jennifer4.com Open in urlscan Pro
103.153.177.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jennifer4.com/
Effective URL:
https://jennifer4.com/
Submission: On October 31 via api (October 31st 2023, 3:35:30 am UTC) from US — Scanned from DE

Summary HTTP 365 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 74 IPs in 12 countries across 63 domains to perform 365 HTTP transactions. The main IP is 103.153.177.10, located in Taiwan and belongs to AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW. The main domain is jennifer4.com.
TLS certificate: Issued by R3 on September 23rd 2023. Valid for: 3 months.

This is the only time jennifer4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 45	103.153.177.10 103.153.177.10	131657 (AS-FASTLI...) (AS-FASTLINE Hong Da Storage Equipment Co.)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
46	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
22	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.138.40 35.244.138.40	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	107.178.252.150 107.178.252.150	15169 (GOOGLE) (GOOGLE)
2	18.139.138.204 18.139.138.204	16509 (AMAZON-02) (AMAZON-02)
2	3.114.84.80 3.114.84.80	16509 (AMAZON-02) (AMAZON-02)
4 4	54.150.62.140 54.150.62.140	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.221.29 172.105.221.29	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	139.162.92.244 139.162.92.244	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	104.199.210.210 104.199.210.210	15169 (GOOGLE) (GOOGLE)
1	23.197.7.214 23.197.7.214	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.208.76.145 104.208.76.145	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.199.245.202 104.199.245.202	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:5800:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:8000:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.253.64.164 34.253.64.164	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
33	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 26	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 6	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
3 3	216.52.2.6 216.52.2.6	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	2600:9000:211... 2600:9000:211e:ec00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.210.34.203 52.210.34.203	16509 (AMAZON-02) (AMAZON-02)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	104.155.220.179 104.155.220.179	15169 (GOOGLE) (GOOGLE)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1 4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.214.211.17 35.214.211.17	15169 (GOOGLE) (GOOGLE)
2	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2	3.65.51.143 3.65.51.143	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:9661	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.32.50.234 45.32.50.234	20473 (AS-CHOOPA) (AS-CHOOPA)
365	74

45 103.153.177.10 (Taiwan) 1 redirects

ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW)
PTR: 103-153-177-10.as131657.net

jennifer4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.jennifer4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cell.adbottw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

power.adhacker.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.138.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.138.244.35.bc.googleusercontent.com

alliance.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.252.150 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 150.252.178.107.bc.googleusercontent.com

ifoodie.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.139.138.204 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-138-204.ap-southeast-1.compute.amazonaws.com

api.mdeianet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
provider-prod.mdeianet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.84.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-84-80.ap-northeast-1.compute.amazonaws.com

cdn.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.150.62.140 (Tokyo, Japan) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-62-140.ap-northeast-1.compute.amazonaws.com

v.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.29 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.75.214.136 (Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

breaktime.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.92.244 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-139-162-92-244.shg1.nodebalancer.linode.com

static.aottercdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.210.210 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.7.214 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-7-214.deploy.static.akamaitechnologies.com

cdn.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.208.76.145 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerads.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.245.202 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8000:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.64.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-64-164.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.184.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.180 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.6 (New York, United States) 3 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.34.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-34-203.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.155.220.179 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 179.220.155.104.bc.googleusercontent.com

brain.adbot.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.211.17 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 17.211.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.51.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-51-143.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9661 (United States)

ASN13335 (CLOUDFLARENET, US)

gene.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.32.50.234 (Japan)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.50.234.vultrusercontent.com

learning.adbot.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	898 KB
64	jennifer4.com 1 redirects jennifer4.com img.jennifer4.com	3 MB
54	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 ad.doubleclick.net — Cisco Umbrella Rank: 154	874 KB
33	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	558 KB
13	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	990 KB
11	adbot.tw brain.adbot.tw learning.adbot.tw	42 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	22 KB
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 us-u.openx.net — Cisco Umbrella Rank: 522 rtb.openx.net — Cisco Umbrella Rank: 695	1 KB
7	lndata.com 4 redirects cdn.lndata.com — Cisco Umbrella Rank: 397887 v.lndata.com — Cisco Umbrella Rank: 374781 cm.lndata.com — Cisco Umbrella Rank: 132817 s.lndata.com — Cisco Umbrella Rank: 331631	17 KB
7	breaktime.com.tw a.breaktime.com.tw — Cisco Umbrella Rank: 352634 alliance.breaktime.com.tw — Cisco Umbrella Rank: 327338 powerads.breaktime.com.tw — Cisco Umbrella Rank: 373844 gene.breaktime.com.tw	84 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	4 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	266 KB
5	adhacker.online power.adhacker.online — Cisco Umbrella Rank: 317783	23 KB
4	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	774 B
4	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	793 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	178 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 683	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	9 KB
3	adbottw.net cell.adbottw.net — Cisco Umbrella Rank: 350801	20 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	80 KB
3	hinet.net 2 redirects t.ssp.hinet.net — Cisco Umbrella Rank: 74825	639 B
3	ifoodie.tw ifoodie.tw — Cisco Umbrella Rank: 455508	12 KB
3	gstatic.com fonts.gstatic.com	164 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	291 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	326 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	910 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	207 B
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	125 KB
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	477 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	837 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	vm5apis.com vawpro.vm5apis.com — Cisco Umbrella Rank: 302281 match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 290052	4 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	mdeianet.com api.mdeianet.com — Cisco Umbrella Rank: 539884 provider-prod.mdeianet.com — Cisco Umbrella Rank: 578221	4 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	3 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	83 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 940	419 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	60 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	711 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	464 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	innity.net cdn.innity.net — Cisco Umbrella Rank: 38579	2 KB
1	aottercdn.com static.aottercdn.com — Cisco Umbrella Rank: 352467	103 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	605 B
1	breaktime.tw breaktime.tw — Cisco Umbrella Rank: 353374	741 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1148	344 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2603	400 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	pixfs.net Failed pixnet-network-falcon-asset.pixfs.net Failed
365	63

	Domain	Requested by
46	pagead2.googlesyndication.com	jennifer4.com pagead2.googlesyndication.com www.googletagmanager.com ifoodie.tw power.adhacker.online 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
45	jennifer4.com	1 redirects jennifer4.com
33	s0.2mdn.net	jennifer4.com s0.2mdn.net 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
26	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com jennifer4.com
22	tpc.googlesyndication.com	jennifer4.com 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	img.jennifer4.com	jennifer4.com
13	www.googletagmanager.com	jennifer4.com www.googletagmanager.com ifoodie.tw www.google-analytics.com breaktime.tw
10	securepubads.g.doubleclick.net	ifoodie.tw www.googletagservices.com securepubads.g.doubleclick.net
9	brain.adbot.tw	cell.adbottw.net brain.adbot.tw
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
7	www.google.com	jennifer4.com 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com tpc.googlesyndication.com
6	googleads4.g.doubleclick.net	jennifer4.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	region1.google-analytics.com	www.googletagmanager.com
5	www.googletagservices.com	www.googletagmanager.com 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
5	power.adhacker.online	a.breaktime.com.tw www.googletagmanager.com
4	sync.teads.tv	1 redirects googleads.g.doubleclick.net jennifer4.com
4	match.360yield.com	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	v.lndata.com	4 redirects
4	connect.facebook.net	jennifer4.com connect.facebook.net
3	ap.lijit.com	3 redirects
3	cell.adbottw.net	www.googletagmanager.com jennifer4.com brain.adbot.tw
3	lh3.googleusercontent.com	ifoodie.tw
3	powerads.breaktime.com.tw	power.adhacker.online
3	t.ssp.hinet.net	2 redirects jennifer4.com
3	ifoodie.tw	jennifer4.com ifoodie.tw
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	jennifer4.com s0.2mdn.net cell.adbottw.net
2	learning.adbot.tw	cell.adbottw.net
2	x.bidswitch.net	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
2	ads.travelaudience.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	dclk-match.dotomi.com	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	jennifer4.com
2	code.createjs.com	s0.2mdn.net
2	s.ad.smaato.net	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ups.analytics.yahoo.com	connectid.analytics.yahoo.com googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects jennifer4.com
2	www.facebook.com	ifoodie.tw
2	www.google.de	jennifer4.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	jennifer4.com maxcdn.bootstrapcdn.com
2	a.breaktime.com.tw	jennifer4.com cell.adbottw.net
1	gene.breaktime.com.tw	brain.adbot.tw
1	csync.loopme.me	1 redirects
1	secure.adnxs.com	1 redirects
1	m.exactag.com	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	jennifer4.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
1	s.lndata.com	jennifer4.com
1	provider-prod.mdeianet.com	api.mdeianet.com
1	cdn.innity.net	ifoodie.tw
1	vawpro.vm5apis.com	ifoodie.tw
1	static.aottercdn.com	ifoodie.tw
1	pixel.wp.com	jennifer4.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	breaktime.tw	www.googletagmanager.com
1	ps.eyeota.net	jennifer4.com
1	match.adsrvr.org	jennifer4.com
1	cm.lndata.com	jennifer4.com
1	gocm.c.appier.net	1 redirects
1	cdn.lndata.com	jennifer4.com
1	api.mdeianet.com	jennifer4.com
1	alliance.breaktime.com.tw	a.breaktime.com.tw
1	stats.wp.com	jennifer4.com
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
0	pixnet-network-falcon-asset.pixfs.net Failed	jennifer4.com
365	92

