vAJyj1d93M5T7NYvgVknbmPiRzXvxugBIsKN3LxHNIwCbaxOfm6KJtEgCv76bvgP81fXonSoAfNGtkKY2IESol8YUrW0v87mVyYL0QAbPgThfx9Uiabv5nuSg1CTn_b2KyCUXqpwV_h1C7o3Y_vNeQ69sXgViLu65CUGxaVw_MVGv4gdG3I9hOkjtTAsgjvfNwCj8LTkrU0T-mJqq9UrbxBMLNHDT8nfyQthdGVim30l9FZ1NIOjKwuv_tWNsWzA3FdhDztIl8yakihg9ZSZwVCTZjYDKPIj5GT1uDx7WexzA5-NMlIPSSQ4OLHgARJ45g7uhBor-TZuN&cid=CAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=16049341340656742000&adk=2228999115&idt=150&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afeb0cd2b18eac36d6cabab4a4f393b2d37cea8b347a2016b8266c1b1f4b1bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11842
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A4E 624 B
245 B 61ms
59ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYl9_A3QEwAQ&v=APEucNXgIDrLcubSHjGxZS6QPIQR4y98WvBJBSazDdqy3lR-zWugWcNIAM_4q3O2b_5nL603PLtNx37dc90khPkwvFauTj78BZggkE-0rniQLO9aC5c6_xFyalNegeKZYM-4kD6nPqcLwqToqe1mtXv7EUzYPQdISf_uWUf7-FYcZ-YVJP9vcwQ

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:23 GMT
expires: Sun, 06 Aug 2023 17:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F5A6 86 KB
29 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A6 42 B
63 B 124ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_WXpOTdjZGWbgvKGuC7a0hk5vNBp3mjK0_3yGmWMBgXaHej9-47emkL_6N__X0hxSntooWslXkHkK9I3EONSxhaa1vb8-2b86uhTeOmiWZooKrU4

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A6 0
20 B 125ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8192380807348045409&x=1&ct=76

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F5A6 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame F5A6 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5A6 179 KB
56 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9DF8 41 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPIw3tsHc4u4qYrBKfg4rCJvmk0zC9IiS21TKesCSNJQc-03gCowRflBZzUtVpuol2_OOlxEw9WL3glegPx8GcOWANpMjvPK9CHUBTlO1B9qKZONswCdYNrpVRBna3QLKa6z5X-33ivZxWXL6EdAhmbtKwPpWs4TgjI7kZFz4d53w6bsc&cry=1&dbm_d=AKAmf-ARsKu4aQdGo2_4omTy-w3HEuttLFbvZIlrfIwGPrTi-G1FKAtkuCZDDTeeV5GvyyDvdoGnU4Bkay6fNhos4VTK-2ckKcVMolmdhZeaU4aPnDE4o-VBn1z0I4Zvr8J1toHh0fSwEalRdpy-d0sbylcBCX1GK1NCny_O8LIabOpRFcBY_N4X38KrjHaEY-TsfM_UwdFiDsp-Tt5-dLIKNU9kwcakUT9PW3zXAUz6-MPmYIbQA16C_mhH3RqbeDpp9FCHcaCtFeewe396wUdC3A9H_hWSUUOQMc9ED11Z1s3bbwxinjhpSUwlogWfVPx31rTTiurrssmbWVWWbkzKz2_6nW2y6kSLdTjpDIvZSSCgYZbp7O9pDsdNbytX2zZmAEeJBLOM0UqfdOOG21XS4lkMsAAWrMM-QfQjdnAMNOoM9rwNaTWhQZvU0ljpWmP3nmROXDscmfjqQLKtBR0WxpBy4KQq6N-7KMXOPSCdnmHzC7HfvRkiCpv-5_Y-KbKWpkI5dm-vUFJD_KPouAVLJ2hrnV4Lme8AEQ_z4AZX-53kaPY2uXeUQIW6fffVKk_QG4E01JLKFRdhNKLfStdosjbR1UZgFUrM96K13Z7Sjp7dAdhME9GokbNMTGtFrZi8tlrn61ZtCXGZWdMZoCahv7npavtzcelcpbzJTJ35aaTBArjTydEohV5036Ha3ifNtmjr9WNKmmBKIHPoTBzxmt6UBUKDifpwf1TurjxLBRkToPeNardUTuntTjUx7vmUlagjm9cI5s5rq8NEMnELvHri20Jdo_eowfhDKXdW3BH_Pem4GpjQR14FbUf0gXvjPw7kx4MVEQnw6ZiayiYYXNTSL6VGhkUr6a_3C2lB6ASke-d0jpmDAytlAFo-UTNTFU6i5DAXh6EkqdO_AKwHv_Csrzb6ObHpwyFDe91TJJbVn-Z_9C8ImHlcYCZTe_x0Zrr2SDrH8WYWvaApsmA2gwozDL9NICp1rQMkgz1KQdRAHkU0Tcp8MLw_H4OdE6fyxXaMsijt2XZtDEHdyrsWsQs9-KosrfeMbSiZfYkwILntJ4xe3nvp09Xb7oAtKbmIHDZheJL4zI8jKaZla4LQV9xqnR-2X45NwXXw7IB2dGZ49hBJzcEepQdrQyPmLYzOD14uERxDlZpZj499WK3PFkVhhym_6XY-9BH9yLpri3QUExD-_eArRJLhsK2y0tKvex-JtLBx7samFaFVuKauT5i-DF6FXZlD_FiIt93Je8DE1pa1mERwh_a95S2CCsaQxu6aiYNToVWiQHJBgY-IlL7jSwjughc-Vq0ea2RtLgwDBztAR0brZheHA6N7un1vQLNclxjgNXJKuy1fWbnyhfk_AgHVvfAa5gIXar-hDL_StbMnX4fxiQo-3ZZ0RCIO61-0TIo1SwUr8SP5QT5cEPKOEiogYUTzJQgmigYnwIxKoMnzEtAYrwatVLFwbJEowZu3F26jC_dzWbmVKP7ZcpPRhDTbzBuaZK0h0QYWcefJuV9vYv-gziqJ0y7hc8Qjp_cUHPj3rFTOpofnNESVerDUa4C-XqKDaRpVZBJsv9MSdOFbEIa2y5tpFTw35-ynRds2JvdiqVT7pF74sdfXDUBonkZT4aJJLucWQ-JjTBHGz64xB7b15z5aJrBFPrwFrb1nVawCY7FoWyF1H_Uy2x6wp7m4nWoHxzUj3BH-ZF-12-EydfDJ68ORBQ5l_xriD2nkvBjw6ZEiq29PxX5OMW3MsnSK42YROv_lnShy-7N-ILsgBEM4MBvtmHjxbkrM4Yl_rVhz4sJCJO5GjSbsddtnyZg4j2Jy5LYSZUrD3NZh6DYziuiNhb0PoCRVA1NZLb0l-DOWHMGNW5uKiB9wdOlKagy62YphdgSiLNEDlfQNPOKz3L68zWROcBOLNEq28hlo1LECOGD2VFhwmDhC-t2HmOOcbC8ZnuEaB1HKXsWL8RAyAnMSHA-Io-KO6Emfw7TP6cN9JdolhOf3sIzW-E0JEY0t5d4O7DVgX8h0NJfwNGwUrnw0KTv7kCKUi6zSyl4iJ61feU560wcE5lYESG9W32drVIt1lPafgxzIGV8vIYsZOOYssciP8VQmYR0YBeAR3teQdmyW_VrKvfxGKqVlZMv9tOV0qlO3ZykZvJH0FhOZ38RWyKjs4ecNchGuKHhRYCpnZO7wnerFogqD3t-zWW5dn7GMe4WfhW88QFjJQYZ2i9nuK73JeTONebF5CeZBI1-bW3leyZc58oxeZR9vxTsL3ZVb8tcSomrsaTIKwTE5q_YTZBO56OQjg6RV6wjlEio0pvqnwOnSHtNLACWdkPFH8XD9hrXaoXDD0noI8tiP43baaqQwpLJ9HVY5GZrajisPSTEwhVUQSjjCd0qXNuheEuek0hum_Ffzeepd3EsZ3wGrWZDAXKyWNi4gevTa_bQd2IastX2WPso0qq1eKYejc0opSCCB-WCON07F8ple3w5r7b4nCMErI3n996MgiSvGxkO_qe5nEZ4qOefV-EsBJo-35ez_O9SNSlAXNvIQSzk-dlIFBSE8dFIgTrFkPS_KHCLo1O2oYS6bXHqakhS0pP0sE1-ZqVWzQqh75iqjXrYy0RsTKCHXMSgWf9GR6-diYPZZ0yovKTeo3qh0l-hmsL7wPCO-LznqFM5yMJ2oMggvauXAbde482ccNNrNbBYb8RtgSL-phYa-3YhaU6WY85QhyknJYQ9aItyyD9LrqjBccfjwIMcQJJUimjF1_ot9TZj3DMt8BXHO4H3triiB4V59VCX0DfTLWdY33VmzJMPaPaZV4NM_eD2jQKtX087GKPOETnQGNTutFSH6-qSYN4szFn2KRwdwCtIelN722VXZ26qpk0lCrInCjIV68-3sOhpCKhCZKWjKHGmwt4zHivPh3hGfjEWNe0_fMEjkhpPqOOFjyV1VdV3jwqOahOepf0xqktUfSn0DeLtwgztzpxdAjJYmtw56SDv4Oqtx5L8EzB38z3oClFEt3xXzmN2JDiJXbf1rrKfMqO320Iw1gij6bst7wTVQETAXbb8-3ArGYXYOLi6Z17GA7ifM_aNXnCP5w7535vdz2LxB1zfTe-gZ3Y7FahbgkfzrqaIIEcuNh8aFCcyenkIZ85DDuuVaV7R4o8UtJS6nIzekRIUhnLnGeoT9OID6D7WnM4rExMu8yhMQn7dUEHpBHssgA2tzzFHCtP5iGMtirVJaZV2KLu3PfoYlXt7l6c8Qms8LnT2WYaAJERK_K-f69sZFGwLEmgdwCxgUFPCFRzadivM5Wa4xpEkzpwejMpuToyGEgd1Tmm3Scgtlif5xPm_AMO3tSxBu2UAFGLaoWDa_2HDX0UvrOKzjOXOnja8a3fkHM7LCSC_b5ud-X2aLj9rPac05njU5i13305oZBypFUHFLPb8YqdHSfCtfK-G4XSPwBFBAyJ8Nneh5vV232iqf0YARd6BgSbfUSa1AGiAnZhdZauHhrEp9WtX1_6RjEgr4PNyIyIakDk3fZzkUl-4Vbr69tyGnx2n1gkqpU0JJpUJrZtoJ6u5NBYuDqZ-gSWzEoO50PhhD7lIHY9NCQTEUvVFXlq7PI5foDgsKD-Y6zmR_ISMMlINX1moONIah6rYKUa1dOWaAmerS1UQjiIB9d3Abqz9_b2jlBIqZ07zdV3xxQkhtwGu72qNYr-GkJjUe4J0g_68LRDzFfBDVP3RbKVwPF9KRxOBTkmdL5DHJ8VP-kReSjz4RKBubAkghQAOT6LVXq4ZncdFnShi5HtFky9vCanA4ywQrYnjdUTuruxe424Ty3u0rTRjWjsYZc8OpjPKNt6IC2xwwHiheISQu6GTVzzGPZdvq8mqLZFlcxBr7hbsKfSevRi8JegrrdKNizjkKwWi47elt8ldpPGu_OeHQSOlmKKO6lnGKeOSfSPn1JPh5gVWsTmvwI6DeMJz1n9HLMIEHdlNYjvvIxZtG5mcgnu-35f70r9UiK-n90ElAO5ap1mhQFoWnhbfNqCSEHgku7GbZfeqS8DmJBQiCFudvZtLL1kvPROI6a-82UL9K-13jUXtcSobjN8umaH_q_ijpskaM4ZTetdhQndxSInDLdd1JBWciKYy5bvSepMgB96cK6GCcDBQiBW-QFckb5JSKlx8v44mnoo3n72XIs2Mueje1I5yIBJjS9QwSGdxNU-4HoTAsSF1NET_AisnZepHt0HxHgp9vAJyj1d93M5T7NYvgVknbmPiRzXvxugBIsKN3LxHNIwCbaxOfm6KJtEgCv76bvgP81fXonSoAfNGtkKY2IESol8YUrW0v87mVyYL0QAbPgThfx9Uiabv5nuSg1CTn_b2KyCUXqpwV_h1C7o3Y_vNeQ69sXgViLu65CUGxaVw_MVGv4gdG3I9hOkjtTAsgjvfNwCj8LTkrU0T-mJqq9UrbxBMLNHDT8nfyQthdGVim30l9FZ1NIOjKwuv_tWNsWzA3FdhDztIl8yakihg9ZSZwVCTZjYDKPIj5GT1uDx7WexzA5-NMlIPSSQ4OLHgARJ45g7uhBor-TZuN&cid=CAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=16049341340656742000&adk=2228999115&idt=150&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:13:34 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 9DF8 12 KB
4 KB 176ms
28ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1691341402399414&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b09544f8b442237e54e3fce07568e0f7ab2883302204168b4c7ee0e0e461e4d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4229
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 container.html Show response
11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34BB 6 KB
3 KB 26ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://durba.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:17 GMT
expires: Mon, 05 Aug 2024 17:03:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FF7A 22 KB
8 KB 24ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 215389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:13:34 GMT
expires: Sat, 03 Aug 2024 05:13:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A6 0
20 B 123ms
122ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8558598713150&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A6 0
20 B 122ms
122ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8558598713150&version=m202307240101&ct=76&x=1&cor=8192380807348046000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F5A6 91 KB
37 KB 139ms
139ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4yaRR66iyWeQuBSP8Prf9vbfjvDik672T5yrLhd4K02in4Fe0c7rCNVbai2zTLK6M7N1tP257FSrWHH4QNzyB85a1729rOzr7I43mlZxjNr7nThE_CSBvXvL3Q8ItTSUR74WxG61CmbgEP0oxllxRf6l3wxqwfbB_s_9t48xd-FZKhIw&dbm_d=AKAmf-ADlL0YcF9ZajJxxRMCCHDzTV-QlddRBBZM53S_KSGOdRS27R3vPwA5zYq1B_DEDtu_i_43XujLwtIe3y0kaCI8r6-4RywUzquTevmV3cq0-vKH6KmVfbPG6uyJekLx-CRYU0A5odUXdicXdk5aJK6Iv21FHw1byaqyDZr0rOs9NmF87IPPKyNWFUkprwPwS64gDRsTTo9Up3R0QFr9yNi_YPDZyTxlF75otsH7l8vcvISGX56-Vah301P1JR1kieI6ib1BaJLxYURmVOdauTsGneUWhj_BtpecHZb6s57XJD0iINtjf5PsNOLV2L1fPddU_HdIZ-FLZhtPcpW6I3JUY4DN1Vow9J4qCdnqaUrxtWWQtJ362DP1y8ZJWDrH9-5P--MXdxZTudYgPMjOkyfhTvT39AXrHJ-rE3Nge0Z5DkSLA2M0DcApsyVZkmpo361vE3sn-AVyfFEbiI6BQFS1hPwURG98PXSOJ_vkgs6IQ912VKlULWg9JZQTXMoLza6JYLavyg3Usg5pzAlR89HoKIQ7pB_EO0O0g_G9CaGFjrA3oS-CjCmLsB672RobRNMIQNi30FwqW8AJXvVX1DRMSlcwrHHM-1b60ZP0DfBTpAKsU0E7FYKy1HrE3y5-iABEAA6cSF55ShOLTZSDNNfhjE1sX5Wg3sw0oLBFix6oXN9i7cdFS15CkBMLMaTAFqRiuNTROrhtlvx_0Y5x-fhTY7q0txJmEAt6IsvsqNRCk7k9-jAK_btTBwzYkz-_NEmhgi7vK4RoNcUbTYPYlr7MGHgaAXAvtdUeuUh6dl6N41vbQjPIOxYiM3BZ264JfX5PGKVP9sK8vzTzNNsQXgvI8CCT_oyi0eNXtR8WLLnKSY4WnfllgZ6zXZTDv8LEFIOzoRGTJvhHfxGS7S0tNwNT-x_xZD3-WUg24ifvKEKJhxAzKi2Gd2gVG2chjkSBlUJ0SBlny6Qpp9ClPtJ_CXsjogKXMZ9iVzUhi5CneLsvzOVofk6Vscz6tGBwnN7_rw8aorsCsihO3tlJsWfcFx4XSs28CQxIcHzOk9uJ3qVeR--XdMu579Lpa-iIpgw4cvOmtkR_bMxcIFHh8DhlDSNdzHnOuGeqKiS_4Uzw-vd_BE9E-sOubYtZSt5JGMu9Jt1nTg3XBYpJY8P5OvQlq1u02Cho71kREqAC88smi5Cwg4tFQDVqoPRcYK2c_cX7RhDoY65F4GhKAZ2kJ5bMfloUXHZuI2yVEbmujGhNk4r0iXC2_VmegtnXB_xVfqFJuPUFF70z9S2NBd8gZ9eL7MHczH8881J1_ZistLg6AB6KMuGnCs47iw-zK3uSejfBwSnt_8uW3yThgId51b_2yR3aGsK5o-LCxRrAHoSfLd9yELnZyh5fDVNGozX1oPqC32aJfNoIvy_Als0iqGprDrMijFgBP_1Qc5bjEVzgMc3JD89fC1ofAkWD5AcHqkti0t8xEQTEdHVE0J_hTFTkNCSIfZCdT8bwviOJzhtF7L8KpOSH-oAikIB8BYRSklgw3tYkBk6OgIpMEnLSkHsZvOJgy4uusKE1ycZk2ftKhnHXq0oOvytVn5ls_uxaD0QjxwS-kAvH2Q1o4ZVA843TD8GUIVk340gyf0oYYBslRWx-b3bngbpnkgH2Ho7OfcvYHh5BFmk_jkZ9UhS1nsO7N1gRokUt_oEdwWqf5z9XuC2go-eBOUPLQVE5qP4hvyMHXinEw69tVvxMgqHDErdeGWjwJabQ4ngm0W9RTDETxAg6_OnM7TI5m1kfWOmqmIyLHP-V6yPKmdJf-cr6spioyG_R3GUgk5ygFY9hR4NkJ1Gl5PD97XqQNxiShkT2-fp0aeq_zJaQep-GWFKIq7qt8uuXapcKZpjK9PPfyspkZKG7OGOJEawZyCEOgARNTpUU1U4olxXNzESZSGFrciNdcksK5kTROGFmW-t3urwmcTOFDYITauE1182FzDFZto8MuDNNScXTTbXhwULdd7p0_yn-WuF6HYaz9rt9M6q8f73Rp5LIQr6g-fGXg_96HJsFjklRRNQ31zGK-kfPrzA9FP68PXsYPJ6wiciCQw6Yacya9nGi7sDrYo3Tl_m_Kt-yyut0R5nAvn0QFWJdzAtVbEc5yJ6PpMRBeOtEsVZYRWUYiR1KR08HvXQUtI9ybmELg6uOfkLnxB3z78tJHUgoczw1z5ChYSI2xFrBtDY1Aw6QM2hdHHTrJFs6CVl-deWwWCijqXrWzy1LtYzo5gVSy_EiiLkfZGa1Wvd2SVuEnjhRuhD__jFESxUNjv9sLy9xZD5AHWZtw_bd_Kw0TObqm89hmqxi8SVvtgoKqEeK7gLr7nNVXClIOjK0CPDSfnfdgS3B5TOzz_BhwXK1PzrxHBWg5bine8HUa8EO64q8bU3NXyMpnQsFOCe5sFfLYQe7lJmK02AGOz9flMWKPrRnc4Dip1yj4ksKhPzHVlJmBiEL-fGW0QPNj5l3AtyqaQdvWRh05NO76eZH7VnhZRXcjUR3-RZdJMzJwZvEug-CLhlBAMETGukaIOqwcgfyU7XALlxMtWC_GUv0-Yh2k2cmM-9If-0_MnDa6lovMjzzEfTEkv1uNSx8DDnIKSGsLZBEvd3J93IK0i7s8pJWtUroOZ2hkL1UFETbxqFlXiLGruwzi77bItjpGaHbRF2rH_oB31OCKvjBu13kBvQ586bnMwsJunrSL4DdduMEn56CoAkUteIplXEBhsos3bPPRncDe6h6SDmW0kAQg-Io3_7GIHKbdt1EZS_3QQAdnCCvfMcpssbC09GhC2jODOC13ZdMpFjCWmUWWo-BCGx-2NcscQDornR8FFPzRWXG2ar6qLQrPGjG66FCdWJTlGeSgqMJh0OylZrSqNmbJ7V3kkMvbC_OpCdrZRiQ7Vz70m5Nb5LvLcCd_M2n8gdTfI58h4YCKPh5IoBiZohSfQF3gfguO8wVa85_7E1wApX4YrJLesuA-nWwg9b1RnDqOvyvgmooogJXQlFeeuiK8khDnLbHXvJWzwAow3-VJIUpoHGwfEaBqfjthp-K_WWwGy4Ooe4vfdNbEgetOTJc4kaHR-WTFRuYFv03Ssmzb4PmcAcJ-MzBpiuNSgRqG0szykb8MuVLV9LSpwHI6ckgkarPJxdfJ9fFN8v4UN9x8D-KSkQgztJ-IkOhkoP5Sj1Njok0Az4DJWZOjbi1xKU4vdT57zyn7myYCDi8W5srJmX2ODw12YlQwag2xQeZXoEEkL2hUpPazejOvytyxNLRRTsbfkLm5xjNdnqK9RJW4xhKVIbCpJBqsuA81tyOdQrJJMT-bIDZFD9ErDE-gB7lAfqjvOLODgYhEQEJhFLss8tRviiWvhzcSk0WsQksIXviRKFXOKEzuMiQhCPnammSmbRCoqP0OQxJ1nsCAcpKegkC2VrLOU-azs-kwKiyW21sXLDGnHlShaHcOkYwFE3e5aQS8CIKNSZqAHyX-Zv3IjZmWDi9n_A1zvgO7M3DuuRAfgBmTNq0X8kHoHYEyoLg40HWHXr6WpUtjQwToPHhYSKC7nZTTQsjNUDH23rsVemWvI6criZt7yK13IAb0tgDy5E1ckpCgcv9PSs0_bVgmw0NEIRwE4rzwHz-W0Yp0tlSC-coSW4o0OPOGexX1qp6ZzgYH_t5Pggr4g8S9e-dY_b1wyZ3_m4Pe3v5FsZoi4B7Qs4ku6icg11KSU2TcckAfCnNC4MeblaKKPbaEj40Q2237YPMXCBPmo3hfyogILsYh-Gl76DpSbjUaMxR6229SRhsIOC01IMA0ZsxiCYzrZbU4ZqJmPLpab8ThtW3Nj68p9EcMOSx9A6UAOuNiytQnzM5HEVg_PjopDAL4XWUNsGxPXnyDmNynL7K8ofaWtsnCfZtUlbk6HfZlke8vBV8XJ0uXr7FWQ5gzFiLBYxie1tm2x9YivSoeWhs9S8CFPltGemmtW8irrC3keBKJTVmL4UpPcJlIvrACsiyZWusZ2xZJfqvHnrWssNmWpo2JX2Wg4uVX7xEsprs9TGcAAFJg-iKejT2g4k2xvUeoqYdlFRCqodsfRx_pT-kyvTIlY06lSmkush1YYqqiYbJWSggOFWYTVZa4rGXbszmKNk59vng2BlLV_rMn63yLXQp8LIyaY5x3FbDPTbo7_O7whomPbLecE2vAfjZUIqVOMRiwrVGusrkzBjm2MXuGuZuN5ERWUmsYrC_pOa0HLiF3Y765Mc4RXRDzsBCXJYWANJhGCFeLCcwBi2hpYtfPQbdIKFVfIejAsAk467xkU65-O_r3FFe6esSTN7Ol6VEhcYytolgDp5KSlGxK1400ZM&cid=CAQSLQBpAlJWFQ2WLIKa8cd_ynsr-sLHAfEBr6-saF_4abVn8t2BcoFyDGyo2pUTFxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=8192380807348046000&adk=3047537735&idt=107&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb0923e457604b8169faec03f5251357c9f65d7a9e7404bba3b56dea6968f034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYl9_A3QEwAQ&v=APEucNXgIDrLcubSHjGxZS6QPIQR4y98WvBJBSazDdqy3lR-zWugWcNIAM_4q3O2b_5nL603PLtNx37dc90khPkwvFauTj78BZggkE-0rniQLO9aC5c6_xFyalNegeKZYM-4kD6nPqcLwqToqe1mtXv7EUzYPQdISf_uWUf7-FYcZ-YVJP9vcwQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A4E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM-SW1qe4JGIyJ.SghAmEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYl9_A3QEwAQ&v=APEucNXgIDrLcubSHjGxZS6QPIQR4y98WvBJBSazDdqy3lR-zWugWcNIAM_4q3O2b_5nL603PLtNx37dc90khPkwvFauTj78BZggkE-0rniQLO9aC5c6_xFyalNegeKZYM-4kD6nPqcLwqToqe1mtXv7EUzYPQdISf_uWUf7-FYcZ-YVJP9vcwQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWIDS4K01OClOEy59sTgWo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3A4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