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
plus.google.com
www.books.com.tw
is.gd
facebook.com
instagram.com
youtube.com
www.walkerland.com.tw
icook.tw
www.instagram.com
achang.tw

Subject Issuer	Validity	Valid
jennifer4.com R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
a.breaktime.com.tw DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
adhacker.online E1	`2023-09-15` - `2023-12-14`	3 months	crt.sh
breaktime.com.tw R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
ifoodie.tw GTS CA 1D4	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.mdeianet.com Amazon RSA 2048 M03	`2023-10-26` - `2024-11-24`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
breaktime.tw GTS CA 1P5	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
aottercdn.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-11-29`	a year	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adbottw.net E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
brain.adbot.tw R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
learning.adbot.tw R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://jennifer4.com/
Frame ID: 429CD63AD486394BD66626267871AA66
Requests: 170 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 69253DC3C77CB1F6DDEB8EAA64A2EE9F
Requests: 1 HTTP requests in this frame

Frame: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Frame ID: 75F9BFA0433626A865CF9E7C2E9BC15E
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&adk=1812271804&adf=3025194257&lmt=1698719720&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fjennifer4.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698723319153&bpp=618&bdt=144&idt=833&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500710206899&frm=20&pv=2&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079081%2C42531705%2C44805932%2C31078297%2C31079177&oid=2&pvsid=4336634259696724&tmod=1067339704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=909
Frame ID: E5419AEE6E2645E6853B5563887DD944
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9874927516416876&output=html&adk=1812271804&adf=3279755396&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjennifer4.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698723320575&bpp=5&bdt=163&idt=167&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=8585601611374&frm=24&ife=1&pv=2&ga_vid=1174759540.1698723321&ga_sid=1698723321&ga_hid=1812648635&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=367&ifk=2688338180&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079079%2C31079190%2C31079265%2C44805934%2C31078301&oid=2&pvsid=2607031767033870&tmod=769978517&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C367&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5asmzsa0l07j&fsb=1&dtd=179
Frame ID: 3DD82B731542C3D4ED16F7D9B46A3240
Requests: 1 HTTP requests in this frame

Frame: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F1F00DA9917123D29A3E11B6C580BF8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=jennifer4.com
Frame ID: 467B4B84D83423BCE6B8DF46546A1EA0
Requests: 2 HTTP requests in this frame

Frame: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DE0430670DC29C78B4A0320E191014B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsYk8LF-gEwAQ&v=APEucNX0i_HKz7d2DN59qnIDJQzWxn1ZVSkHO2A9EIlfBiURslKws7Us0pR2fEBgLoh2SmK-IjhjJ5IaAtCcygCUkwqWXMSG2_KNfvfqFVQKdy2gYU1B-A2IjZnBB7UOEoTyy7UfTUCY9RJk0JwoEvoiIoUj6PFHGHvKYPNX011-4nmUQk4TraE
Frame ID: 9FF68A9876CE6E86FF251F7801D94E34
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3DD6B1D35762D8CD59AF967E689FB08
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9E656977637F362DC3DA6BB12A8017EE
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
Frame ID: 333EEC84DE69EA6FF3C474F64558E0F9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 76C9959356C5C7CA4165D4FBD02EB30C
Requests: 3 HTTP requests in this frame

Frame: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E79FEC8D6A463AA1302CC4907678977E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg
Frame ID: AED4DF1DC922287BBC17EE7A05C0AFB1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5924261FAC8EFFD76D4F789BAC992BFA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D07B977CDFFE2E7AC1D7EEAE4B6B7CB6
Requests: 3 HTTP requests in this frame

Frame: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DB00EF3AAB58444C7C12081F5ADC8EB
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP7J-PsBMAE&v=APEucNW7Czt2dCu_ww0cqoCcuIlr8dLUU0D3sRKlTIFAyhIRskiLkDsw61v4ijFTrTNTpVoC6x0fN5HQUfth25wrsIeEJC1t2AitVSjY-iHUUGrCay6riuEwjbBqark5k_RhrVuIe9NKXnR8yCtIl41hMpy1KaKeGo_YD66xnf9MIERy6wpJe50
Frame ID: 8EBA1631720DCE246BC23B5BB539EC8A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2827B6A9E4F4C53E9B7A4DC4B054AF7C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2341015DC0BBF23BF7DA3A275E0952A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250
Frame ID: 023CB995E603657B52EC03D6FF74619D
Requests: 6 HTTP requests in this frame

Frame: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7D534B5B878EAC60EC01B1678ACA010
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVuF8gKHZDNi5v-ouSrFzLzd4Wn2LdBtjTqciI5vGsSm3dVlXZ6zXh9rEgqxYv9I-Ab5HAtlVC4sJFV9nN2ga5R76hd14RJc_gLFTC4oiaOiSXgxQOqusOVFXdrvyxzYu92QRFLQUC73vJQvQzaEZJTQnAlysz3OgjFptbtG97Nz3oHI7M
Frame ID: AC0D58DFCC22366E429E236032EA896E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E624C4715EAF358C0A5E102A9B45036F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2E23FAF39440A19BAC9B2F57325FB1B3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
Frame ID: 948C9301484DA45E1F694497D429A2C9
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3521F180822816D4D59748852439E3E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D6D8957EA5B69747471D63AF9589811
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C4839F0F2A8C7882EE35A84B0747F0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC01DE1E1BCA4EDDA5FDD28463A66A1C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

真妮4吃喝玩樂燴生活 – 美食│旅遊│烹飪│烘焙

Page URL History Show full URLs

http://jennifer4.com/ HTTP 301
https://jennifer4.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

365
Requests

91 %
HTTPS

44 %
IPv6

63
Domains

92
Subdomains

74
IPs

12
Countries

7337 kB
Transfer

14972 kB
Size

51
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cooking-72/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E9%87%91%E9%87%9D%E8%8F%87%E6%9D%8F%E9%AE%91%E8%8F%87%E5%A4%A9%E5%A9%A6%E7%BE%85%EF%BC%8C%E5%81%9A%E6%B3%95%E7%B0%A1%E5%96%AE%E9%A3%9F%E6%8C%87%E5%A4%A7%E5%8B%95%E7%9A%84%E9%85%A5%E7%82%B8%E5%B0%8F%E7%89%A9%20-%20https://jennifer4.com/cooking-72/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cooking-72/&media=https://img.jennifer4.com/2023/10/20231024143725_42.jpg&description=%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E9%87%91%E9%87%9D%E8%8F%87%E6%9D%8F%E9%AE%91%E8%8F%87%E5%A4%A9%E5%A9%A6%E7%BE%85%EF%BC%8C%E5%81%9A%E6%B3%95%E7%B0%A1%E5%96%AE%E9%A3%9F%E6%8C%87%E5%A4%A7%E5%8B%95%E7%9A%84%E9%85%A5%E7%82%B8%E5%B0%8F%E7%89%A9

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cooking-72/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cake-28/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E5%B7%A7%E5%85%8B%E5%8A%9B%E7%88%86%E6%BC%BF%E8%9B%8B%E7%B3%95%EF%BC%8C%E6%BF%95%E6%BD%A4%E7%B6%BF%E5%AF%86%E7%9A%84%E5%8F%A3%E6%84%9F%E8%A3%A1%E6%9C%89%E7%94%9C%E6%B2%92%E6%9C%89%E8%86%A9%20-%20https://jennifer4.com/cake-28/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cake-28/&media=https://img.jennifer4.com/2023/10/20231020163605_19.jpg&description=%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E5%B7%A7%E5%85%8B%E5%8A%9B%E7%88%86%E6%BC%BF%E8%9B%8B%E7%B3%95%EF%BC%8C%E6%BF%95%E6%BD%A4%E7%B6%BF%E5%AF%86%E7%9A%84%E5%8F%A3%E6%84%9F%E8%A3%A1%E6%9C%89%E7%94%9C%E6%B2%92%E6%9C%89%E8%86%A9

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cake-28/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cooking-71/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%89%93%E6%8B%8B%E8%B1%AC%E8%82%89%E7%89%87%EF%BC%8C%E6%B3%B0%E5%BC%8F%E9%A4%90%E9%A4%A8%E5%BF%85%E9%BB%9E%E7%9A%84%E4%BA%BA%E6%B0%A3%E6%8B%9B%E7%89%8C%E8%8F%9C%20-%20https://jennifer4.com/cooking-71/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cooking-71/&media=https://img.jennifer4.com/2023/10/20231016174252_72.jpg&description=%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%89%93%E6%8B%8B%E8%B1%AC%E8%82%89%E7%89%87%EF%BC%8C%E6%B3%B0%E5%BC%8F%E9%A4%90%E9%A4%A8%E5%BF%85%E9%BB%9E%E7%9A%84%E4%BA%BA%E6%B0%A3%E6%8B%9B%E7%89%8C%E8%8F%9C

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cooking-71/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cooking-70/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%BD%A4%E9%A4%85%E6%8D%B2%EF%BC%8C%E7%86%B1%E9%87%8F%E4%BD%8E%E7%9A%84%E5%85%A7%E9%A4%A1%E4%BB%A5%E5%8F%8A%E8%87%AA%E5%B7%B1%E5%81%9A%E7%9A%84%E6%BD%A4%E9%A4%85%E7%9A%AE%20-%20https://jennifer4.com/cooking-70/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cooking-70/&media=https://img.jennifer4.com/2023/10/20231013174544_65.jpg&description=%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%BD%A4%E9%A4%85%E6%8D%B2%EF%BC%8C%E7%86%B1%E9%87%8F%E4%BD%8E%E7%9A%84%E5%85%A7%E9%A4%A1%E4%BB%A5%E5%8F%8A%E8%87%AA%E5%B7%B1%E5%81%9A%E7%9A%84%E6%BD%A4%E9%A4%85%E7%9A%AE

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cooking-70/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cake-27/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E5%8F%A4%E6%97%A9%E5%91%B3%E5%B8%83%E4%B8%81%E8%9B%8B%E7%B3%95%EF%BC%8C%E8%BB%9F%E7%B6%BF%E7%B4%B0%E7%B7%BB%E6%9C%83%E6%90%96%E6%99%83%E7%9A%84%E8%9B%8B%E7%B3%95%EF%BC%8C%E5%A5%BD%E5%90%83%E4%B8%8D%E6%AD%BB%E7%94%9C%20-%20https://jennifer4.com/cake-27/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cake-27/&media=https://img.jennifer4.com/2022/10/20231012121500_14.jpg&description=%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E5%8F%A4%E6%97%A9%E5%91%B3%E5%B8%83%E4%B8%81%E8%9B%8B%E7%B3%95%EF%BC%8C%E8%BB%9F%E7%B6%BF%E7%B4%B0%E7%B7%BB%E6%9C%83%E6%90%96%E6%99%83%E7%9A%84%E8%9B%8B%E7%B3%95%EF%BC%8C%E5%A5%BD%E5%90%83%E4%B8%8D%E6%AD%BB%E7%94%9C

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cake-27/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/dessert-25/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E8%9B%8B%E5%A1%94%EF%BC%8C%E4%B8%8D%E7%94%A8%E6%8E%92%E9%9A%8A%E7%9A%84%E6%BF%83%E9%83%81%E5%A5%B6%E9%A6%99%E5%91%B3%E5%A5%BD%E5%90%83%E8%9B%8B%E5%A1%94%20-%20https://jennifer4.com/dessert-25/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/dessert-25/&media=https://img.jennifer4.com/2022/10/20231004170252_1.jpg&description=%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E8%9B%8B%E5%A1%94%EF%BC%8C%E4%B8%8D%E7%94%A8%E6%8E%92%E9%9A%8A%E7%9A%84%E6%BF%83%E9%83%81%E5%A5%B6%E9%A6%99%E5%91%B3%E5%A5%BD%E5%90%83%E8%9B%8B%E5%A1%94

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/dessert-25/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/dessert-24/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E9%B3%B3%E5%87%B0%E9%85%A5%EF%BC%8C%E9%85%B8%E7%94%9C%E9%B3%B3%E6%A2%A8%E9%A4%A1%E5%8A%A0%E9%B9%B9%E8%9B%8B%E9%BB%83%E7%9A%84%E6%BB%8B%E5%91%B3%7E%E5%A5%BD%E5%90%83%E4%B8%8D%E6%9C%83%E8%86%A9%20-%20https://jennifer4.com/dessert-24/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/dessert-24/&media=https://img.jennifer4.com/2022/09/20230922105433_96.jpg&description=%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E9%B3%B3%E5%87%B0%E9%85%A5%EF%BC%8C%E9%85%B8%E7%94%9C%E9%B3%B3%E6%A2%A8%E9%A4%A1%E5%8A%A0%E9%B9%B9%E8%9B%8B%E9%BB%83%E7%9A%84%E6%BB%8B%E5%91%B3~%E5%A5%BD%E5%90%83%E4%B8%8D%E6%9C%83%E8%86%A9

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/dessert-24/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/dessert-23/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E8%A5%BF%E7%B1%B3%E9%9C%B2%E5%A5%B6%E9%85%AA%EF%BC%8C%E8%87%AA%E5%B7%B1%E5%81%9A%E7%9A%84%E6%B8%9B%E7%B3%96%E9%A2%A8%E5%91%B3%E5%90%83%E5%AE%8C%E4%B8%80%E6%9D%AF%E5%86%8D%E4%B8%80%E6%9D%AF%20-%20https://jennifer4.com/dessert-23/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/dessert-23/&media=https://img.jennifer4.com/2023/09/20230918172430_94.jpg&description=%E7%83%98%E7%84%99%E7%AD%86%E8%A8%98%E2%94%82%E8%A5%BF%E7%B1%B3%E9%9C%B2%E5%A5%B6%E9%85%AA%EF%BC%8C%E8%87%AA%E5%B7%B1%E5%81%9A%E7%9A%84%E6%B8%9B%E7%B3%96%E9%A2%A8%E5%91%B3%E5%90%83%E5%AE%8C%E4%B8%80%E6%9D%AF%E5%86%8D%E4%B8%80%E6%9D%AF

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/dessert-23/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cooking-69/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E5%86%AC%E7%93%9C%E8%82%89%E6%8D%B2%EF%BC%8C%E5%86%AC%E7%93%9C%E7%94%A8%E8%92%B8%E7%9A%84%E6%99%B6%E7%91%A9%E5%89%94%E9%80%8F%E8%B6%85%E5%A5%BD%E5%90%83%20-%20https://jennifer4.com/cooking-69/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cooking-69/&media=https://img.jennifer4.com/2022/09/20230911171439_99.jpg&description=%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E5%86%AC%E7%93%9C%E8%82%89%E6%8D%B2%EF%BC%8C%E5%86%AC%E7%93%9C%E7%94%A8%E8%92%B8%E7%9A%84%E6%99%B6%E7%91%A9%E5%89%94%E9%80%8F%E8%B6%85%E5%A5%BD%E5%90%83

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cooking-69/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://jennifer4.com/cooking-68/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%AA%B8%E6%AA%AC%E9%AD%9A%EF%BC%8C%E6%B3%B0%E5%BC%8F%E6%96%99%E7%90%86%E5%BF%85%E9%BB%9E%E7%9A%84%E9%AD%9A%E6%96%99%E7%90%86%20-%20https://jennifer4.com/cooking-68/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://jennifer4.com/cooking-68/&media=https://img.jennifer4.com/2023/09/20230907153122_75.jpg&description=%E7%83%B9%E9%A3%AA%E7%AD%86%E8%A8%98%E2%94%82%E6%AA%B8%E6%AA%AC%E9%AD%9A%EF%BC%8C%E6%B3%B0%E5%BC%8F%E6%96%99%E7%90%86%E5%BF%85%E9%BB%9E%E7%9A%84%E9%AD%9A%E6%96%99%E7%90%86

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://jennifer4.com/cooking-68/