43 B
841 B

31ms
30ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYl9_A3QEwAQ&v=APEucNXgIDrLcubSHjGxZS6QPIQR4y98WvBJBSazDdqy3lR-zWugWcNIAM_4q3O2b_5nL603PLtNx37dc90khPkwvFauTj78BZggkE-0rniQLO9aC5c6_xFyalNegeKZYM-4kD6nPqcLwqToqe1mtXv7EUzYPQdISf_uWUf7-FYcZ-YVJP9vcwQ

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
an-x-request-uuid: aaa37d87-c9bc-4c5c-9af7-20e0b2be7ffb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA996lcISp8oKlyf8DnrhSM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A4E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
an-x-request-uuid: a40a188a-a051-4016-a292-01bdf3b061d3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc1MDAyNTcyMDc3NTA0NzUyMQ%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8985 640 B
262 B 72ms
71ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 34BB 86 KB
29 KB 116ms
114ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BB 42 B
63 B 125ms
124ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COMoOABIIavHclNrsuIZsRHOqogS6xMiE2KIEfmInA0ypMYsbvqk_u6lVAwX6lwBDWCs9Z83TbPy2nj7TSsgnJnaVDqGu4b1dGdlNXVS53kJBV5Qk

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BB 0
20 B 124ms
123ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16766767481847091266&x=1&ct=77

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 34BB 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 34BB 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34BB 179 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame 9DF8
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

159ms
108ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 87baebb6d0af6976a767cca90d600ec25f99b137cfc3ac275039da58bc504d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 42812200095178404444554012408022
Connection: close
Content-Length: 1330
Expires: Sun, 06 Aug 2023 18:03:23 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 06 Aug 2023 18:03:23 +0200

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame FF7A 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 09:37:47 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F5A6 172 KB
61 KB 118ms
21ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Origin: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 20:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Aug 2023 20:24:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame F5A6 11 KB
4 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4yaRR66iyWeQuBSP8Prf9vbfjvDik672T5yrLhd4K02in4Fe0c7rCNVbai2zTLK6M7N1tP257FSrWHH4QNzyB85a1729rOzr7I43mlZxjNr7nThE_CSBvXvL3Q8ItTSUR74WxG61CmbgEP0oxllxRf6l3wxqwfbB_s_9t48xd-FZKhIw&dbm_d=AKAmf-ADlL0YcF9ZajJxxRMCCHDzTV-QlddRBBZM53S_KSGOdRS27R3vPwA5zYq1B_DEDtu_i_43XujLwtIe3y0kaCI8r6-4RywUzquTevmV3cq0-vKH6KmVfbPG6uyJekLx-CRYU0A5odUXdicXdk5aJK6Iv21FHw1byaqyDZr0rOs9NmF87IPPKyNWFUkprwPwS64gDRsTTo9Up3R0QFr9yNi_YPDZyTxlF75otsH7l8vcvISGX56-Vah301P1JR1kieI6ib1BaJLxYURmVOdauTsGneUWhj_BtpecHZb6s57XJD0iINtjf5PsNOLV2L1fPddU_HdIZ-FLZhtPcpW6I3JUY4DN1Vow9J4qCdnqaUrxtWWQtJ362DP1y8ZJWDrH9-5P--MXdxZTudYgPMjOkyfhTvT39AXrHJ-rE3Nge0Z5DkSLA2M0DcApsyVZkmpo361vE3sn-AVyfFEbiI6BQFS1hPwURG98PXSOJ_vkgs6IQ912VKlULWg9JZQTXMoLza6JYLavyg3Usg5pzAlR89HoKIQ7pB_EO0O0g_G9CaGFjrA3oS-CjCmLsB672RobRNMIQNi30FwqW8AJXvVX1DRMSlcwrHHM-1b60ZP0DfBTpAKsU0E7FYKy1HrE3y5-iABEAA6cSF55ShOLTZSDNNfhjE1sX5Wg3sw0oLBFix6oXN9i7cdFS15CkBMLMaTAFqRiuNTROrhtlvx_0Y5x-fhTY7q0txJmEAt6IsvsqNRCk7k9-jAK_btTBwzYkz-_NEmhgi7vK4RoNcUbTYPYlr7MGHgaAXAvtdUeuUh6dl6N41vbQjPIOxYiM3BZ264JfX5PGKVP9sK8vzTzNNsQXgvI8CCT_oyi0eNXtR8WLLnKSY4WnfllgZ6zXZTDv8LEFIOzoRGTJvhHfxGS7S0tNwNT-x_xZD3-WUg24ifvKEKJhxAzKi2Gd2gVG2chjkSBlUJ0SBlny6Qpp9ClPtJ_CXsjogKXMZ9iVzUhi5CneLsvzOVofk6Vscz6tGBwnN7_rw8aorsCsihO3tlJsWfcFx4XSs28CQxIcHzOk9uJ3qVeR--XdMu579Lpa-iIpgw4cvOmtkR_bMxcIFHh8DhlDSNdzHnOuGeqKiS_4Uzw-vd_BE9E-sOubYtZSt5JGMu9Jt1nTg3XBYpJY8P5OvQlq1u02Cho71kREqAC88smi5Cwg4tFQDVqoPRcYK2c_cX7RhDoY65F4GhKAZ2kJ5bMfloUXHZuI2yVEbmujGhNk4r0iXC2_VmegtnXB_xVfqFJuPUFF70z9S2NBd8gZ9eL7MHczH8881J1_ZistLg6AB6KMuGnCs47iw-zK3uSejfBwSnt_8uW3yThgId51b_2yR3aGsK5o-LCxRrAHoSfLd9yELnZyh5fDVNGozX1oPqC32aJfNoIvy_Als0iqGprDrMijFgBP_1Qc5bjEVzgMc3JD89fC1ofAkWD5AcHqkti0t8xEQTEdHVE0J_hTFTkNCSIfZCdT8bwviOJzhtF7L8KpOSH-oAikIB8BYRSklgw3tYkBk6OgIpMEnLSkHsZvOJgy4uusKE1ycZk2ftKhnHXq0oOvytVn5ls_uxaD0QjxwS-kAvH2Q1o4ZVA843TD8GUIVk340gyf0oYYBslRWx-b3bngbpnkgH2Ho7OfcvYHh5BFmk_jkZ9UhS1nsO7N1gRokUt_oEdwWqf5z9XuC2go-eBOUPLQVE5qP4hvyMHXinEw69tVvxMgqHDErdeGWjwJabQ4ngm0W9RTDETxAg6_OnM7TI5m1kfWOmqmIyLHP-V6yPKmdJf-cr6spioyG_R3GUgk5ygFY9hR4NkJ1Gl5PD97XqQNxiShkT2-fp0aeq_zJaQep-GWFKIq7qt8uuXapcKZpjK9PPfyspkZKG7OGOJEawZyCEOgARNTpUU1U4olxXNzESZSGFrciNdcksK5kTROGFmW-t3urwmcTOFDYITauE1182FzDFZto8MuDNNScXTTbXhwULdd7p0_yn-WuF6HYaz9rt9M6q8f73Rp5LIQr6g-fGXg_96HJsFjklRRNQ31zGK-kfPrzA9FP68PXsYPJ6wiciCQw6Yacya9nGi7sDrYo3Tl_m_Kt-yyut0R5nAvn0QFWJdzAtVbEc5yJ6PpMRBeOtEsVZYRWUYiR1KR08HvXQUtI9ybmELg6uOfkLnxB3z78tJHUgoczw1z5ChYSI2xFrBtDY1Aw6QM2hdHHTrJFs6CVl-deWwWCijqXrWzy1LtYzo5gVSy_EiiLkfZGa1Wvd2SVuEnjhRuhD__jFESxUNjv9sLy9xZD5AHWZtw_bd_Kw0TObqm89hmqxi8SVvtgoKqEeK7gLr7nNVXClIOjK0CPDSfnfdgS3B5TOzz_BhwXK1PzrxHBWg5bine8HUa8EO64q8bU3NXyMpnQsFOCe5sFfLYQe7lJmK02AGOz9flMWKPrRnc4Dip1yj4ksKhPzHVlJmBiEL-fGW0QPNj5l3AtyqaQdvWRh05NO76eZH7VnhZRXcjUR3-RZdJMzJwZvEug-CLhlBAMETGukaIOqwcgfyU7XALlxMtWC_GUv0-Yh2k2cmM-9If-0_MnDa6lovMjzzEfTEkv1uNSx8DDnIKSGsLZBEvd3J93IK0i7s8pJWtUroOZ2hkL1UFETbxqFlXiLGruwzi77bItjpGaHbRF2rH_oB31OCKvjBu13kBvQ586bnMwsJunrSL4DdduMEn56CoAkUteIplXEBhsos3bPPRncDe6h6SDmW0kAQg-Io3_7GIHKbdt1EZS_3QQAdnCCvfMcpssbC09GhC2jODOC13ZdMpFjCWmUWWo-BCGx-2NcscQDornR8FFPzRWXG2ar6qLQrPGjG66FCdWJTlGeSgqMJh0OylZrSqNmbJ7V3kkMvbC_OpCdrZRiQ7Vz70m5Nb5LvLcCd_M2n8gdTfI58h4YCKPh5IoBiZohSfQF3gfguO8wVa85_7E1wApX4YrJLesuA-nWwg9b1RnDqOvyvgmooogJXQlFeeuiK8khDnLbHXvJWzwAow3-VJIUpoHGwfEaBqfjthp-K_WWwGy4Ooe4vfdNbEgetOTJc4kaHR-WTFRuYFv03Ssmzb4PmcAcJ-MzBpiuNSgRqG0szykb8MuVLV9LSpwHI6ckgkarPJxdfJ9fFN8v4UN9x8D-KSkQgztJ-IkOhkoP5Sj1Njok0Az4DJWZOjbi1xKU4vdT57zyn7myYCDi8W5srJmX2ODw12YlQwag2xQeZXoEEkL2hUpPazejOvytyxNLRRTsbfkLm5xjNdnqK9RJW4xhKVIbCpJBqsuA81tyOdQrJJMT-bIDZFD9ErDE-gB7lAfqjvOLODgYhEQEJhFLss8tRviiWvhzcSk0WsQksIXviRKFXOKEzuMiQhCPnammSmbRCoqP0OQxJ1nsCAcpKegkC2VrLOU-azs-kwKiyW21sXLDGnHlShaHcOkYwFE3e5aQS8CIKNSZqAHyX-Zv3IjZmWDi9n_A1zvgO7M3DuuRAfgBmTNq0X8kHoHYEyoLg40HWHXr6WpUtjQwToPHhYSKC7nZTTQsjNUDH23rsVemWvI6criZt7yK13IAb0tgDy5E1ckpCgcv9PSs0_bVgmw0NEIRwE4rzwHz-W0Yp0tlSC-coSW4o0OPOGexX1qp6ZzgYH_t5Pggr4g8S9e-dY_b1wyZ3_m4Pe3v5FsZoi4B7Qs4ku6icg11KSU2TcckAfCnNC4MeblaKKPbaEj40Q2237YPMXCBPmo3hfyogILsYh-Gl76DpSbjUaMxR6229SRhsIOC01IMA0ZsxiCYzrZbU4ZqJmPLpab8ThtW3Nj68p9EcMOSx9A6UAOuNiytQnzM5HEVg_PjopDAL4XWUNsGxPXnyDmNynL7K8ofaWtsnCfZtUlbk6HfZlke8vBV8XJ0uXr7FWQ5gzFiLBYxie1tm2x9YivSoeWhs9S8CFPltGemmtW8irrC3keBKJTVmL4UpPcJlIvrACsiyZWusZ2xZJfqvHnrWssNmWpo2JX2Wg4uVX7xEsprs9TGcAAFJg-iKejT2g4k2xvUeoqYdlFRCqodsfRx_pT-kyvTIlY06lSmkush1YYqqiYbJWSggOFWYTVZa4rGXbszmKNk59vng2BlLV_rMn63yLXQp8LIyaY5x3FbDPTbo7_O7whomPbLecE2vAfjZUIqVOMRiwrVGusrkzBjm2MXuGuZuN5ERWUmsYrC_pOa0HLiF3Y765Mc4RXRDzsBCXJYWANJhGCFeLCcwBi2hpYtfPQbdIKFVfIejAsAk467xkU65-O_r3FFe6esSTN7Ol6VEhcYytolgDp5KSlGxK1400ZM&cid=CAQSLQBpAlJWFQ2WLIKa8cd_ynsr-sLHAfEBr6-saF_4abVn8t2BcoFyDGyo2pUTFxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=8192380807348046000&adk=3047537735&idt=107&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 13:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 13:45:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame F5A6 30 KB
11 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 13:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11541
x-xss-protection: 0
server: cafe
etag: 12315695366903653922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 13:46:05 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F5A6 41 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:13:34 GMT

GET
DATA 200
OK truncated
/ Frame F5A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 455810ec70b7efe60bd7900e984df4ead6ef604703bc3a8957201cc5346105ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8985
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEANZ5F3z-5-z00PJjWwPbGA&google_cver=1

43 B
273 B

40ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEANZ5F3z-5-z00PJjWwPbGA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEANZ5F3z-5-z00PJjWwPbGA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 8985 43 B
145 B 94ms
33ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8985
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJWRZOnxCgMU6LgfbUckRVU&google_cver=1