Search URL Search Domain Scan URL

URL: https://www.books.com.tw/products/0010866526?sloc=main
Title: 預防失智症的飲食法

Search URL Search Domain Scan URL

URL: https://is.gd/UQpXsM
Title: https://is.gd/UQpXsM

Search URL Search Domain Scan URL

URL: https://is.gd/uikeME
Title: https://is.gd/uikeME

Search URL Search Domain Scan URL

URL: http://facebook.com/jenniferhome666

Search URL Search Domain Scan URL

URL: http://instagram.com/lmj879

Search URL Search Domain Scan URL

URL: http://youtube.com/channel/UCqPXJJipgd7ssVhSie7McoA

Search URL Search Domain Scan URL

URL: http://www.walkerland.com.tw/member/articleview/jennifer/%E5%85%A8%E9%83%A8/%E5%85%A8%E9%83%A8/%E5%85%A8%E9%83%A8/0

Search URL Search Domain Scan URL

URL: https://icook.tw/users/jenniferLu4/recipes?ref=recipe

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/Cyp3sQDByRY/
Title: 生日大吃火鍋餐

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyneVuKBzci/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cyf7YcIvD7i/
Title: 吃到肥滋滋了

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cyf3sp6NgOZ/
Title: 偷個懶… 今晚沒有超慢跑只有～超飽

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/Cye3P6aBlnn/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CyJC7YtBF9i/
Title: 潤餅捲

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CyDvRxPhqB_/
Title: 玫瑰冰磚

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/Cx0az7IhOCd/
Title: 芒果奶酪

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CxzksfHBNdQ/
Title: 中秋烤肉

Search URL Search Domain Scan URL

URL: https://instagram.com/lmj879/
Title: Follow Me!

Search URL Search Domain Scan URL

URL: http://plus.google.com/106100451724424380656

Search URL Search Domain Scan URL

URL: https://achang.tw/
Title: 阿腸網頁設計

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jennifer4.com/ HTTP 301
https://jennifer4.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://v.lndata.com/i/a80486,b1453239,c4087,i0,m202,h HTTP 302
https://gocm.c.appier.net/lndata?cid=2310311135201123969&sid=1135202599739 HTTP 302
https://cm.lndata.com/?tid=4087&uid=ZOWEoEskSg95aGiFj8ARJyFqoTWDmhB7jEsdaD-docw=

Request Chain 72

https://v.lndata.com/i/a80486,b1453238,c4007,i0,m202,h HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310311135201368043&ttd_pid=77dj1uh&ttd_tpi=1

Request Chain 73

https://v.lndata.com/i/a80486,b1453240,c4137,i0,m202,h HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078 HTTP 302
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2310311135211131078%26flag%3D1 HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078&flag=1

Request Chain 74

https://v.lndata.com/i/a80486,b1453241,c4138,i0,m202,h HTTP 302
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310311135211447351

Request Chain 166

https://oajs.openx.net/esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp&cc=1

Request Chain 172

https://gum.criteo.com/sid/json?origin=publishertagids&domain=jennifer4.com&sn=ChromeSyncframe&so=0&topUrl=jennifer4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=N04LVnxTQWxlamRob2tlTkxhajBTbDZxTWQ0VmxtbGp5am5MYkdFMFdrQ040ZVpkWjg4TGdGeSthVExIQXBxemxYMGpLNlBITzJ4RWVBakNDdlNSL2tSTHNMQUxiZ1BhQTNJUlU0Rm9SVmd3aWZoRnVJVGZ0TFRRSnlSS2M0d2xDTXdhTUltemcrNUtOQ1pROVhmbjN6Nlk5UkdVN0VJWDJPUEdiaEhWZXpOUCtZTm96V0JJNG1lY2pHbTBsOUsyWENyV3ovTHFkL2tZZWd4bWhOYW5UaDdpRm5sOUhrbnZaVGtOczk3VHpRMkl3WXpWd2ZMU21TUDAvMWJCQjJJY0laWmtYUkFsdVg1SGRVS2tWb0hvcDJ2d09ScENhc2xLOUg1c2hFMEt0WnowNU02ND18&cppv=2

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUB1.ux86YAvymoMAqTjzgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1&google_hm=2

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELp24tEBw7V621RVvgMFVU4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELp24tEBw7V621RVvgMFVU4%26google_cver%3D1

Request Chain 189

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MzAyOTYxODQxMzY1NzU3Nw%3D%3D

Request Chain 191

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmRAQGudRvO8ZkgtwRF0oaDW2qejrosEMfn2W4RYX6CBnyvV9bZ2Vfj1DJn7dOAtH4EjqFyiV-EjGUL9JDJewNsgsbf0eexI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_push=AXcoOmRAQGudRvO8ZkgtwRF0oaDW2qejrosEMfn2W4RYX6CBnyvV9bZ2Vfj1DJn7dOAtH4EjqFyiV-EjGUL9JDJewNsgsbf0eexI

Request Chain 192

https://um.simpli.fi/gp_match?google_gid=CAESEKoyFJ2RmlSdjRvd8tC7RDE&google_cver=1&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU_-pbqeUxdU33o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=553DBA5909AA474590ABCD38433892F3&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU_-pbqeUxdU33o

Request Chain 193

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0y8ZUyU8TERSUh55ZXjwQ&google_cver=1&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDaWbmH2cNwpjE1VpihbcEy HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0y8ZUyU8TERSUh55ZXjwQ&google_cver=1&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDaWbmH2cNwpjE1VpihbcEy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODgwMDAxNTYyNjI3NDQzNQ&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDaWbmH2cNwpjE1VpihbcEy

Request Chain 194

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENpoqshj5hz6deSaj9Nka3U&google_cver=1

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEM_hOtrYt_jZKaLevwO0dQg&google_cver=1

Request Chain 235

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKm4HNiqMKcIangJQPh26tc&google_cver=1&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg1OjcFipq0QMe69qk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg1OjcFipq0QMe69qk&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

Request Chain 236

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM8lv5T3EvIudGyvhR2mH_I&google_cver=1&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2rjvepXCdLYk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2rjvepXCdLYk

Request Chain 238

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qfxs6LCmY7dY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qfxs6LCmY7dY&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

Request Chain 240

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBzwk4fbd6rZA6yVqKf5fXc&google_cver=1&google_push=AXcoOmRnMHqB3hZL28tk9KMypJi5m_lH-o9n9_jUrOw7K-Zhw-PNKnbdj-ezRasdXS4P4NP5KIIx1ygaI7_04wmeFKCGTJ-lGDX9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRnMHqB3hZL28tk9KMypJi5m_lH-o9n9_jUrOw7K-Zhw-PNKnbdj-ezRasdXS4P4NP5KIIx1ygaI7_04wmeFKCGTJ-lGDX9 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENO1996i7HsuS0FsTQHjcyg&google_cver=1

Request Chain 269

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM8lv5T3EvIudGyvhR2mH_I&google_cver=1&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3VQ_r8m7wioPxcQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3VQ_r8m7wioPxcQ

Request Chain 271

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_cver=1&google_push=AXcoOmT28nuIRO4H7wXmtWj9EdjNcd9nkyN4QyIIPGm2dqJoRcmRRu-YUFoX3li0FUvTx3RQFPWvfA-Vy0Ny9OlMv6z441hyqN-XoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmT28nuIRO4H7wXmtWj9EdjNcd9nkyN4QyIIPGm2dqJoRcmRRu-YUFoX3li0FUvTx3RQFPWvfA-Vy0Ny9OlMv6z441hyqN-XoQ

Request Chain 273

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGRoQ1xI_h7JAnJKUcvQsgJIopjyRMXi2bccJbe57kw9jyPH5gFrEzKiHpHVIyGe2nNj89IPbVeefTpfWKuY4tumU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODE1ODkzMzE2NTcwNTQ2NTc2OQ%3D%3D&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGRoQ1xI_h7JAnJKUcvQsgJIopjyRMXi2bccJbe57kw9jyPH5gFrEzKiHpHVIyGe2nNj89IPbVeefTpfWKuY4tumU

Request Chain 274

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEMk8w6zzgo0gZIcD6fkUhPw&google_cver=1&google_push=AXcoOmSmvdII3yoXUNxQfuNqjXRmwcy3JowFXKcxOBljgm-AGDVKNR00cC0OUPLCyMNIuDvWmEbiQhMLrlJI5ERy7g_HPj_2Lgn7svs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=516a0cd6-fc9f-44c4-a4c4-35989a273f49&google_cver=1&google_gid=CAESEMk8w6zzgo0gZIcD6fkUhPw&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSmvdII3yoXUNxQfuNqjXRmwcy3JowFXKcxOBljgm-AGDVKNR00cC0OUPLCyMNIuDvWmEbiQhMLrlJI5ERy7g_HPj_2Lgn7svs&gdpr=${GDPR}

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAjmTZh3f5qpf8Icr7-zh-E&google_cver=1

Request Chain 303

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmQaygM0jL0IV3cVzmlwMyVeOd1oS5a5Bq7obg3YSpf_gap7vb5Zl2J73RDdP7Yc0EUo6LHk7xdOE4DKaver7pGJw9Hmtz0f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVCMV9nQUFLQklDaEFBag==&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmQaygM0jL0IV3cVzmlwMyVeOd1oS5a5Bq7obg3YSpf_gap7vb5Zl2J73RDdP7Yc0EUo6LHk7xdOE4DKaver7pGJw9Hmtz0f

Request Chain 304

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKm4HNiqMKcIangJQPh26tc&google_cver=1&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNxNg3J_A51iLODUSfY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNxNg3J_A51iLODUSfY&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

Request Chain 306

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_cver=1&google_push=AXcoOmSGjjQG_JmE68Xa819F53FC8boFhroCm8an5vmxpJbpTygwxC3xXbxiMp6dTmAwMG5cVdmcaT8TFj0LGQhNhqbZpBrSD1KQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmSGjjQG_JmE68Xa819F53FC8boFhroCm8an5vmxpJbpTygwxC3xXbxiMp6dTmAwMG5cVdmcaT8TFj0LGQhNhqbZpBrSD1KQ

365 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jennifer4.com/
Redirect Chain

http://jennifer4.com/
https://jennifer4.com/

154 KB
28 KB

885ms
441ms

Document
text/html

103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 66b81cc9bdfa688a111a5c0f9656e0a39fc90290fb4d97f78aa41823944d2094

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 28795
content-type: text/html; charset=UTF-8
date: Tue, 31 Oct 2023 03:35:18 GMT
etag: "196725-1698147816;br"
link: <https://jennifer4.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Tue, 31 Oct 2023 03:35:18 GMT
location: https://jennifer4.com/
server: LiteSpeed

GET
H2 200 au.js Show response
a.breaktime.com.tw/js/ 114 KB
40 KB 182ms
43ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.breaktime.com.tw/js/au.js?spj=ZYDHF18
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 20 Jun 2023 01:51:40 GMT
vary: Accept-Encoding
x-azure-ref: 20231031T033519Z-760avq0gzh54zegt5h3qusb044000000023000000000at0d
content-type: text/javascript
x-ms-request-id: 83216103-801e-005b-5828-068a37000000
cache-control: public, max-age=1800
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 90ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be245f67780d22fe79866b087df99a3a08810bf55b08d6c5ba30c33d485a2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51585
x-xss-protection: 0
server: cafe
etag: 14608867017190688666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 sbr-styles.css
jennifer4.com/wp-content/plugins/reviews-feed/assets/css/ 34 KB
6 KB 236ms
232ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/reviews-feed/assets/css/sbr-styles.css?ver=1.1
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 53dc68501287c66e9f5516d02db1a696da711a988ff424f9d3506a7613c9b80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:29:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5747
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 sbi-styles.min.css
jennifer4.com/wp-content/plugins/instagram-feed/css/ 41 KB
6 KB 237ms
233ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.4
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: bc29e4a5be14bd3d21f7479ac02bfba19ff2a7a0419f1ae37a54362b4df857bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:28:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5861
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 style.min.css
jennifer4.com/wp-includes/css/dist/block-library/ 95 KB
12 KB 237ms
233ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 23:41:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11775
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 view.css
jennifer4.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/ 602 B
258 B 238ms
234ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-videopress/build/block-editor/blocks/video/view.css?minify=false&ver=34ae973733627b74a14e
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 08:47:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 203
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
jennifer4.com/wp-includes/js/mediaelement/ 11 KB
2 KB 238ms
234ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Fri, 14 May 2021 08:38:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2394
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 wp-mediaelement.min.css
jennifer4.com/wp-includes/js/mediaelement/ 4 KB
1 KB 238ms
234ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Fri, 13 Dec 2019 10:37:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 982
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 classic-themes.min.css
jennifer4.com/wp-includes/css/ 291 B
197 B 455ms
452ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/css/classic-themes.min.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 23:41:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 164
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 ctf-styles.min.css
jennifer4.com/wp-content/plugins/custom-twitter-feeds/css/ 17 KB
3 KB 456ms
452ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.1.2
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 616fd7be1c8c79ecbf65650556936e4e2134ec5b320e922efaddfff3c681f609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:29:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2927
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 style.css
jennifer4.com/wp-content/themes/zblack/ 57 KB
11 KB 456ms
453ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/style.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: dc73466beec122c7762580e1d70ed135978baccedf3dfa38d4a6a7623a80443f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10744
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 jquery.bxslider.css
jennifer4.com/wp-content/themes/zblack/css/ 3 KB
1 KB 457ms
453ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/css/jquery.bxslider.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: d53a26054d308844b2ccab2858a548c6f712c6fab0098212562584ee2aa59f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1047
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 font-awesome.min.css
jennifer4.com/wp-content/themes/zblack/css/ 30 KB
7 KB 457ms
454ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/css/font-awesome.min.css?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 83ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&ver=6.2.3

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:13:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 cff-style.min.css
jennifer4.com/wp-content/plugins/custom-facebook-feed/assets/css/ 17 KB
3 KB 458ms
455ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css?ver=4.2
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:29:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3138
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 77ms
29ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.2.3

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 1578992
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 86bdaf84cc6cb62999257c92f57e3b4f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81e8d8e82c1c37d2-FRA
cdn-requestpullsuccess: True

GET
H2 200 jetpack.css
jennifer4.com/wp-content/plugins/jetpack/css/ 98 KB
17 KB 458ms
455ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.5
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 08:47:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17275
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 wp-dtree.min.css
jennifer4.com/wp-content/plugins/wp-dtree-30/ 443 B
209 B 459ms
456ms Stylesheet
text/css 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/wp-dtree.min.css?ver=4.4.5
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 153
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 jquery.min.js Show response
jennifer4.com/wp-includes/js/jquery/ 88 KB
30 KB 459ms
457ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 23:41:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30376
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
jennifer4.com/wp-includes/js/jquery/ 13 KB
5 KB 682ms
679ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 23:41:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4603
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 wp-dtree.min.js Show response
jennifer4.com/wp-content/plugins/wp-dtree-30/ 9 KB
2 KB 682ms
680ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/wp-dtree.min.js?ver=4.4.5
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2364
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9767966869087000

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff04fbdf4d909193c492673a70fdaf74bb44b3718be4a8a99c5f2581f997c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51256
x-xss-protection: 0
server: cafe
etag: 16003809744770284258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7b63d0a48c5e325d251017852c0a6e7cbbe1c98a43af51311e3e2bc64069d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jennifer4.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 03:35:19 GMT
content-md5: diJGMaI9ZhG/g/pKcB/bWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints
x-fb-debug: eW2oRRKXG3H+JU3LFXOFgfUhji2K8Lia+kTnIj9H/7wQ54pjD20nVcwp5qs+/Q5KGTBBtQXCN0BEnvGdWOSq1Q==
x-fb-content-md5: 961b190f8ca59d4f95fb459e4f10deb2
cross-origin-opener-policy: same-origin-allow-popups
etag: "08fa04ce846d98084c3a3bf50dce555a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:55:10 GMT

GET
H2 200 20170909232452_67.png
img.jennifer4.com/ 15 KB
15 KB 990ms
876ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/20170909232452_67.png
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43db7e2f290d80dbff6a0f430191dfdde4eaa8778ae974cd6bead6f33d318be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2019 05:23:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7WN8xcxwsTXSaimUvoVQz71EFQIdQBVacR%2BPWvg%2FD3ekqYconAwYEIdQMdWqY6afX%2BfADIEKExvWTtCFuGom%2FysixX03m4d7e%2B80YOO3je7H%2FoFQmyNV2hYCAk7BCpPzOvT5alBZ8oSeRHTYAvMFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8e89f605b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15132
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 20231024143725_42-1080x610.jpg
img.jennifer4.com/2023/10/ 228 KB
229 KB 1190ms
1077ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231024143725_42-1080x610.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16e74b5834ba86642eb79bc39aa4350c94eb513dfb1d5906ecc9f42172ecc04c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 06:37:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zmJuDY6BRpNIQ5zo4fLWzsk0TWx1jtK9ogAkz0If0vUqRXCK%2FOhC7rO2rh6svHrQxAPxXCXx1n%2FR3UENvlLv5Adh0QRxpnkuzAYkr8ed0vGrLnlzQ9qL4ODvAkdqiIPoRCPgeAfC%2BE2x25rYwnt9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8e89f615b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 233409
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 20170510180838_37.jpg
img.jennifer4.com/ 24 KB
25 KB 851ms
846ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/20170510180838_37.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89114165fc1ed6fc8839646204d84b09aa3748a7b71086db66e04e2df0b8252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2019 05:22:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elthQifpPU3kbdMhPWjTp5bAv7RpFlJ%2BXE9hwxABv0SKwkUGOUNMhYOMl6Fi%2FM1tTcpzwicKq7PDQOPkwCa4D3tV%2FWAQecMiU%2Fdih%2FQBQjVfImJc6LdMtPX4WVcrBX4y%2FqrGeX%2BfmZTzBaVOyRSt0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ec98c65b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24909
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 /
jennifer4.com/about/ 122 KB
122 KB 230ms
226ms Image
text/html 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/about/
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
server: LiteSpeed
etag: "196271-1698143717;br"
x-litespeed-cache: hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
link: <https://jennifer4.com/wp-json/>; rel="https://api.w.org/", <https://jennifer4.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://jennifer4.com/?p=2>; rel=shortlink
content-length: 24975