23 B
163 B

101ms
57ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJWRZOnxCgMU6LgfbUckRVU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 06 Aug 2023 17:03:23 GMT
pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJWRZOnxCgMU6LgfbUckRVU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8985 23 B
163 B 143ms
57ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUDxlirNUMTM7vIqFpkTz2zjXEdjzF-i2YrOzVh0SdlaH_ypABDH0DntxcYLXr3xT9qJ6eoQSI332U_KWuL0oA5RQ9CBUz2EOW_tVAI0gHKRdR5PvswPc0-TKoqm1RLxRH8YBh4VYnOW1BJRdFhxDtlO18AojrlcGvC-dUn6oze1YcMlxI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 06 Aug 2023 17:03:23 GMT
pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BB 0
20 B 128ms
128ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8662553042677&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BB 0
20 B 127ms
127ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8662553042677&version=m202307240101&ct=77&x=1&cor=16766767481847091000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame 34BB 16 KB
12 KB 153ms
59ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAvthgM1eKEg_8eylUAEYxGK8-cYFi6mQwdfRSK2FK0AenR8zcUMfu_TvA1CHZoN1BKwf3DW5Xj-YgyPzAFKHExzQDQcGZFrjuQvBFyC-IuTTORRXJmRiG-ZIoJG2VBVESdWzBAYva2H3JPdBmhaeIecDG84txEyEQhVRbsuNUQPYBZbk&cry=1&dbm_d=AKAmf-BWivu3UidUL_RxoDODiqcZiC2Gxp6l_ZCKvmM1ZSZbsbABPVMzvq_lKj9pjXIuu7gusY8eDmg9JLCgPpuwtg0L9m0Vgr20cOy23pqRc0iaaQWBSJqhIQ-8y5PD1Ae-Ha9ZoVvcwZ2zJtF96R9k2dhvlrd5apBkCn6PMFgkpqb5dL1lxMffh7S2S61J2Lp2IGlqIjE4Vd0AFWCQcSvbr3pwYzVHs3rthcuLW5P-Y9tjvSUHO0PoWQyR2GluDuIcnvNeaIcy-0LuMDrBHh3O_LskOCcSFyGpxjnHFrwAoOVXV-V0XtXUJiGQc_hVXFqvSa8cHPV_R5uwYDSls4fSmGBg0Gqa_LL4H1QERO_ZNzW5U6UFXm21Wvaj0DRBil6lKqjBjfDSEMrBByv-pTm0WnOJT7IKklgxZxfc6-C04pq8FGdy-ohEhyz3VXaCBtApWijbkUR1jFw2pu3u78HQzQ1_vkG7WrRHPZjEH2k2ThdUmKFJbzEzdsJpXLwYa1QKhXAiU4r4NEVQdG6crpTyQKjKl1hma7PAd3y6xYnQDc3TZT9LosTYlCW7O6AQd1ccSoAu8tehI7WgLNptC0nC7ex9kIHsyKFNFOGLo3Tl6tRDTNuK9H8WmSDltQ2jmwkrb3J9ZSxdUmjhb-U_jZtIPNXIiwzFkr0ExC3kfezgCFYHMtMPV1fQIvP3xxyihSFOopim8K_8WeRtNufGpFO-WCuuJe06VKYf2wGL5ZVD5JM4E9vs-yNbq7CzA6pmX7tDrg0Q5lqv2eqLbU9CbyyXPLGlvhPnYdhmyv1SsgNg8KaKqWongrv7sKP365NMdq6epKVy1-MbxiUvO9WrPXmTak5pRLtpG-98YseIT2X2o1inmXKId1F4naIy3sqKtLF_Y5QfG_EUiCSI8Y2c1rDF_K46bg8MBMj6JQu0fYTirdIQrdi0nStms8xyqFqDBKBc8utcUmX8EXhG8EyeJnCRpMRUmsk1Mo9SPM7TqorjIPkfY0zuczu7fytauLBpM-f5FEOfdxgN6k3QwsCDLe9_PlpMtw15Bf9PdrgfGmzN8v4x-iefsoJ7ZsRht5F97JGNUZ2OFQm9fBfuH4OXkT-JtvWdkXbrrCAzZYxfSOV9_49mwVD46i8Cnw6LmYOPfvVqOpwOlvZBVHO3LlTslDKh9upDvTlXgY_s6nfiU-mDr27eaDf3EFucMXzJea-aCTcV7a3ieT3KIeH3aFoneiE4lIs-ICQgA-Jz5anDGI-UaS4Xj54FC0OeGW86BBQ2H85mIG3LcMt3DpsD-Zv6rl-wLQVK91EwNjALqqHnhTv3WM9co6HDH0xAcv6COxHuGlAJXTSdtJPLIKmZzDRmlapE_X_NyIJQDOLYG4c9tIloyay84nPTye8eLl3_vpaWv4iWYxRveg0k-hKxTxFizmUy_2T6mCRNQDCnxhBlMjGSCaLgmc3MR5ZQM6q9QBnGRlWxjfChcnHV0EpwwrwTv1mNud0JFIxXKUc1goG-3CEm-Pv_rxBaqxwHeyfcuUZe5KXny-U-_RnN10cN4hVtA_miyozEmYoEYlF7sTOp4kS7kWsR3jbVftH9FNM3aHRpiqp6JoMvJjXb_56-_GJT_jJpEp5cXJt0560vtdSO02nEXfILDmvsepfjnBTd6-1NVp-7U4bJy5YWEY9tQvPqCRde-j91I5EWvBCBLDnfEcB9oipNMwIsahl1dh-m5cI5fZT5ilQob0geoZAbOy5hLn_F01WxzFNZa_PvFuv4KapXX1jQtbbRWkF-6khi6t-4QptAGkEoyWEfRVkGuu1dbE853otew7UxfF6lPuJPwzMyasJvmMENO84SoS2cQvE5naWtmWpkhe9lqqNQen9iPRpMegkwtzRrO4eO5-YKQLBriVpnmIQekRWR60Ghf5eLmGdP5Gz375qGtUQK49n1U0y2FLCAh58wke1c3-XsF4J-uWnl3rKr7PyA6rZSpeRGsFo4FqnnKxbMZZARk_uIt5uu4CzdS_cSID4exKL8kz3Z6tV7yaeYBjYpOwrvUy01RxmkIZvDTGCDWB5gT4zSLdLa8RUmJUIbIcbr414_2TQXZSGq6lFW2ottlujwg9qe8HZCDIrkLwqAc0DGLt-vBtapNGbeJW3ieeevgwz1HtOy7jY5XqRwZ5-LbsfJhT_kMcvbZMVYuRf6NFmn-fGfj75dlJyMb7Fm9tacQAAwwtnAU0gzgeOy6-1esEnpns20F8BB0pJr5hsdiEdcu-1NEwkKOTVwergY0eK3nyrM3kgSB4wb-U_bBGcU-AGZTBTDyNmO-t6T5h_Ff2KCMAp3NTUtibWL3ogSbSpsXD-_oii11gG0JxVxLiM2vE1VjGc0KxjkoY00GR-WC4wUpv8MTOMDUt3ZWi_iXKWxhbsPZ29lNzHXbjny47udnBCe7tNhEbCi3GywTs_uIezv5X6RggZ2hOQIbryRbpDv6j8CwvlzvYroHZsJCQu_LBbjBgXXJDfsiGX8gOZweTdsUsmFosXoSxcsmxP44_ZVZ9x-ROeCBidFjUwdHmeIvstoQEaX4HOdMOGZORdfAHY93jQkzaaPsCLC6lsGX8nrDQbj8zWYq6aeCdEoARioAChSzd1HLOWjfg7q0edQISnis-lj1JNyUUSfJAmLHuEjOA8nwEcZt9YppPvmU67sHCLZ_H_hsq07MtGUjsYipsFiXRG3UvZ-CTJeg38ryjZrtf3Y_VE3xp30BGhJREdMEPzh7WL0jfeY5ydFT_6hbNMBTj8V9cEKEzudTBuxUtX60aCL5yK301HyCKasaVOvgmU_2mn3OwhXGC5gcP6-GlKdKEaxRxx_TIrFWwrtmNdmiWp5GtFDPrNA--HzD2cAwNo_swvEzYKC7hJpD6gn-yLmqZSOKQ4Tem7sJjAqHSa_vagqSfdi9lTx2J4gOaEA0Csr5P2cLI0qUlafqD3WVpx6TxC3_TfKZB__H0pavKc-te85yJuuWXfOTur9vP9awyPADdomm7nlLjnFyMJQKtGP8-OIU1FRtG11Dz0mug0JYUopBB3kWwyLLEuHlsvyWX2Qw8QpW6oHGTGhELzFR36dILFYbRumNbfX8xvjoilgljhJvkDemJi5OAZ2XSsLwQz_R_vgfAPJtQi5tpAppuzJlOgEP2sUodTVxwbMc3V0kztOLSEaIE7oh_WWy2mazB0mL4E8Z3nuDoz8w2P4mmz1bTPuwzOPfzpuXwi4E7Btl9C8RtKsZKEmsYWmZb8XZWUZEXpEPFLslIfTIlycA5IGSOkh-hzFzO0YTv_c9c_6seaa9Omd0VOlcbg6yTozgd5uPu4NgfHzrf29RT1nGD6hqLCuTQbXnCIO7H2xPU92HM0xTXEVjJEdkavZ4iTS48bn77N0hgMMwgImen_T4g7MihZkAITnRZePnMSHGn8yR-gFier__rrhtTc5djDKKElO_RDEPAgUNJw5DV4-DRHgKjhCm78DkO1IC4dIQpbNEDdKqc1yVcZzEgDCL2UUOpScBI2hP0dll4Nu6cb8Lyls-KZaO2T8Kyz0VF06jm-elBnUe7dE6pJi8Xdlfu9d7oA7twxe1etsO6pUL-REHZffEb7oY4IvMg8phmUjHWRJqsyr1aLCfKW56O8VCaqMtj2FLPX_Ty9AR5KMLYmp7MbdAuFxvmgz5GQ2JTTHplKZ_L5GxZfWMsM3Rx-3RxlArvNp9qZ3IQwnAkI2oRK7D3QPvXdpY-U13GC9pKQ0BEg0nWgGTeo060xbpva40RacZeYwL6ZC0fhqwJ0xdAsS_sYkh9nYO7h3d4Camqcu01XwJwEr34ClDxcRU28b_xbzC6R1jY0vrdz9VBG6GsSPNlCmeQK_9D8uv2h0KFkFrOkrNaWTcAhXUl8wajlmke615DKnFEE-MmFEbU0IXQfKG4WuQyLRI1EVqPXRLbTC1BDF4_ubiWiajCfLZrwKtPL8FE_soRiVv3wJScRjc2Q1H5Sy-WuIxbdw6hcEar3uaY5DSaVFnjBcHtFK-4YtkZrdnR2EyLg8PoE7ipX3qQuKFVFUwYPof3TnymIR1osIbhDdAPbr5ff9HocRH0Tfd2dQM_bR78nZ9EzlzvmzAnnpJgyvyaWDjg_SuowVd9VOrWvb3U4XyAyQ1FACes1K0eAuqGSAakXWBKpRvx6tKnRGrJE2Y1isvNQd4prFwgH03cPlq9BAfVQ3qmiDGzJIcOpNmpjBVbc9x4Tfjrl8hwun5ku6cOj449Rl8EQbuOIsk0ubaR1SeqrExI8pY6rDFq1YtM7ybUtUc4cUK2lleh8UeA9tx0zEUa3-B7yI_iWVzOkKbvqwB5fMGLxx5D9pCGWfnW_QA6RRoM3cr7H3fuaVOwMWHw1bZzys-zPPKenzeo5HAG7QEvSAMqXgjEee-aAqaeqP1exjdbK2_ZSVcQvn9_oj4cGElC06aJbrzPW6pUCkmyjpgArQfnoCrUlI04_39WP749iRHHHru6a_c0KJqs6f2sN8XsFO8rWsLeAIqrMjE6slkq3vUiEG3A_71f12lcuyeXNfzEMCFom259sVF-5EGv3ECrwAMQpupSPJkw&cid=CAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=16766767481847091000&adk=2857193498&idt=123&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

27bb9a7909da6f6cb7f7efe15b0455c1f81a0d4bbc907188f1c76ffab99d3630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18065340200342519808/ Frame 8BC2 4 KB
992 B 88ms
33ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe54a69f8d788a5090b4c24197740d0cd1e1d23f802ac7ee5a1ce614bed1a97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 964
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:23 GMT
expires: Mon, 05 Aug 2024 17:03:23 GMT
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F5A6 0
0 172ms
73ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstycQhxIaqV8ojCBPSTlerM1aJJkJmCm8qDtJXzfKHU11oMVOacxZ-2Is0OQ_UZLd_Tb4KHf09QkhNDTDCyeDMLQDgchR1WLudZHwuz2lhBNvv5WLeS43KgcSVwTrib6H3rRcL_O9tKNAh9THGfgFNvvFZz1_bqqMFI76FQQxsbXDYh0_Mi4Lqtcp4f9DJuZLHL6DLzBeL5NajnNsoAomb5DQbs5_vtStANU5PF8HqhjTe7SRy2suc9CxbkmJGF3r-2q1HXKbi7-e8pMNDoDVIzPOa7Ni1hYUuIT6rmmah5UjScr81I2mHKcwYk68qyAmDn4T50TKFUXy2RjgLx-UOLn8I19Xrcd7BFlc16JxwAMELHl9FPA-N8_hHZQEK_OJ3Qrr27r810Um6bYKz0KAA0uIOtNIzU3HpU-2W4Lha4NHn_wlXhDcfsTP9CLRlhS_FRWOuvFpsjF69Xu1MNxA1yZdKVdoyTR8R1u5ZqJ6Ox_dsyzJFXrbuA3QfbckrYwJ6X2Fne8MwnG9t1_wS0d2CuWJmO5_G2KDWh7m5x78xuK3OhOc24T-45iMo-n2mf3KrmPuD3mqRwKRNS3LacOzkrSXfpKVCCw8h4uS5I7ujfzn8my4ZFQJ9TKVThCBnDwQ1Dys8HjVL2t_G18p3SkBavyrDPpuXQtydlCF5fiYlQWnVRxuGpgrD9EuM4An9WIJ1gWHsR4dJGF5lylZ7XwzjfpJUQQfKEu346zReCjDv4PpAa3DKV5WFO1hJhGIaBHHGCHDuQhopgTpB9WX8oTEX_7Izsk9WnpbqHN8iIBuIg_d7dQTLrC7NaqKDWaB0nuM2VQTdmsOy8TpfT9E7hl27HEx7a5ho7uFpWq3wd7LdsVEk8mRvGC_hsF1sPQxel_ucsEIN5QBFtoW0mZJT5u0txaLHYa4apwV1T4_H0BY6sCQbt8KHKk7GZT5uFbaWdpCN13fsBd7H9XnLJPpaOPMovKy_u1P8CCKzGOlxrq9rowv5nqKxZxkqepUWcBGT2yKfAZyojChuYRejfMHvn15TWu7Ukpek_AeOBfOQ9jSupLm1Wdg8n76s6hFXKSlMn3d481e0rrOBO54xRgCSEJIAvsfwVqNMqWMMW9VbuSgk4DaN34uQAnZZw3MAC_pvbbKtu8qIbgHR_m44Q0KKLOxkVm8ArsHSRndxsFAgC6omVMwFw4YMCz41w8dcFC1bpKr1yjpIq0KStAbDktXc9oczfGJh0rX487rRBMi74-feuSmm97_0nF_G1jAqVbNBVzszrWD22&sai=AMfl-YT_5AtKwoVRjxUJ1lZ0KzWjcTTj2X7IQZSQ5fy8QZRcxkuLUtRT24Qfb3DjKs76UvpEGPj4g1C2Pw1wOeAiDV_5n8oyCsrp3MGpMJNTImKc9s_YgHAF-JYZDmgTI4mzY46zBruk7J3b9A15zBkyWJPRQ_J1ZxWL-qXqfZo3QonRcoPftSjxgGUNderDM2GxvkLqRaXoTjBkjH7zID4nsxGoO4Pvq5T4j7RCasMCzVQ&sig=Cg0ArKJSzD12Z1CcM5F-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=213&cbvp=1&cstd=198&cisv=r20230802.47291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B70 22 KB
8 KB 22ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 215389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:13:34 GMT
expires: Sat, 03 Aug 2024 05:13:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame A54D 222 KB
61 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Aug 2023 22:07:47 GMT
age: 154536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Aug 2024 22:07:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame A54D 15 KB
5 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Aug 2023 22:07:47 GMT
age: 154536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Aug 2024 22:07:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame A54D 94 KB
28 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Aug 2023 22:07:47 GMT
age: 154536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Aug 2024 22:07:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame A54D 5 KB
2 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Aug 2023 22:07:47 GMT
age: 154536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Aug 2024 22:07:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame A54D 40 KB
13 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 04 Aug 2023 22:07:47 GMT
age: 154536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Aug 2024 22:07:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A54D 8 KB
745 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:09:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 bn_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A54D 4 KB
4 KB 24ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/bn_bl.png

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7028399bad3bbe5e2697578b154d9ccb2a19e0ac6d5d3a30a971613a24a1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:49:23 GMT
x-content-type-options: nosniff
server: cafe
age: 33240
etag: 7947165198653928952
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4248
x-xss-protection: 0
expires: Mon, 07 Aug 2023 07:49:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A54D 344 B
368 B 24ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 26596
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 07 Aug 2023 09:40:07 GMT

GET
DATA 200
OK truncated
/ Frame A54D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A54D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f2d8cb52a6b72997d8308e60341823baee93093b0ef10aeb5831412425ffe9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/18065340200342519808/css/ Frame 8BC2 16 KB
2 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0122cca42c95324410a42350611e34514a9f66bb9e67e12c723c35bc0008137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2201
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Aug 2024 19:17:15 GMT

GET
H3 200 script.min.js Show response
s0.2mdn.net/sadbundle/18065340200342519808/js/ Frame 8BC2 2 KB
687 B 40ms
40ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/js/script.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Aug 2024 10:38:05 GMT

GET
H3 200 global.min.js Show response
s0.2mdn.net/sadbundle/18065340200342519808/js/ Frame 8BC2 6 KB
2 KB 22ms
21ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/js/global.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Aug 2024 07:38:59 GMT

GET
H3 200 main.min.js Show response
s0.2mdn.net/sadbundle/18065340200342519808/js/ Frame 8BC2 5 KB
963 B 22ms
22ms Script
application/x-javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/js/main.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1450b746756fccd4cc696f99d4fcbefd0f44431b83378b57fe9160cd065f84a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Aug 2024 10:38:05 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8BC2 118 KB
40 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/index.html?e=69&leftOffset=0&topOffset=0&c=mIEMDGkJ6V&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 05:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Aug 2023 05:58:17 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame B9E5 0
498 B 180ms
85ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Sun, 06 Aug 2023 17:03:23 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 5413AFA5:99F6_91EFC182:01BB_64CFD25B_17F5C224:1ECFC

GET
H2 200 / Show response
adv.office-partner.de/ Frame 2D62 930 B
931 B 104ms
26ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 06 Aug 2023 17:03:23 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 13 Aug 2023 17:03:23 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9DF8 2 KB
2 KB 190ms
96ms Script
text/html 52.56.87.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=42812200095178404444554012408022&nw=1
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.87.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-87-167.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: deb7f58068dca93eb8a87f6b4ac7a4b489d98a62f929c8156ca54451ee0ca23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
last-modified: Sun, 06 Aug 2023 17:03:23 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 06 Aug 2023 17:04:23 GMT

GET
H2

200

activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336 Show response
8019191.fls.doubleclick.net/ Frame 7801
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336?

391 B
325 B

205ms
204ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336?