GET
H2 200 placeholder.png
jennifer4.com/wp-content/plugins/instagram-feed/img/ 176 B
215 B 231ms
227ms Image
image/png 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/instagram-feed/img/placeholder.png
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
last-modified: Tue, 17 Oct 2023 03:28:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 176
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET adsbyfalcon.min.js
pixnet-network-falcon-asset.pixfs.net/js/ 0
0

GET
H2 200 postviews.js Show response
jennifer4.com/wp-content/plugins/wp-mop-analytics/js/ 422 B
270 B 231ms
227ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/wp-mop-analytics/js/postviews.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: a8981b430d4c419eb8e514265cc5f41b20c521a2b44dfc8723fcc78aa4745976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:31:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 215
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 fitvids.js Show response
jennifer4.com/wp-content/themes/zblack/js/ 3 KB
1 KB 232ms
228ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/js/fitvids.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1139
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 jquery.slicknav.min.js Show response
jennifer4.com/wp-content/themes/zblack/js/ 6 KB
2 KB 233ms
229ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/js/jquery.slicknav.min.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1920
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 jquery.bxslider.min.js Show response
jennifer4.com/wp-content/themes/zblack/js/ 19 KB
5 KB 233ms
229ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/js/jquery.bxslider.min.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4925
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 zblack.js Show response
jennifer4.com/wp-content/themes/zblack/js/ 1 KB
478 B 233ms
230ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/themes/zblack/js/zblack.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 02a0dfaac31356fb5912205adfc9acf2647ee7dcba718d09859495b53031ad20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 445
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 cff-scripts.min.js Show response
jennifer4.com/wp-content/plugins/custom-facebook-feed/assets/js/ 42 KB
12 KB 444ms
440ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.min.js?ver=4.2
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 23b7d97e49b583ca2949e8ef9a5b2badd67db17614d6e0934848f66d39d1dd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:29:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12653
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 e-202343.js Show response
stats.wp.com/ 7 KB
3 KB 79ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202343.js
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 20 Oct 2024 23:49:16 GMT

GET
H2 200 sbi-scripts.min.js Show response
jennifer4.com/wp-content/plugins/instagram-feed/js/ 27 KB
7 KB 445ms
441ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.2.4
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 03:28:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7357
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET
H2 200 wp-emoji-release.min.js Show response
jennifer4.com/wp-includes/js/ 18 KB
5 KB 445ms
442ms Script
application/javascript 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://jennifer4.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.3
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 23:41:09 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 07 Nov 2023 03:35:19 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 396 KB
134 KB 127ms
68ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=jennifer4.com&bust=31079177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a074a456bae0f510a3a62f159d9c90c0a26894e4a0689a13a69f01af1a634aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137530
x-xss-protection: 0
server: cafe
etag: 12048421809728698304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 6925 10 KB
5 KB 68ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4021545012034144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 08:24:10 GMT
etag: 4569948109300706969
expires: Mon, 13 Nov 2023 08:24:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gl.js Show response
power.adhacker.online/general/ 44 KB
13 KB 662ms
601ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/gl.js?spj=ZYDHF18
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=ZYDHF18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoeuZeBn0CRmVQCOh0KOSOxoBN8wJ-AsU_FqUemYqFJDJ0ngGtbOQXT9m2s75GXoNDspqNFNJcLNGi8Kt0OsIylsA
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Tue, 08 Mar 2022 06:49:09 GMT
server: cloudflare
etag: W/"32b3e2f8bc858fef8667539f0d56bb03"
vary: Accept-Encoding
x-goog-generation: 1646722149345795
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=S+qufA==, md5=MrPi+LyFj++GZ1OfDVa7Aw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s4Ywb08sp2tuYcjuuC%2FdlScoll2ldfIk5W8ljAMy8rmnbcObV66J1YOdmIPk8InRG7cPQVClqMsS6B0x59TWjBJ8QfqhmH3u1zMeMOKsGc60lShvmEYPn8vIVr91OvgcctVXGwntGEMAKS%2BFCF5Auevg04%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12217
cf-ray: 81e8d8ecfbe89a35-FRA
expires: Tue, 31 Oct 2023 03:55:20 GMT

GET
H2 200 / Show response
alliance.breaktime.com.tw/api/check/service/ZYDHF18/jennifer4.com/ 112 B
391 B 465ms
359ms Fetch
application/json 35.244.138.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://alliance.breaktime.com.tw/api/check/service/ZYDHF18/jennifer4.com/

Requested by

Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=ZYDHF18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.40 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

40.138.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0f634eab6fe03fe003e26f28b8d61ec723f67c18a66a33b6e41cf993c60846ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 google
age: 0
x-cache: Miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
server: nginx
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-language: zh-hant
vary: Accept, Accept-Language, Cookie
access-control-allow-origin: *
content-type: application/json
x-varnish: 45871632
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
67 KB 134ms
74ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2GSGWG

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

123dafca27bf43442846d02d6c94ad6f56eae6b36b9f4f9403b49f8c43a94af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68754
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 GTM-TN32RKN.js Show response
power.adhacker.online/ps/excl/ 72 B
640 B 980ms
920ms Script
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/ps/excl/GTM-TN32RKN.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=ZYDHF18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpuAOC3Y2s5vQBj4zPQv9-aKP83lePRMaM58IXBWNIghGJRX8iDyy19JWxxzkZHLyfgbvx7THRX9RjInsQnr6QfbQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 13:00:07 GMT
server: cloudflare
etag: W/"61a138921c394460a1d0c39b02131b7e"
vary: Accept-Encoding
x-goog-generation: 1698670807770882
content-type: text/plain
access-control-allow-origin: *
x-goog-hash: crc32c=KZhPgg==, md5=YaE4khw5RGCh0MObAhMbfg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvJVMeybxZp0ugiohtMmCAKmbwvcHQ2AKrsWiFicvcgHmAUKBbcyKt2SDu%2Bk6ViBE6JRJPhC%2BcN5j83vkEK%2FMvrtNuTe5Y9f1hyc8b6YLdtHI4WfU9nVtQeLu%2BoM2vMgOo1mlhkkz2TiyaR4C2rVcU4DIDc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 72
cf-ray: 81e8d8ecfbe79a35-FRA
expires: Tue, 31 Oct 2023 04:35:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
63 KB 96ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9bb67c5d2c319cbf5f3f9577fc999f6166acd2324f82bb52b9590a7b6e8a3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64437
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 137ms
77ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7a023e0c994779879d811aa2d508be73962ab6a450b5e1d054c5ceb2f0abddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77464
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 bttp.js Show response
power.adhacker.online/general/ 20 KB
8 KB 28ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/bttp.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=ZYDHF18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1411
x-guploader-uploadid: ADPycdsY2HUgl9yAkgms10eKlxa4b-ttsVCNXTuSISn4sbk32Z5crG9WF5-1fhMJY2w8ftcj9yTsipH6xKK470uKH1SUnHR2yj6Y
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Mon, 26 Jul 2021 01:41:08 GMT
server: cloudflare
etag: W/"4c1ad9b189d5f0ec0a687e464bb0c987"
vary: Accept-Encoding
x-goog-generation: 1627263668774739
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=KqZV5Q==, md5=TBrZsYnV8OwKaH5GS7DJhw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4TH3epXEyCRuINV8u2dx%2FKIWZcW91%2BesSGXkoKIeOPgqQkC91tHJtEGyacAL5W7SqGhHwIzaq7PRXEtmmrMfmr8gY7hargoaMB5M5CEe1lCC6FSGs0sb5%2FbaNR56lzcEeWY7JU6ewG9cvzrwp%2FfpZg4nX4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 6780
cf-ray: 81e8d8ecfbe99a35-FRA
expires: Tue, 31 Oct 2023 04:05:19 GMT

GET
H2 200 join.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 69 B
153 B 434ms
433ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/join.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 69
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 plus.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 79 B
109 B 434ms
434ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/plus.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 line.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 66 B
96 B 435ms
434ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/line.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 66
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 joinbottom.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 66 B
93 B 435ms
435ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/joinbottom.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 66
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 plusbottom.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 78 B
108 B 435ms
434ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/plusbottom.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: ec2fdad621bb30d4a9be0ef7759a40840c0e90fe9aa89b51248982d4662070e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 78
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 empty.gif
jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/ 62 B
92 B 435ms
435ms Image
image/gif 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/plugins/wp-dtree-30/dtree-img/empty.gif
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 152c84e46b3466b723a4cb9bacbbce881a1fd9af042dfa716eaf02df28d6ad7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 18 Dec 2020 05:49:00 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 62
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231024143725_42-1080x530.jpg
img.jennifer4.com/2023/10/ 199 KB
200 KB 1251ms
1250ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231024143725_42-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b7bf3f583a747a93b5ff3098818ceb8e9e5f60432da2dcca08b30c71b30f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 06:37:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29YEHKN5gYzYp7DyDcuEX%2BzRkNQq7imOORo2R82SZKwMVP7Mf4RxAAJsvZCXkOKiQ2vaFWegLxzovhXa7oOp5gevmnTfJFi5Bm%2BekRG5otoivx2j2cWtOCtZUhNI78tCNRvXywIiQQfOqrqg83%2BKUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8d55b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 203908
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231020163605_19-1080x530.jpg
img.jennifer4.com/2023/10/ 161 KB
161 KB 1267ms
1265ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231020163605_19-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54ccc52a3a62e658f07796f5fb6958ab614b45f216007e9fe7c2d47ad1214f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 08:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlrL1qyJ8XrkfkhGixRZo6Z3PrL%2F4cIzzXsjKLgiLB%2Bn29odSZ7iaYJv%2F2mFAU84y2DA9L0s%2Bh4euPJuD2bputDSyxaiZ1WOpqFJFhgjOS9tsPH2YUld2W3YQqt3SnDPEY11z637SIXRmdWcmiG2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8d75b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 164612
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231016174252_72-1080x530.jpg
img.jennifer4.com/2023/10/ 157 KB
158 KB 1081ms
1079ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231016174252_72-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3e457a0a3b636c10cd705c293d3dafd811ce21a48ef34f4f5a47dc12814358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 09:42:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqU6mlZ3qFjZ4bBqAFdzoOBqxd1MJ1xWcYik8etW1vs6NuOA5nqB%2B66q%2BPSh5rS4S1bGHE%2BwiLQ1rp%2BMKXSro4awZBeZE18ZKC8s8XCEbwItOKEH1w7HCyjekx66Xp4d2bDQBG%2FH9CHcgDdkp0HLsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8d85b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 160909
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231013174544_65-1080x530.jpg
img.jennifer4.com/2023/10/ 111 KB
111 KB 1042ms
1040ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231013174544_65-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101abeadc3215292bb65bca2a01045f2ae2f2c3e200d44585a1492c240d770eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 09:45:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVYRnq0DnerOPX7Oey%2BlQCvwku2HrWi02PF0o88iGAHrWEhFOl0UGSvvRRH%2FIofqU%2Biv8nOXpkMh0NbEnrR0uOp0fC%2BvdwEnD6b2Y1bmc%2Ft%2BQafFeYO2n4vdEjFA6QtluP9f%2FZMwui5EJKmpmGcU2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8d95b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 113170
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231012121500_14-1080x530.jpg
img.jennifer4.com/2022/10/ 118 KB
119 KB 1046ms
1045ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2022/10/20231012121500_14-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae05e6d7b6007543a64bb4fb4b12f226d984bb890d9984b2cd6a7cc9d76a1e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 04:15:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogNPT2ooYlumxJ1lvF4T30fMluiGD7IccavH5wqw7ihj22%2Fes1CMo3wTMg3df01wQgyjNnZlNmlzTsCN3y%2FAV8htZCIU45RmcsNPK3VG2FVqGY2USED5%2FduMTodnn0JckrJPfYIRiJ2UoaXLgAo18Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8da5b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 121149
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231004170252_1-1080x530.jpg
img.jennifer4.com/2022/10/ 126 KB
126 KB 1246ms
1245ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2022/10/20231004170252_1-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adca7b7aed131b00fa815d42aa4c3815bb0a1c71cd5fb7bf1694f9c8b4cc7549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Oct 2023 09:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsQL%2BaptrkZC4FKvS7T9ikdgl5EC62f8qB1D3WKno%2FVTbZbGEYj%2Fd%2FWdtfhjEOJvS%2B7J%2BaYTITp3LTTkbvo%2BxIAyW4VIx1jcr0Fzz7pjOUwnrq6Z5r%2Fyz6GTp1stsWvLiumYTllQcG9YxdS15RhenA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8db5b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 128563
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20230922105433_96-1080x530.jpg
img.jennifer4.com/2022/09/ 116 KB
117 KB 1057ms
1056ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2022/09/20230922105433_96-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b99dfbb46f8af62b648594d81ec752a0c4deedf87b833345b43f98221ee46f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 02:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz4uRx3wWPFEz6xfQmROfMVKrWWwWNcn%2FsAVNE7%2BqXG9fPnlGwGAwJzKkeJEc%2FWw8hl66upeMEMvwnuE9Cr%2FsjXL7Eu2zGxUyocsNPvWgwh5aDR4GervvWPT8O1SQuw%2BeLbViWfZuXpPB6gv6DfqSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8dd5b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 118890
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20230918172430_94-1080x530.jpg
img.jennifer4.com/2023/09/ 122 KB
122 KB 1063ms
1062ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/09/20230918172430_94-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc1afd3c4a84170ccf792346615f50e68f9b679c329dd345b27e2d994bdd7424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Sep 2023 09:24:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mHRfPg%2Blq9AGHkNI0cGZ2GTLJlboMqZrc3ugFMAOoOZd8RNVW8Y88UVOZakRTJis83Vwz0dgJ6N9Rbd1334uyU1ofbQAIe5m6U8ShkFRkw62EFSbbf3vOSv2k1yVDfpOGlnikXKIzAukgAI5cy6lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8de5b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 124620
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20230911171439_99-1080x530.jpg
img.jennifer4.com/2022/09/ 138 KB
138 KB 1053ms
1052ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2022/09/20230911171439_99-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3dd0f86adc5c104883883df6e1ae76c254f65e0444b968453110e76d5fb5786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 09:14:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe2iTOAPQEsqfyuaxGe6L7HWcs5uuOK3VTQv5294IVz6t4hHYYI3BIskFmQyOL4S5NUt1cbXGeVaxnrR1YaZ7pDThvCxhVEe65XGld4UYdU0jONO8%2BbEBAmPojW5LMnvw9gIvOCikKuyy1NQ%2BzE4Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8df5b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 141302
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20230907153122_75-1080x530.jpg
img.jennifer4.com/2023/09/ 160 KB
160 KB 1054ms
1053ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/09/20230907153122_75-1080x530.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66237b466c703a486fc0f6a02af9479dc57ec82f58f6f95496dc8b342f8241a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Sep 2023 07:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTwXJKQsioi63Z4UazhqtBVP8LH0jLOTx2MuKfkFUu1Nyzz300SJleGcvvxBVSEJEAhWP5CBIhJvigfAZ7ndah9qreA%2FagG%2F2qrDBu2YCZ7fMGigTsDyP4iQC8oiGhEbzDdR2YjCXCiXDHe%2F7z3cxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8ecb8e15b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 163631
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 searchsubmit.png
jennifer4.com/wp-content/themes/zblack/img/ 1 KB
1 KB 426ms
426ms Image
image/png 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/themes/zblack/img/searchsubmit.png
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/wp-content/themes/zblack/style.css?ver=6.2.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/wp-content/themes/zblack/style.css?ver=6.2.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Wed, 10 Apr 2019 01:27:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1167
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 72ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&ver=6.2.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 428142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:39:37 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 66ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.2.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.2.3
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 815868
cdn-cachedat: 06/15/2023 15:40:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1e68d0c3162bab1de5eb2296e40795b5
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81e8d8ecff2b1c9d-FRA
cdn-requestpullsuccess: True