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

bf7362b3744c8e1ad5fbe770fc4ee766f8ee144e3dabfda3fe5b963b44799c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:23 GMT
expires: Sun, 06 Aug 2023 17:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 17:03:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame D80E 7 KB
2 KB 80ms
26ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=956357ab8c&subid=&uid=abf45b6630370048&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbPBxWtLPZLawGPTY7_UPjtuHmASm5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBPsBT9DlELkvPgjTzddtfxZz7ApHVfD9y776pbDvtHCqbpfzlo_uLDQV-BeIKtPA8MX_00gkjG8m0mkXiQokM133TFFYNK_1d3hfIvHnLUbsx_cRCcsWVEudB75SZueXDuzO8FWeQir_OVkZ2wPO_eBzszH3Ihd0zAheImWBOqNeJ0A-R9V-1DXc5sZBP9v_leARz75GNgSFWfrpuGf2or8lsvDfJEON-jU0FuXx1c3-4uO19mysuGYjuyU31PxqCeaVYAo1N7a3wYN727ozcD6okq3Hu7OwgCEYwOE9pnSusd56Zesh0gXJEen5JY7Glbv-GGsvJCdmb800Sf7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWXkZkH4pOkkjQT0qxSPUAtW8lFl-ZVWQzsO-dX7FXmKGpPu1HD0DXVgQBL1wMaTk68_Ogip9ciWwcI7XRg2QxjmecVnZWsBgB%26sig%3DAOD64_3vOidZO61shZXhwkYv_lU65echpw%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-DqUyodQyEA2yZ51ggimLpDUJeR_41EgPxPwcZ1MNCq7Mvq4y4RMq7Qnw4GWmsH72gMFevp1quMOBj-FqL6wcWQ8T6gnCCEw-zKoBTEMYfg7LS4mqjmSFPMWqgfctFzNHVtDYR4P_JU8mA3txCMPXZ-Ercv8CUXeGp9qjneEGIAtB3y8ZE%26cry%3D1%26dbm_d%3DAKAmf-DPUAlOSuD9f-1bO2qCyfriJBc75MteUSeuGNDxzUkG9b9sAFdqmRQTfielHvv0uSkB374bpUrJR9xzTr-5SihuDmRUtj8LGo-DHiMp6PZaoWo_sW-ZiaUm6l-4byNFe4qc3wQkfeUOqYD3WjyzInakA5snxmR78uUmT40CRjAX2Qeh9HZx0DjIknos5UE0CPHaI3vl_yciWS_96FhjA5Ext9Ah1-VZ_pMJNRlPzPNh9wHH8oTtfWGUHRH1tM8w5RqTR2Iordm3Ch-oTcsWsHRLWvDeHvfn2eBg7sNoPkWbBv-XawflJJlfxqxXUdI5n8pRuAGritp2y6Hss-Y7En5h4pj-a_Uv91vKDOKsisq5UOZePW6XL7P-zcY7T-XGxSNOPKqUB5Amb5mg2kpd-l3M6XF9kxgsNrYsxuObMVMjWfrj4VPoPjRdCTst6gvyit0GRwvkD8SHxN7xv4h4YM0s12GUyLmb5WB7RPl_6lMFSqXwDFulzwPysRj36xRgkjwBU4eCD7aaE0N91N0AycCyQ16EIvun4Q9bAi25akqEXkks5n54SaHCINvA4TmkoUD_SUpo1V0y8DLv0FHzsgtt0TARJxaxi5iIVqOSKRPIywFp8gS3lrSF-XZBhUssBqzV9mzw%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=7247717906705&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: adc2cbdadc3c8ba02f414a9de1f95b53478b56cd8faee5f2fdcb106064c488f9

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2002
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Aug 2023 17:03:23 GMT
Expires: Sun, 06 Aug 2023 18:03:23 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 9DF8
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
514 B

132ms
96ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFA5:99F6_91EFC182:01BB_64CFD25B_17F5C239:1ECFC
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=42812200095178404444554012408022&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 06 Aug 2023 17:03:23 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9DF8 43 B
703 B 347ms
212ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=42812200095178404444554012408022&pv=1

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame A54D 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://durba.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 201624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 09:02:59 GMT

GET
DATA 200
OK truncated
/ Frame 9DF8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9de765393ef39608a7145ec6847867def298ded203e6047134c9a5de7a6c9dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 34BB 41 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAvthgM1eKEg_8eylUAEYxGK8-cYFi6mQwdfRSK2FK0AenR8zcUMfu_TvA1CHZoN1BKwf3DW5Xj-YgyPzAFKHExzQDQcGZFrjuQvBFyC-IuTTORRXJmRiG-ZIoJG2VBVESdWzBAYva2H3JPdBmhaeIecDG84txEyEQhVRbsuNUQPYBZbk&cry=1&dbm_d=AKAmf-BWivu3UidUL_RxoDODiqcZiC2Gxp6l_ZCKvmM1ZSZbsbABPVMzvq_lKj9pjXIuu7gusY8eDmg9JLCgPpuwtg0L9m0Vgr20cOy23pqRc0iaaQWBSJqhIQ-8y5PD1Ae-Ha9ZoVvcwZ2zJtF96R9k2dhvlrd5apBkCn6PMFgkpqb5dL1lxMffh7S2S61J2Lp2IGlqIjE4Vd0AFWCQcSvbr3pwYzVHs3rthcuLW5P-Y9tjvSUHO0PoWQyR2GluDuIcnvNeaIcy-0LuMDrBHh3O_LskOCcSFyGpxjnHFrwAoOVXV-V0XtXUJiGQc_hVXFqvSa8cHPV_R5uwYDSls4fSmGBg0Gqa_LL4H1QERO_ZNzW5U6UFXm21Wvaj0DRBil6lKqjBjfDSEMrBByv-pTm0WnOJT7IKklgxZxfc6-C04pq8FGdy-ohEhyz3VXaCBtApWijbkUR1jFw2pu3u78HQzQ1_vkG7WrRHPZjEH2k2ThdUmKFJbzEzdsJpXLwYa1QKhXAiU4r4NEVQdG6crpTyQKjKl1hma7PAd3y6xYnQDc3TZT9LosTYlCW7O6AQd1ccSoAu8tehI7WgLNptC0nC7ex9kIHsyKFNFOGLo3Tl6tRDTNuK9H8WmSDltQ2jmwkrb3J9ZSxdUmjhb-U_jZtIPNXIiwzFkr0ExC3kfezgCFYHMtMPV1fQIvP3xxyihSFOopim8K_8WeRtNufGpFO-WCuuJe06VKYf2wGL5ZVD5JM4E9vs-yNbq7CzA6pmX7tDrg0Q5lqv2eqLbU9CbyyXPLGlvhPnYdhmyv1SsgNg8KaKqWongrv7sKP365NMdq6epKVy1-MbxiUvO9WrPXmTak5pRLtpG-98YseIT2X2o1inmXKId1F4naIy3sqKtLF_Y5QfG_EUiCSI8Y2c1rDF_K46bg8MBMj6JQu0fYTirdIQrdi0nStms8xyqFqDBKBc8utcUmX8EXhG8EyeJnCRpMRUmsk1Mo9SPM7TqorjIPkfY0zuczu7fytauLBpM-f5FEOfdxgN6k3QwsCDLe9_PlpMtw15Bf9PdrgfGmzN8v4x-iefsoJ7ZsRht5F97JGNUZ2OFQm9fBfuH4OXkT-JtvWdkXbrrCAzZYxfSOV9_49mwVD46i8Cnw6LmYOPfvVqOpwOlvZBVHO3LlTslDKh9upDvTlXgY_s6nfiU-mDr27eaDf3EFucMXzJea-aCTcV7a3ieT3KIeH3aFoneiE4lIs-ICQgA-Jz5anDGI-UaS4Xj54FC0OeGW86BBQ2H85mIG3LcMt3DpsD-Zv6rl-wLQVK91EwNjALqqHnhTv3WM9co6HDH0xAcv6COxHuGlAJXTSdtJPLIKmZzDRmlapE_X_NyIJQDOLYG4c9tIloyay84nPTye8eLl3_vpaWv4iWYxRveg0k-hKxTxFizmUy_2T6mCRNQDCnxhBlMjGSCaLgmc3MR5ZQM6q9QBnGRlWxjfChcnHV0EpwwrwTv1mNud0JFIxXKUc1goG-3CEm-Pv_rxBaqxwHeyfcuUZe5KXny-U-_RnN10cN4hVtA_miyozEmYoEYlF7sTOp4kS7kWsR3jbVftH9FNM3aHRpiqp6JoMvJjXb_56-_GJT_jJpEp5cXJt0560vtdSO02nEXfILDmvsepfjnBTd6-1NVp-7U4bJy5YWEY9tQvPqCRde-j91I5EWvBCBLDnfEcB9oipNMwIsahl1dh-m5cI5fZT5ilQob0geoZAbOy5hLn_F01WxzFNZa_PvFuv4KapXX1jQtbbRWkF-6khi6t-4QptAGkEoyWEfRVkGuu1dbE853otew7UxfF6lPuJPwzMyasJvmMENO84SoS2cQvE5naWtmWpkhe9lqqNQen9iPRpMegkwtzRrO4eO5-YKQLBriVpnmIQekRWR60Ghf5eLmGdP5Gz375qGtUQK49n1U0y2FLCAh58wke1c3-XsF4J-uWnl3rKr7PyA6rZSpeRGsFo4FqnnKxbMZZARk_uIt5uu4CzdS_cSID4exKL8kz3Z6tV7yaeYBjYpOwrvUy01RxmkIZvDTGCDWB5gT4zSLdLa8RUmJUIbIcbr414_2TQXZSGq6lFW2ottlujwg9qe8HZCDIrkLwqAc0DGLt-vBtapNGbeJW3ieeevgwz1HtOy7jY5XqRwZ5-LbsfJhT_kMcvbZMVYuRf6NFmn-fGfj75dlJyMb7Fm9tacQAAwwtnAU0gzgeOy6-1esEnpns20F8BB0pJr5hsdiEdcu-1NEwkKOTVwergY0eK3nyrM3kgSB4wb-U_bBGcU-AGZTBTDyNmO-t6T5h_Ff2KCMAp3NTUtibWL3ogSbSpsXD-_oii11gG0JxVxLiM2vE1VjGc0KxjkoY00GR-WC4wUpv8MTOMDUt3ZWi_iXKWxhbsPZ29lNzHXbjny47udnBCe7tNhEbCi3GywTs_uIezv5X6RggZ2hOQIbryRbpDv6j8CwvlzvYroHZsJCQu_LBbjBgXXJDfsiGX8gOZweTdsUsmFosXoSxcsmxP44_ZVZ9x-ROeCBidFjUwdHmeIvstoQEaX4HOdMOGZORdfAHY93jQkzaaPsCLC6lsGX8nrDQbj8zWYq6aeCdEoARioAChSzd1HLOWjfg7q0edQISnis-lj1JNyUUSfJAmLHuEjOA8nwEcZt9YppPvmU67sHCLZ_H_hsq07MtGUjsYipsFiXRG3UvZ-CTJeg38ryjZrtf3Y_VE3xp30BGhJREdMEPzh7WL0jfeY5ydFT_6hbNMBTj8V9cEKEzudTBuxUtX60aCL5yK301HyCKasaVOvgmU_2mn3OwhXGC5gcP6-GlKdKEaxRxx_TIrFWwrtmNdmiWp5GtFDPrNA--HzD2cAwNo_swvEzYKC7hJpD6gn-yLmqZSOKQ4Tem7sJjAqHSa_vagqSfdi9lTx2J4gOaEA0Csr5P2cLI0qUlafqD3WVpx6TxC3_TfKZB__H0pavKc-te85yJuuWXfOTur9vP9awyPADdomm7nlLjnFyMJQKtGP8-OIU1FRtG11Dz0mug0JYUopBB3kWwyLLEuHlsvyWX2Qw8QpW6oHGTGhELzFR36dILFYbRumNbfX8xvjoilgljhJvkDemJi5OAZ2XSsLwQz_R_vgfAPJtQi5tpAppuzJlOgEP2sUodTVxwbMc3V0kztOLSEaIE7oh_WWy2mazB0mL4E8Z3nuDoz8w2P4mmz1bTPuwzOPfzpuXwi4E7Btl9C8RtKsZKEmsYWmZb8XZWUZEXpEPFLslIfTIlycA5IGSOkh-hzFzO0YTv_c9c_6seaa9Omd0VOlcbg6yTozgd5uPu4NgfHzrf29RT1nGD6hqLCuTQbXnCIO7H2xPU92HM0xTXEVjJEdkavZ4iTS48bn77N0hgMMwgImen_T4g7MihZkAITnRZePnMSHGn8yR-gFier__rrhtTc5djDKKElO_RDEPAgUNJw5DV4-DRHgKjhCm78DkO1IC4dIQpbNEDdKqc1yVcZzEgDCL2UUOpScBI2hP0dll4Nu6cb8Lyls-KZaO2T8Kyz0VF06jm-elBnUe7dE6pJi8Xdlfu9d7oA7twxe1etsO6pUL-REHZffEb7oY4IvMg8phmUjHWRJqsyr1aLCfKW56O8VCaqMtj2FLPX_Ty9AR5KMLYmp7MbdAuFxvmgz5GQ2JTTHplKZ_L5GxZfWMsM3Rx-3RxlArvNp9qZ3IQwnAkI2oRK7D3QPvXdpY-U13GC9pKQ0BEg0nWgGTeo060xbpva40RacZeYwL6ZC0fhqwJ0xdAsS_sYkh9nYO7h3d4Camqcu01XwJwEr34ClDxcRU28b_xbzC6R1jY0vrdz9VBG6GsSPNlCmeQK_9D8uv2h0KFkFrOkrNaWTcAhXUl8wajlmke615DKnFEE-MmFEbU0IXQfKG4WuQyLRI1EVqPXRLbTC1BDF4_ubiWiajCfLZrwKtPL8FE_soRiVv3wJScRjc2Q1H5Sy-WuIxbdw6hcEar3uaY5DSaVFnjBcHtFK-4YtkZrdnR2EyLg8PoE7ipX3qQuKFVFUwYPof3TnymIR1osIbhDdAPbr5ff9HocRH0Tfd2dQM_bR78nZ9EzlzvmzAnnpJgyvyaWDjg_SuowVd9VOrWvb3U4XyAyQ1FACes1K0eAuqGSAakXWBKpRvx6tKnRGrJE2Y1isvNQd4prFwgH03cPlq9BAfVQ3qmiDGzJIcOpNmpjBVbc9x4Tfjrl8hwun5ku6cOj449Rl8EQbuOIsk0ubaR1SeqrExI8pY6rDFq1YtM7ybUtUc4cUK2lleh8UeA9tx0zEUa3-B7yI_iWVzOkKbvqwB5fMGLxx5D9pCGWfnW_QA6RRoM3cr7H3fuaVOwMWHw1bZzys-zPPKenzeo5HAG7QEvSAMqXgjEee-aAqaeqP1exjdbK2_ZSVcQvn9_oj4cGElC06aJbrzPW6pUCkmyjpgArQfnoCrUlI04_39WP749iRHHHru6a_c0KJqs6f2sN8XsFO8rWsLeAIqrMjE6slkq3vUiEG3A_71f12lcuyeXNfzEMCFom259sVF-5EGv3ECrwAMQpupSPJkw&cid=CAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fdurba.tv%2F&ds=l&xdt=1&iif=1&cor=16766767481847091000&adk=2857193498&idt=123&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:13:34 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B70 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 09:37:47 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 34BB 12 KB
4 KB 82ms
28ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1691341402400459&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 255b106035eddf1acebd5f6ab08baa9cef7d37d3a86ae49799e8c4f9e02dcd96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4230
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A54D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
28ms

Image
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/
Protocol: H3
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D80E 5 KB
682 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:18:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D80E 16 KB
16 KB 82ms
28ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7f01213c4360b07b2cab0e278a6f0e3d9c82db27f051cd790dcdcc534cdc1498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16231
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D80E 16 KB
16 KB 78ms
26ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f559b1ff6f5d2c60708f5e976242368c0185b1fa473bb15bef5914d935a1a0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D80E 15 KB
15 KB 82ms
27ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 09197e531d695fbbe73a9156fbf1149ce56eb8cc0c48c7ee22941928520eeb94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15527
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C8C 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 215389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:13:34 GMT
expires: Sat, 03 Aug 2024 05:13:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2D62 117 KB
45 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3051fc1741ef5cca93a3c583324f2cdb7fb9e8086df69c51362662913940c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45544
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 HelveticaNeueLTStd-BlkCn.otf
s0.2mdn.net/sadbundle/18065340200342519808/fonts/ Frame 8BC2 29 KB
21 KB 23ms
22ms Font
font/otf 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/fonts/HelveticaNeueLTStd-BlkCn.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21019
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Aug 2024 10:38:05 GMT

GET
H3 200 RobotoCondensed-Bold.ttf
s0.2mdn.net/sadbundle/18065340200342519808/fonts/ Frame 8BC2 165 KB
88 KB 27ms
26ms Font
font/ttf 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/fonts/RobotoCondensed-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89788
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Aug 2024 19:46:00 GMT

GET
H3 200 RobotoCondensed-Regular.ttf
s0.2mdn.net/sadbundle/18065340200342519808/fonts/ Frame 8BC2 166 KB
87 KB 32ms
32ms Font
font/ttf 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18065340200342519808/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18065340200342519808/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 21:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89507
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Aug 2024 21:19:22 GMT

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame D80E 0
150 B 76ms
26ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=42812200095178404444554012408022&a=6f37f9b1&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=42812200095178404444554012408022&a=b5e7ed84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8BC2 7 KB
6 KB 62ms
62ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2fd8dc7a362e1bedd6d91faaa15f96b8be6f491cbc226b7afe7f0dcb1547b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5618
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF7A 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbygYW9LPZNgC1rOAB4r6lPgPAAAAADgB4AQC&bg=!0tGl0YXNAAZGOVy5Zjk7ADkAdvg8Wtlubwm8rEx6vK9POPYvR1Ag872qDjXlKUsxNOnLE_4FFlGcCjOOODEt31EBjS4mM_JO-pICAAABfVIAAAAIaAEHCgAuYwGYjpWrI83GUk1JeKhG3fozPcweK-fwxCdO_nTW07oNHg6UWnmaov0BtJzNfZkC9cJRtjR_iRmsiurqte0IIB3l2ersdzdhgfCLuVxc1_BUQH_utpw5pkr7y30P4abzfdzZy6uWQSIyP1XzlTNBzp3nII8KxcmThz3VXICBZ1McYi9uO2G5swK3OhCUnBXrZY5pneTN1WPKZ0swlW1GYQuHlVbW5jiVp8IEM6pJeACXAVIwjmtNbJIXW_yIA52d_KKX6AUCEuRHZg_Cxr_wLCF2Z3QPDjLPT-UYrOcPWyoptJfdu9RMCy_QU_99brqeYCQfPmDJqmCOvdu6lFdLRRl2ndJwWq31-OdcySxLNuc7eN5c2bvYfBWiXc4n3R-1JMzemXW3q2UrVcj9lUmgleFZ7xi4w-OnH7orAR8shOGEdJhk8lqnrRCJTHmjS2n0eES-vBXFw1DYQYwCm1fvbJWqD_h2QdwlgnrNhEMVN67rT1S6G2XGNLnFuAJHmEkm0JI37dwWDU-IBWpe-yoRyZ_0M6mp843Oik_1VSMe739rn_wg14ZWbfpWpxq82yhH75yXC7SAwD-B-vpJOn5hyrscwXNA1_xHKnpC5vmW5OtemMW7fEUEOHfLBc5_JEHxsdJSxmUhLk5ZUtOzJLv5NJrp_wyCPx32YrfEXUL1JFADyMYFoop1THg1kZF4fzBIZ2a2x5AWqQ5kpDG5wNjq36YNaEHC-WIF3n1_PHtkBbO_V4rr3QDKa1-tR7pMmFabQqlGe1jVfF9BF3xDBMOYD47JGVnGNPUItKWXja1TvsrWxz94JzyyQKIyPssNFzGnD7u3dSVV4XS8aZSReqqqCMmRvADxV6v5CdDvV8ABsDpBT9s_Ei6wJ2FJGaWSNC7wuPc3LEC7efqSXIKd2JcNuH1-bnRudGRDsqQH9aYjEEZhGrWlO96WQCj9iWp_9Ge4_uS9V8niNH5_cPJ1_r12M1KjJAAooLjbA5mBHRE4OgEGaJU-xNx6EHDhvJdyHLZszBFP0Srmr4BinXb0-LrEHeQB971kD4YvfrzO4ALo4zfB57boIZQ

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal900019.redintelligence.net/ Frame 34BB 2 KB
1 KB 173ms
102ms Script
application/x-javascript 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=8e1bf1a019&subid=&uid=f3883499d419aa75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=1353712106443&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1691341402400459&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 062eef326bb30fd7824ff121950f72f59a78abd7fe59238cd352fe3b9459b7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 17:03:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41719900115455404444554012408019
Connection: close
Content-Length: 850
Expires: Sun, 06 Aug 2023 18:03:23 +0200

GET
H/1.1 200
OK UIBH_SUMMER-AWON_300x250.jpg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 8BC2 23 KB
23 KB 163ms
58ms Image
image/jpeg 52.218.106.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/UIBH_SUMMER-AWON_300x250.jpg
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.106.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 435f4c64af71e40d62f7cb1f4c4bec96a27bcbcf4baefada9572e5bccf401576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:25 GMT
Last-Modified: Fri, 19 May 2023 10:15:09 GMT
Server: AmazonS3
x-amz-request-id: D19NK6KNNXVDXBT4
ETag: "4e55632fd17018500a0f18a5c9dcba69"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23384
x-amz-id-2: wHHJ5LW4fKg0s9UWic/ssPlX+UspBYGV24DNolkzNuZ21ew1b6hSfiEhvs7WVlpwvY3U5PpZ3aA=

GET
H/1.1 200
OK logo_ushuaia_blanco.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 8BC2 16 KB
16 KB 162ms
63ms Image
image/svg+xml 52.218.106.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_blanco.svg
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.106.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:25 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:05 GMT
Server: AmazonS3
x-amz-request-id: D19V7SMS6PX2SN83
ETag: "e915bfb094df409135d1b25c9becfb88"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 16030
x-amz-id-2: 7fEDlRvBWbF187P8ZsUwy/hcKj6rZQpAK4DHJICaF0hgSLq9k28BQHk3J39kmt7I1178h0te6WA=

GET
H/1.1 200
OK logo_ushuaia_rojo.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame 8BC2 17 KB
17 KB 153ms
55ms Image
image/svg+xml 52.218.106.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_rojo.svg
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.106.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:25 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:06 GMT
Server: AmazonS3
x-amz-request-id: D19K6BR64A2MW52Z
ETag: "b0c04b645a75b4acf16eddd9b9c9e8d1"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 17084
x-amz-id-2: qywm3ceu4azbWJE6CeVFY7YEBIPDJD0mX2AX0dAlLqrlt7UEA8iQUocou8tVHtjITt+AF0+6SPs=

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F5A6 0
0 61ms
60ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstycQhxIaqV8ojCBPSTlerM1aJJkJmCm8qDtJXzfKHU11oMVOacxZ-2Is0OQ_UZLd_Tb4KHf09QkhNDTDCyeDMLQDgchR1WLudZHwuz2lhBNvv5WLeS43KgcSVwTrib6H3rRcL_O9tKNAh9THGfgFNvvFZz1_bqqMFI76FQQxsbXDYh0_Mi4Lqtcp4f9DJuZLHL6DLzBeL5NajnNsoAomb5DQbs5_vtStANU5PF8HqhjTe7SRy2suc9CxbkmJGF3r-2q1HXKbi7-e8pMNDoDVIzPOa7Ni1hYUuIT6rmmah5UjScr81I2mHKcwYk68qyAmDn4T50TKFUXy2RjgLx-UOLn8I19Xrcd7BFlc16JxwAMELHl9FPA-N8_hHZQEK_OJ3Qrr27r810Um6bYKz0KAA0uIOtNIzU3HpU-2W4Lha4NHn_wlXhDcfsTP9CLRlhS_FRWOuvFpsjF69Xu1MNxA1yZdKVdoyTR8R1u5ZqJ6Ox_dsyzJFXrbuA3QfbckrYwJ6X2Fne8MwnG9t1_wS0d2CuWJmO5_G2KDWh7m5x78xuK3OhOc24T-45iMo-n2mf3KrmPuD3mqRwKRNS3LacOzkrSXfpKVCCw8h4uS5I7ujfzn8my4ZFQJ9TKVThCBnDwQ1Dys8HjVL2t_G18p3SkBavyrDPpuXQtydlCF5fiYlQWnVRxuGpgrD9EuM4An9WIJ1gWHsR4dJGF5lylZ7XwzjfpJUQQfKEu346zReCjDv4PpAa3DKV5WFO1hJhGIaBHHGCHDuQhopgTpB9WX8oTEX_7Izsk9WnpbqHN8iIBuIg_d7dQTLrC7NaqKDWaB0nuM2VQTdmsOy8TpfT9E7hl27HEx7a5ho7uFpWq3wd7LdsVEk8mRvGC_hsF1sPQxel_ucsEIN5QBFtoW0mZJT5u0txaLHYa4apwV1T4_H0BY6sCQbt8KHKk7GZT5uFbaWdpCN13fsBd7H9XnLJPpaOPMovKy_u1P8CCKzGOlxrq9rowv5nqKxZxkqepUWcBGT2yKfAZyojChuYRejfMHvn15TWu7Ukpek_AeOBfOQ9jSupLm1Wdg8n76s6hFXKSlMn3d481e0rrOBO54xRgCSEJIAvsfwVqNMqWMMW9VbuSgk4DaN34uQAnZZw3MAC_pvbbKtu8qIbgHR_m44Q0KKLOxkVm8ArsHSRndxsFAgC6omVMwFw4YMCz41w8dcFC1bpKr1yjpIq0KStAbDktXc9oczfGJh0rX487rRBMi74-feuSmm97_0nF_G1jAqVbNBVzszrWD22&sai=AMfl-YT_5AtKwoVRjxUJ1lZ0KzWjcTTj2X7IQZSQ5fy8QZRcxkuLUtRT24Qfb3DjKs76UvpEGPj4g1C2Pw1wOeAiDV_5n8oyCsrp3MGpMJNTImKc9s_YgHAF-JYZDmgTI4mzY46zBruk7J3b9A15zBkyWJPRQ_J1ZxWL-qXqfZo3QonRcoPftSjxgGUNderDM2GxvkLqRaXoTjBkjH7zID4nsxGoO4Pvq5T4j7RCasMCzVQ&sig=Cg0ArKJSzD12Z1CcM5F-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=617&vt=11&dtpt=404&dett=3&cstd=198&cisv=r20230802.47291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: durba.tv
URL: https://durba.tv/united-states-announces-scholarship-program-to-empower-women-2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D80E 14 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 151117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 23:04:46 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D80E 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 220942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 03:41:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A54D 0
0 63ms
62ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9DG7WtLPZKzAGduR9u8Pt4SgwAjhpZ_vcZDg2v70Ef-Yz5WPDhABIOrou5wBYJWCgICYB6AB0NnKlgPIAQHgAgCoAwHIAwqqBLwCT9C6ol1UhTHu1kqzhTHa6X-SPpmS0vRX15MGqMbofLUYH58cEDZ7ePPV5fGhnHXVqfKCVWSIefj91OT4C5GX0uVstXwiD1SHzS6dsqilYFRWKTnj3y_9sJDdH0xOrmjHjyNwlFK_nd-ftYNf1YuPJyx6HzfYFjYcF8cb0aQgPGSS3M6YuL2zEjjzELKwh3ICDEhML4H_Ez9m1hUgBEEIG67O2ifGusbHUDGohpJKt5Nthi2a9dJXuJSZP1tki8fDlcxO2LpI2zJIEr_9dGewISu2M7JyUnWmLyI_sCwYYFWscEfAvE4tvypgd_7CBSF6VhWzZw88zu267cc2JKtRkxiiBXjhDGiLprEGy6dwsj8_u7CyFju0NRdJH5onYn4EId01dKIOJgg0k2GMExYiiKP07hIscVUpiVG9qsAE4am-96wE4AQBkgUECAQYAZIFBAgFGASAB56cz5EDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmogm0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLEC2BMN0BUBgBcBshcfCh0IABIUcHViLTE5NDA4NjM2MTExMDAxNzAYrdeUAQ&sigh=CQ4or8BDaQI&uach_m=[]&cid=CAQSTABpAlJWv-vgiwO8x3XWHo-O6A_-3zKjW_SooEAvToIYDDTd0ZYbg5Id3HeraiDuvYazicT-ClN8-CDvaOhhe7s-wpcDIkUjqNqP3FsYAQ&template_id=5028&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9DF8 85 KB
31 KB 102ms
24ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=42812200095178404444554012408022&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:13:07 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 12:12:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 51801
etag: W/"00a433fd3ec769592a019a218791a591"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: M18i8Ntl-2MWE15b18ou2gF1JUA7CkoRLi64y8IREMXKOTwr2roX1g==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 9DF8 3 KB
3 KB 95ms
26ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1691341703&Signature=YvIskL5GmodisPUkNx-Oalv6N-DNNnzD29zdjWiESXk0kcoceGpRZqLS0q5VioNaLi9Pz4CA4b~CbmkMauPX-l4fYstTqywIK5WLMZxTQuhziPJFgHRvR~C5w~~cHGi-1w72gRHN7rPYvwNcdRE7GqlqFhmOnMSAJgtdM7NKE8FaimeWpIqrSuIT8feftqzM5IzVdNhAmjGCZvj9kDpFqNF7W22F7Q~j1ghu4R388OIq8FVMvdyyfqu39R0Zrv~0PJN5m774JsXGyvIV3rzH50p1i6Rw-cItvMugz~H9W8Rl8K~e8-JY1LyokX4tliDgM6rr5G5R9qCvt9ECH3d6EQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 06 Aug 2023 03:26:02 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 49042
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: NifLPbk8ZsgkAd3et3LM_qKJ0GQX5KSSgu3Dcyz_Cjp5Cnw4TlqicA==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8BC2 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C8C 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:47:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2D62 263 KB
88 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

212f519bead8396d5d8cf964026c6052409fb731904f612e0a6ad97501078c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89707
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 06 Aug 2023 17:03:23 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 2D62 0
11 B 32ms
31ms Image
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&dl=adv.office-partner.de%2F&tdp=GTM-TBMT2SF;8857208;0;0;0&z=0

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ Frame 2D62 0
15 B 47ms
46ms Image
image/gif 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&dl=adv.office-partner.de%2F&tdp=GTM-TBMT2SF;8857208;0;0;0&z=0
Requested by: Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:23 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 2D62 0
11 B 54ms
54ms Image
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&es=1&e=gtag.config&eid=0&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&tr=1gaawc&ti=1gaawc&z=0

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 2D62 0
11 B 61ms
61ms Image
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&tr=1html.5html&ti=1html.1html&z=0

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 2D62 0
11 B 56ms
56ms Image
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&es=1&e=gtm.dom&eid=14&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&z=0

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:23 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D60A 42 B
64 B 129ms
129ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR4e0A5OIn1x98BIeGPmvnqzyl6sawya9tdvlFk4i0MkbgTh07k0g2TDxztHwL0wIFN9I8UG38_kAYibgLK_r1PAAaIUoSChP4kaqVckOrRrQVvBR_Et7MGYetlGcRW3TwQewRHpd_qvID&sai=AMfl-YT6RZwTyA3X5AgqHI65zCQt1sQo7Z-5qZWjlzV9npV4ddB_THns9H0REYhnFvZQP4645UdPXxyqKJRYu2eeRK_YPYyz-sY7PRUly8DBwS2_JkE_ZyG9dE6KFUt4XK4bdxiC_wf8pUyE0e5WsA&sig=Cg0ArKJSzMJqB_XR_LQ8EAE&cid=CAQSTABpAlJWyBySNVurOYYmx6sCP-v3XP_qEip1rrNbUcEJkxoxO5xGaF3RNyXHlQ03P9QqHNbbvhlR5aDJPZjcjsOMVT0VBQMQVATMel4YAQ&id=ampim&o=302,246&d=320,250&ss=1600,1200&bs=1600,1200&mcvt=1022&mtos=0,0,1022,1022,1022&tos=0,0,1022,0,0&tfs=249&tls=1271&g=100&h=100&tt=1271&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://durba.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame AFF8 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 09:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 09:37:47 GMT

GET
H2 200 dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336
adservice.google.com/ddm/fls/z/ Frame 7801 42 B
401 B 179ms
126ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIHVwtzByIADFcIGaAgdPOsHkA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5112641524918.336?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 2D62 0
11 B 35ms
35ms Image
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-TBMT2SF&v=3&t=t&pid=275132189&cv=4&rv=3820&tc=2&e=gtag.config&eid=0&u=AAAAAAAAAAAAAACA&ut=AABA&h=Ag&tr=5gaawc&ti=1gaawc&z=0

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:24 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

htlp Show response
futalis.de/ Frame 6C5F
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=41719900115455404444554012408019&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172

350 B
401 B

99ms
27ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=8e1bf1a019&subid=&uid=f3883499d419aa75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=1353712106443&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 17:03:24 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2

200

/ Show response
htlp.emp.de/ Frame 2549
Redirect Chain

https://www.awin1.com/cshow.php?s=2481820&v=14172&q=372914&r=296283&pref1=41719900115455404444554012408019&pv=1
https://htlp.emp.de/

2 KB
2 KB

100ms
21ms

Document
text/html

2600:9000:225e:9000:c:6264:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlp.emp.de/
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=8e1bf1a019&subid=&uid=f3883499d419aa75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=1353712106443&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9000:c:6264:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b099a62a5cefa0318a32b756f093b1ea01be0204e9431703d96443c03518d56c

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67345
content-length: 1898
content-type: text/html
date: Sat, 05 Aug 2023 22:21:00 GMT
etag: "359b1e1b8aea29b556258d1690e92290"
last-modified: Tue, 13 Jun 2023 08:52:53 GMT
server: AmazonS3
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-cf-id: XKL-Gyn92SQrq_VTRYVwWz0fPEeBuUXHLxk_AHbrlL4dWwlLNk-DSA==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: y9ThoJ.EG4u7UgOoGtF.SF_8AvHkGp08
x-cache: Hit from cloudfront

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Sun, 06 Aug 2023 17:03:24 GMT
Location: https://htlp.emp.de
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame 8969 7 KB
2 KB 81ms
27ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=8e1bf1a019&subid=&uid=f3883499d419aa75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYwvuWtLPZMu4GIuq9u8P182NoAem5b2gaa2VnKfJD_AuEAEg6ui7nAFglYKAgJgHyAEJqQI1PdpABHeyPqgDAcgDmwSqBIECT9CNR8rFf5LaRejI6j6EP2GhgPrl14VEI3U45LFx87ScSd5JXa-aMmu2s6qmGQuFNq9DFOdWdrNc586wmNXNaI_q3NLmBqcM2yMkToD1XRBIXZmDPwYdX1S1iZOgt_NKjgJsfL2aZ6IYQ1Z_6NYklXLfv8enkFSna2jUyewZjhvqaimwv6knxVIyyxEALPXrPirMHkrpT-AwD-8P-Udi2DGduCZotaldj_JZrc31w6wOcR3Htki5k7Iz8_HAOy-131XvYF_UzjfrC05s3sonFLM3SrQJIIPgl1BbEses2O2w3Y_F1IBt75wn36dj5atI_igkx6mrZ62tmWuz7AVzuv_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgTDsLECsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJWc-xVxWQLgwolzyXGqfO4ZBdWBnF2Eu7D-pcy2At_wWySq2zPfWj5aIbPo7cUHYWyz9ri3uw-VSDCniyoT4ExLNJZ5PWsZRQYAQ%26sig%3DAOD64_3sQcnTHQp31QfxW45c5FksviDY1Q%26client%3Dca-pub-7058574461577186%26dbm_c%3DAKAmf-Ad1B05WE59h6W9TFVlCAmLidjQxq4SvMvVNGlBrLeab98E64ER7UGlSfCvs5oPTFNYOVA4A6uANezWxrULwm8czMVGT76_LT5_slK0z1o3jxtAL27cZ6a2F0gTiIFrDXeK9K-cjVD9k28WqL3b_sU8IvHyn-pmI0kMK8Nz320tTOtg4Wo%26cry%3D1%26dbm_d%3DAKAmf-D3-fW3sd3j2Wtm9sYH2CQjid7gYpn4izCK6bZlmiYpeogpcvWurMuanz6NURvY0q0urAI4ZHWu47MHeGpL3Om0ar656D2OY9oUDdlcLo_rG8XGFvNrwjt5cW1QM8dnsEXY_Yor4v96c-KNUY2nJ5wU85U1mLiP_RsgoSghGPtxBSxXq2LQtTOSsRp0yjtRaUfvwj_6G4cufT-x7K3aFmhKhVTiOXqsrk0SJbcvPJ7XTfDadRN9IPPzTxkLpNTaGEupepaLDFIZW6Kbel5q2FyWFX01MwEbeAt8o3HDBOc1hbxaGGVDgBc0gpxajfwtUqAAAtmhWT2PJhJUtj8N0l9n69qqrx-OkC-gz8O-Prp3ZRwy3WQpUW33mmXghP5kmr3IUSft_44fCDgv2vZp-9xV_4Yl3UOOEZsuNp1bpNRqis7fitmyX3HqNamXHRLeqZd81yBTaRhMBknaF_N7Nb5aE691Ey7JpJeT8-kWM8ymIfpsOSl80kxKN6FFeRaB5Z_59adzoqAr7bEF45qmzyt5Al6IAKFnRPaoM_ClW5tc4-otL6xJv_ZuQgl5T7bWyTd_kJ1DHzhx5KZs1ppSm-90jYoRiecApOP6-9RUdaVKU2FB-UKLLRQKjRbLKubCKCgM8prF%26adurl%3D&documentReferer=https%3A%2F%2Fdurba.tv%2F&ancestorOrigins=https%3A%2F%2Fdurba.tv&random=1353712106443&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 87a093821ce54c932977c339590585470820d294119a60fc2645485dc5bfad80

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2073
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Aug 2023 17:03:24 GMT
Expires: Sun, 06 Aug 2023 18:03:24 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 34BB 43 B
1 KB 119ms
28ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?tc=ce02f64282534558b88ece024409f414

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 06 Aug 2023 17:03:23 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 06 Aug 2023 05:03:24 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1199
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 34BB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add16e554c79372399878715d7ffc503ce8a6b03de1a5ec1de1534d4b8373662

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8969 5 KB
682 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 17:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 15:21:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 17:03:24 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8969 13 KB
13 KB 78ms
26ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a998c5a90b29d21eebfe4841171875d2ec2efa9a118cafe7c580629d8485fe9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12998
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8969 9 KB
8 KB 77ms
26ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/43862/creativesup/DE-SSV-SN-TakkoFashion-NativeAd-1200x627-KW25-1.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 32cf7fb66bf895c2e1afca95f102ebeaf28cbf5ab0b7cdc07ca687270c63fa09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8517
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8969 16 KB
16 KB 190ms
137ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/38440/creativesup/72409_Teaser_Reachgroup_1200x627_4.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3a3618cec2476416b7a7e6216f57bc126966adb8c20d1ca0c9c2a0a61fd489bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16599
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B70 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTPWZW9LPZIyuC-2RjuwP6dOAGAAAAAA4AeAEAg&bg=!-Pul-6_NAAZGOVy5Zjk7ADkAdvg8Wjho4c3OaKmGJ6SToHY_blheJ438IBLq9pPq0F5mx21dnpYNjYvcmVjuIeDhmX_Eu7nVinECAAABh1IAAAAIaAEHmQL4qiQMMRj50hR2v4XAIlV9CbImiI8X1nL66zJ3AKGio_LP6ucHFRJKE8Beaq-aKKVQJKgHKWpvVgnzZhmTsWsOw7OR6NIjnFIFq3ZYbLAJM8-2kgNocA3CBduvseQOD9hQ3V7fWR0y3wmPVQAIeAaIwjPTAKStSt5aDWRStWgAu3uvQt1ElvrA90CzYBvuyuqTib2XRZfsB67J1e_E-reWchSEKBTLQIMPXGIUDXeUR5Kl4eLhw4pYeyF_9Nc9YYAGHDKhrGfZ0bNjELquld19URMyiufU6ocIY0qDH4Yv1vFvZqlZVnSBL4Gy9UoxhEJE82YzsUFLW_BfcUlgzk7C5ksh7K4A8glMpUcQpuots7Urz-0-_c6MnQUQVyALVorJqFgTALRHt-5ZSVvKJRtUOZmShNWkQexvNknYlIqPj_pa81ZzKYWpe9dN4Y2-qR-Fiy5VQ7-zxDIYd2upSOyOfkla00Hqq4B8ZqK230nSCg3CIj3ozQhhFxxbRuN48FSEsHKvrTr1YBFTBEMyfoI-uBu2xpRrJcKCFfN1_q7gkrKt8ketwYmfva9gXwebNNW88fesLvJOc0G6o73Q6UYawpKH3Bh5iUk8axxsrMNWuP9TQhuUm4iWhucIuddipHU9DR1AOYvrFbm8vmAEn7E9MefH95kq5DOKpV-PnXTPdYacWQ7xkCyke_w-uSCdvsSRm3VslTpCHefAXrf8HMV0V5HRjBRgFmiz3Ho4d1QLz9QeotSAvq56O9hX3oLOLash8eHwKe_grq7llpkcxiNzk6FCL3x6sZCyBtHD05s4w_pS1f6lfxyKUt4-SlIVWE0snl0INjyG4_DF5R9Tq-jnmBgWexs7kuYN9-TaNkLsen4HLF4H2r4iLO265SuQSzy6e9rRBkCWQPwwoCZ6tLW-UWzSebsNoGAwWZIDc12sdbecsVm2udIZyWs843Uap3YwnE7Y7VC9pZ3CTD1pDT4yZoWexAks5Dy6ulmgJud1PxsO7IcQYAYnMg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame 8969 0
150 B 78ms
27ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=41719900115455404444554012408019&a=a3aeed28&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=41719900115455404444554012408019&a=01e1cd07
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 17:03:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8969 14 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 151118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 23:04:46 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8969 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 220943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 03:41:01 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 6C5F 5 KB
5 KB 23ms
23ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2967351172
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:03:24 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C8C 0
20 B 131ms
130ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4WAgW9LPZP2PIoiQjuwPlZGuyAoAAAAAOAHgBAI&bg=!y8ilyJzNAAZGOVy5Zjk7ADkAdvg8Wt6kFXK_NTrJjGZrBnjGXUdhKDFdp9ulA9uCl5cNcPJC3SVXBLlqo0V_8bnfIbju1I7oJQICAAABP1IAAAAJaAEHmQLoZSGXMyTdw-Z_nNOBsN4ZzZcv59zlnUC1WkE7-9IRd4jGvfB1jRT-EpIVMv51KCa_mCzYY_SFeIizQv_G1Bg9zy1jlgLRizF-gNyrK0SceJ7vtOBzoOPx6M-3hOE9jjnK2b7iFk8fmvw0isMSR4N233Zwu-v7Hu5X4GvQEArvgduBt5xL1VWvOlsSY52pGXUCYZldOn-EFweQfdl3egBW2-poxF4QU7-iaZlBCJLlNZUIsRmCXYYoctxMi5HqfKq_c2ooam9S_9pxmPlMNuhuAet4opFCw-c93RhFeTi9zlo64kDvh4Y8tSRAh7B8OyIWimXligBBaoexKR-nOgnyFDR8efIQOx4-zp2B6dYWWjscS0ka56v7HfkOjd4XPFFUyEj-Hq-lUbvwDpaqMiC6fksAJijQVN_CTVe-C90UZHSC4U-m74zQEwCxlMI_9RrDNy1JrQSDpsyFOhr1ovozOIHP8XwrhmKQ5Sv76ST7GaQL5o9Q_Z5xEbI4SCVJVY50ecyNCpd_26LSemklFk2K0ax9oWFA3EeFi71maNwFWYpFsE6OPsCfH2yKuuwoKLAO9oDD1cOuE4mqt9EW5Vm5brqALnBT0Z6y4KaT-V2a3Yfw0j2JYRmRedA3bJjJBC4839jchiB_D3uim_TuFzvTZg4vnGsb12DkQivCtDzBZQ7K96zpbW0Bp9WoF2q9ps8BT_zCFWqOwO3X6t0YVQO3Fi-O544fbNNqURcZd7peLrBInezrVJ63Y00MyoU68ezg7RQWbbVboSTG1szCgkuC7vLFW8VJrPAaKqV6rKglaflYWLufUw0SS_okIb9i2ro84Mg0Wf61T4Lf4bA7mdPij8-HfJ9g5FQDibczFwqK02Gb9KbA1oxx0VccT9cxdA4doKRro3Rfavc7rXpxY4oDmpJOvcodL4V8nr6v_IiHJGfZdIm44QTMh7KJrbxW6dQj8Tlbv2-lJ-6y1evTj-ReoqK2KxqGdYia

Requested by

Host: 11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
URL: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F5A6 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFom51l3XKEgRxQUl0MMCILwzVdlwEKOUTkd0pHUQWBTLU9KrhleEBap9OWDp9iWz_-mRh0IcfPU_CwX61RymV8BPvOwtUgw0h0kzF0un-te8OZeam4vYIpyTPSdtShd3IHmfwRvBqQ2JV&sai=AMfl-YTUJq8O7PHYD_gjBNdr8SlrKaxC6jbRBzNmKn7gT0QOSR0WcTTJPeISwYoCcFXwQ2l92f3BK4JCj2thwjZ-L72UB7O0lN4lBaMTExlt&sig=Cg0ArKJSzA6BOyTFSCdsEAE&cid=CAQSLQBpAlJWFQ2WLIKa8cd_ynsr-sLHAfEBr6-saF_4abVn8t2BcoFyDGyo2pUTFxgB&id=lidar2&mcvt=1000&p=699,321,949,621&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=606243964&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691341402922&rpt=423&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9DF8 16 B
209 B 86ms
86ms Fetch
application/json 13.42.206.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.206.47 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-206-47.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 17:03:25 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 121ms
34ms Preflight 13.42.206.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.206.47 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-206-47.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 06 Aug 2023 17:03:24 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5A6 0
20 B 122ms
121ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8558598713150&version=m202307240101&ct=76&x=1&cor=8192380807348046000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DF8 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9584096653553&version=m202307240101&ct=77&x=1&cor=16049341340656742000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BB 0
20 B 122ms
122ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8662553042677&version=m202307240101&ct=77&x=1&cor=16766767481847091000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 17:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.durba.tv/	1970-01-20 23:25:01	Name: _ga_8M7BDLCXS4 Value: GS1.1.1691341397.1.0.1691341397.0.0.0
.durba.tv/	1970-01-20 23:25:01	Name: _ga Value: GA1.1.1526146155.1691341397
.doubleclick.net/	1970-01-20 23:10:37	Name: IDE Value: AHWqTUnc18QxtzbihaakGpsp3jYDEOF_PTk5zwMGfKDXdKHaMEaSF87mYPWxdfjL
.doubleclick.net/	1970-01-20 13:49:05	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 15:58:37	Name: uuid2 Value: 3750025720775047521
.casalemedia.com/	1970-01-20 15:58:37	Name: CMPS Value: 2225
.casalemedia.com/	1970-01-20 15:58:37	Name: CMPRO Value: 2225
.casalemedia.com/	1970-01-20 22:34:37	Name: CMID Value: ZM-SW1qe4JGIyJ.SghAmEwAA
.adnxs.com/	1970-01-20 15:58:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVToQ-O8!]tbPl1M>e)ZlrFUfJ+tGXxp:Z8:@n_Aj00:H@yDE]a@KC?]4w^NFRSvo7U_3If)y3KL9D3I?+eSZ`er
.doubleclick.net/	1970-01-20 18:08:13	Name: APC Value: AfxxVi7HyCaXqU-anlx9fPz72wY_RMV1SI7hdJkQDxoj-cMeuJ9aZg
.redintelligence.net/	1970-01-20 15:58:37	Name: 8lcfmzhxc8d6_uid Value: 64c80b7170b89c84
.doubleclick.net/	1970-01-20 13:49:02	Name: test_cookie Value: CheckForPermission
.durba.tv/	1970-01-20 23:10:37	Name: __gads Value: ID=eafda5e19d939d26:T=1691341397:RT=1691341397:S=ALNI_MYpodOCciWBOMFDBHN-Y1aDdKBTVA
.durba.tv/	1970-01-20 23:10:37	Name: __gpi Value: UID=00000c4ffad0f12f:T=1691341397:RT=1691341397:S=ALNI_MbM0ER2PFwoqCIIzNcAir5FXx2Hmg
.office-partner.de/	1970-01-20 23:25:01	Name: source Value: {"webgains_webgains":{"timestamp":1691341403946,"clickCookie":false}}
.awin1.com/	1970-01-20 13:51:54	Name: awpv11830 Value: 296283\|1691341403\|2734af50-347b-11ee-8c55-226543793aa5
.retailads.net/	1970-01-20 14:32:13	Name: ppb2172 Value: 2967351172
m.exactag.com/	1970-01-20 15:58:37	Name: exactag_new_gk Value: 715b89b5f7564cb39c4a11438f2e1d4b%7C05.10.2023%2017%3A03%3A24
m.exactag.com/	1970-01-20 18:08:13	Name: exactag_new_uk Value: 1d4205ba6d51441dbde6d3a04d504e84%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 35cb1b5914a144c1804f2a7e
.awin1.com/	1970-01-20 13:50:27	Name: awpv14172 Value: 296283\|1691341404\|276ed220-347b-11ee-b5a9-2261897cac57
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 372914:2481820
.futalis.de/	1970-01-20 15:15:25	Name: raSIDb Value: 2967351172
.emp.de/	1970-01-20 13:50:27	Name: HtLpTx Value: Awin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11a9b3d39b9ebe0d7dfc02b2147fad7d.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.ampproject.org
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
durba.tv
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
hal900022.redintelligence.net
htlp.emp.de
ib.adnxs.com
m.exactag.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pv.medialead.de
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
sync.teads.tv
t2ocreaspalladium.s3-eu-west-1.amazonaws.com
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
103.138.151.26
104.64.118.247
13.42.206.47
138.201.63.165
142.250.185.226
142.250.185.230
142.250.186.102
144.76.104.53
145.239.193.130
172.217.18.2
18.66.147.120
185.80.39.216
185.89.210.82
2001:4860:4802:32::36
23.35.237.56
2600:9000:225e:9000:c:6264:8240:93a1
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a01:4f8:d0a:2321::2
2a0b:4d07:102::1
34.98.64.218
49.12.22.42
52.218.106.200
52.56.87.167
78.46.90.238
85.14.248.71
94.23.99.218
99.86.4.53
062eef326bb30fd7824ff121950f72f59a78abd7fe59238cd352fe3b9459b7b9
09197e531d695fbbe73a9156fbf1149ce56eb8cc0c48c7ee22941928520eeb94
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997
10853de6f347a3d732fb3b00b21fc24852b691cc69804bbf5886a7b34188079a
1135e95b9d102ffc76a7ac50b9e2ba153b824975fb393acd25d98d0b033f845d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a0f5571bba02f136a154431d02557ff5fea56d65feb566f9ef0f3994fc6020
1450b746756fccd4cc696f99d4fcbefd0f44431b83378b57fe9160cd065f84a6
156aba2e743d45bc7e7c318f93d1a56cbf6aab6cafb40c9d52d32e53b4698389
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
212f519bead8396d5d8cf964026c6052409fb731904f612e0a6ad97501078c09
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
255b106035eddf1acebd5f6ab08baa9cef7d37d3a86ae49799e8c4f9e02dcd96
27b3ca49c133816c78267aabec24ea162b87352b45c0770638e5dc0f7456fef2
27bb9a7909da6f6cb7f7efe15b0455c1f81a0d4bbc907188f1c76ffab99d3630
285e5b51d1772ca942a380e84f4aa96547ef5081fe80c119d579a5cf4e198924
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cf7fb66bf895c2e1afca95f102ebeaf28cbf5ab0b7cdc07ca687270c63fa09
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a3618cec2476416b7a7e6216f57bc126966adb8c20d1ca0c9c2a0a61fd489bc
3d7aec717ce26b10029182302ebd741a118198568d1978e49c68d128a74c7385
3f7028399bad3bbe5e2697578b154d9ccb2a19e0ac6d5d3a30a971613a24a1c3
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
435f4c64af71e40d62f7cb1f4c4bec96a27bcbcf4baefada9572e5bccf401576
455810ec70b7efe60bd7900e984df4ead6ef604703bc3a8957201cc5346105ad
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47bd05f890f08bc94f9c793a5541edb9612a90b051ab4785ff65fa2aaf236ddc
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3f164fbd748c461898b4b78aa62a9f646a0c297b5c619189c61605bd8d2dfd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f288a114954b0efde62bbb8eb26b69ed469b74e839eb32ae8c31538fd255b81
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
52bf4e79953547be2f6a18a505b45195c2922c5aa53ec236c8c3fc4f2262caa1
538d2f693d349250b4e9432302676cac927443a059f6e6147d5285a817f83334
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a03e0a5514da49d858919d815cba1bacc4490a382f53b9a469326cb019ee55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5935cc076e7dc6c35c3f52108f2de092a26b2cb7e3581f9e4f9585f25df34703
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66b65720e9f538138875c542e7aedecacfda2a7fcb1c677733e396b7b21aafdf
72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55
77694c58d7ea7f2503a53c5064a70dea03129f4435c695ffd7d91be6ec8d0285
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f01213c4360b07b2cab0e278a6f0e3d9c82db27f051cd790dcdcc534cdc1498
8167a83c86e2127d11c1cd6151bdad64ac1d78c62393df15cf65d76d52b66561
82beb3975f3a23e0cf6d51a6dd5f6c2918cb58902cbb0a0a57eca15a16808cae
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
858e7b5065a5b009e2b3dd0b566f6013dc12bd30053dbffe07dd13dbd821717b
86f2d8cb52a6b72997d8308e60341823baee93093b0ef10aeb5831412425ffe9
87a093821ce54c932977c339590585470820d294119a60fc2645485dc5bfad80
87baebb6d0af6976a767cca90d600ec25f99b137cfc3ac275039da58bc504d91
8f32d2bcaf84f4e202b810b4f444683b51bfa13fb6a5d97e746ad0114776932d
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
94f8d7bd15aa29bd70b759dd1d041157a678c571a86f35d5d4528e080b1a2167
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9de765393ef39608a7145ec6847867def298ded203e6047134c9a5de7a6c9dbf
9df953c3ba85cac2dd98fe8bc4100af80cbe622cbc8979c8b79fd87e54ce24ef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7f3b18db82a5a99fdd7dc1d4f4fb743790d33ab73e4293f992afa24a6c5b223
a998c5a90b29d21eebfe4841171875d2ec2efa9a118cafe7c580629d8485fe9d
a9e9b6bc88e14ccbe87ca4e10301dbee8c20eaa9ae6da371386e9a2bd5e022f0
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abb15c464d26c1ec13135b9b8b39fd79de2f6be9b5664b34d59cef66c62817d7
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ada11c3f281c582ee26642d14f650c2bff75e4cba6c83cb7cefe539c4780ff1b
adc2cbdadc3c8ba02f414a9de1f95b53478b56cd8faee5f2fdcb106064c488f9
add16e554c79372399878715d7ffc503ce8a6b03de1a5ec1de1534d4b8373662
ae11617e429c8aff1d8a0c2efdd760e26b80c8b20335dea6ec970aa3d68fec2e
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
afeb0cd2b18eac36d6cabab4a4f393b2d37cea8b347a2016b8266c1b1f4b1bb0
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b09544f8b442237e54e3fce07568e0f7ab2883302204168b4c7ee0e0e461e4d1
b099a62a5cefa0318a32b756f093b1ea01be0204e9431703d96443c03518d56c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3051fc1741ef5cca93a3c583324f2cdb7fb9e8086df69c51362662913940c15
b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b9d111b6420f698c67110f8946a9e8509161940d3ec26c48933ee9c2289ecbd0
bb0923e457604b8169faec03f5251357c9f65d7a9e7404bba3b56dea6968f034
bf7362b3744c8e1ad5fbe770fc4ee766f8ee144e3dabfda3fe5b963b44799c25
c0122cca42c95324410a42350611e34514a9f66bb9e67e12c723c35bc0008137
c319c0707315d0c3ceb1077fa4421cc74b7abe466d26b6cea0672c2a136b9289
c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
ce8f9725f86eb3bc055a701ce0423d041e9372b4bd4b5d4aca154a0daf4dd3d1
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
d2b58cca69a4e16879b9cf17d55cb61c11c729b5378a7c06933af0d8359d23a6
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39
deb7f58068dca93eb8a87f6b4ac7a4b489d98a62f929c8156ca54451ee0ca23e
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2fd8dc7a362e1bedd6d91faaa15f96b8be6f491cbc226b7afe7f0dcb1547b44
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7035f7fddcf296a520091223d5add29d7c6aa63ac0072213fb7e2cb27c5bb0e
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
ee097d3a3aa53bf13132ebc0f90c6914c9d70d41d23a807cc866184d6194ac8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
f559b1ff6f5d2c60708f5e976242368c0185b1fa473bb15bef5914d935a1a0f0
fe54a69f8d788a5090b4c24197740d0cd1e1d23f802ac7ee5a1ce614bed1a97e

durba.tv Open in urlscan Pro 103.138.151.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

93 %HTTPS

45 %IPv6

28 Domains

40 Subdomains

40 IPs

9 Countries

2680 kBTransfer

6410 kBSize

24 Cookies

7 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

durba.tv Open in urlscan Pro
103.138.151.26 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

93 %
HTTPS

45 %
IPv6

28
Domains

40
Subdomains

40
IPs

9
Countries

2680 kB
Transfer

6410 kB
Size

24
Cookies

211 HTTP transactions
6 data transactions