GET
H2 200 iframe Show response
ifoodie.tw/user/56161fd32756dd731534a31d/ Frame 75F9 41 KB
9 KB 540ms
376ms Document
text/html 107.178.252.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.252.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 150.252.178.107.bc.googleusercontent.com
Software: nginx/1.15.4 / Express
Resource Hash: 43164bb861d5fd7ba9010cd8b0e604bea9e54e602ce90ca8748f54ff97d89884

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 03:35:20 GMT
etag: W/"a3e3-NTbrWcwqQLKGxwj1NWVpZ5MS6h4"
server: nginx/1.15.4
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
x-powered-by: Express

GET
H2 200 js-client.js Show response
api.mdeianet.com/api/ 3 KB
3 KB 820ms
181ms Script
text/javascript 18.139.138.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdeianet.com/api/js-client.js?key=e3cd9108-b4ec-4c7a-ac66-9b6bb2eb811a
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.138.204 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-138-204.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: a6744c72c1997b4835a6b7a80b83214cfadcbbf180fccce587e0536db0f3e4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 303 KB
87 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=4842f8024efd7d775782183a6b643c8d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

107d8d5e4f558bdfa65fc9c3463d694d43a1a126a9077142af1c31eebbec7d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jennifer4.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 03:35:19 GMT
content-md5: E+vR5VU3cq3yUPpLhq7qPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88503
reporting-endpoints
x-fb-debug: v66/iOyWYo2M9CwNKsL7izzSImdT0inURBDWH+owyAtrBDD6oGDDIJjmJmjGU0ICfdsfAQZtKnAScMDC/aoSVw==
x-fb-content-md5: b314cc05bba2a5c9f610c3df678742fd
cross-origin-opener-policy: same-origin-allow-popups
etag: "65509894e2fef164de7e4af8c61a983d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 30 Oct 2024 02:31:45 GMT

GET
H/1.1 200
OK collect.js Show response
cdn.lndata.com/ 11 KB
12 KB 1252ms
273ms Script
application/javascript 3.114.84.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lndata.com/collect.js
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.84.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-84-80.ap-northeast-1.compute.amazonaws.com
Software: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /
Resource Hash: 1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:21 GMT
Last-Modified: Mon, 10 Sep 2018 09:32:46 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
ETag: "5b963a3e-2c56"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11350

GET
H/1.1

200
OK

/
cm.lndata.com/
Redirect Chain

https://v.lndata.com/i/a80486,b1453239,c4087,i0,m202,h
https://gocm.c.appier.net/lndata?cid=2310311135201123969&sid=1135202599739
https://cm.lndata.com/?tid=4087&uid=ZOWEoEskSg95aGiFj8ARJyFqoTWDmhB7jEsdaD-docw=

35 B
470 B

1148ms
244ms

Image
image/gif

116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4087&uid=ZOWEoEskSg95aGiFj8ARJyFqoTWDmhB7jEsdaD-docw=
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: HTTP/1.1
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 31 Oct 2023 03:35:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

Redirect headers

date: Tue, 31 Oct 2023 03:35:22 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.lndata.com/?tid=4087&uid=ZOWEoEskSg95aGiFj8ARJyFqoTWDmhB7jEsdaD-docw=
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 107

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://v.lndata.com/i/a80486,b1453238,c4007,i0,m202,h
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310311135201368043&ttd_pid=77dj1uh&ttd_tpi=1

70 B
149 B

145ms
46ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310311135201368043&ttd_pid=77dj1uh&ttd_tpi=1
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 03:35:20 GMT
Server: nginx/cd14e69012e8f12f0d1671598153433632dba0bc
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Location: https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310311135201368043&ttd_pid=77dj1uh&ttd_tpi=1
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm
t.ssp.hinet.net/
Redirect Chain

https://v.lndata.com/i/a80486,b1453240,c4137,i0,m202,h
https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2310311135211131078%26flag%3D1
https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078&flag=1

0
125 B

305ms
305ms

Image
image/png

203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078&flag=1

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
cache-control: no-cache, private
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png

Redirect headers

location: https://t.ssp.hinet.net/cm?c=035221&cid=2310311135211131078&flag=1
date: Tue, 31 Oct 2023 03:35:22 GMT
cache-control: no-cache, private
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://v.lndata.com/i/a80486,b1453241,c4138,i0,m202,h
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310311135211447351

0
344 B

101ms
25ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310311135211447351
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:21 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 03:35:21 GMT
Server: nginx/cd14e69012e8f12f0d1671598153433632dba0bc
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Location: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310311135211447351
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1dd743428314900a9afccbeedd8acabaeab8f4196bce583bf36ffd98b7daff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51856
x-xss-protection: 0
server: cafe
etag: 9236821733863365721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
30 KB 117ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feb1be706a9d56318716bd69b368f3907c2ef3857cda6771efdaaf0dd5da88c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30192
x-xss-protection: 0
server: cafe
etag: 20 / 19661 / m202310230101 / config-hash: 9617840091010596719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H2 200 pmp_ads_cfg.js Show response
power.adhacker.online/pmp/ 107 B
623 B 27ms
27ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/pmp/pmp_ads_cfg.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6840
x-guploader-uploadid: ADPycdt9Sik6za8duJ62wLqwkyS9D18JcbtUm2MoTuibVGnUtaeUfbv8KVZSdKfi_zDUUNcyMn5gCwbFPCWOA9Lugnhk
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 May 2022 10:18:21 GMT
server: cloudflare
etag: W/"fdd79f0570565c33347a76493d27dec5"
vary: Accept-Encoding
x-goog-hash: crc32c=v6ttTg==, md5=/defBXBWXDM0enZJPSfexQ==
x-goog-generation: 1652869101996357
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFqRoTdFyPjRKx%2ByKOuzVhl3GrRwJkzyE8%2BKcc3r07KTVitDlMp55Jag3gvs1Q93l5KZctkgIrgT%2FcS7Jb81LLBITlTU73Cg30Dk0XVIj92KSB7ouJHmis0DDWeRseh05%2BQUyer6h3lFWXCW%2BILWUM8EV98%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107
cf-ray: 81e8d8edac379a35-FRA
expires: Tue, 31 Oct 2023 04:35:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EXP7T8L8LV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2GSGWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

002d1979ce0ea87e44eda8144b31faf92eb58bf86b3622ebb8fb1d0ca5b87b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2GSGWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea8c1ddc6c172bec15509fc6bd1d1f04b77f2919ec950d4e26494669d1b66ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2GSGWG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Oct 2023 01:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6338
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 31 Oct 2023 03:49:42 GMT

GET
H2 200 / Show response
breaktime.tw/affiliation/ 621 B
741 B 593ms
527ms Script
text/html 2606:4700:3031::ac43:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://breaktime.tw/affiliation/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f88b30b4223c42fec632e214f164fa42a2f37ce0579adced90b7bfb7b713af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1GADha52A68l5kZaEoP3FvOsyDNEEYN2jFVXxmVWYG9%2BZkXpPNl00yzs0qzDLxYAEPt8H19nwUNEhOhTgmPIB6SR6WupBBwCiDMU%2FfYy4s4OcMJLS6uLWNK43n5wqn1i4iNc%2BonPDqsjSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81e8d8f1bc4a37e3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 80ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jennifer4.com&callback=_gfp_s_&client=ca-pub-4021545012034144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4021545012034144&plah=jennifer4.com&bust=31079177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feebbd4e74fb5ba9765291e01e947b466906d5b220fbfa102909825f0433260d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E541 0
188 B 129ms
128ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4021545012034144&output=html&adk=1812271804&adf=3025194257&lmt=1698719720&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fjennifer4.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698723319153&bpp=618&bdt=144&idt=833&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500710206899&frm=20&pv=2&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079081%2C42531705%2C44805932%2C31078297%2C31079177&oid=2&pvsid=4336634259696724&tmod=1067339704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:20 GMT
expires: Tue, 31 Oct 2023 03:35:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=top-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 74ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EXP7T8L8LV&gtm=45je3ap0v882552765z8858872173&_p=1123210560&gcd=11l1l1l1l1&cid=1484857743.1698723320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698723320&sct=1&seg=0&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXP7T8L8LV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 74ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-34D08J2LV5&gtm=45je3ap0v890810521z8858872173&_p=1123210560&_gaz=1&gcd=11l1l1l1l1&cid=1484857743.1698723320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698723320&sct=1&seg=0&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 29ms
28ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-34D08J2LV5&cid=1484857743.1698723320&gtm=45je3ap0v890810521z8858872173&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 79ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-34D08J2LV5&cid=1484857743.1698723320&gtm=45je3ap0v890810521z8858872173&aip=1&z=1262437765

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 24ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=160957147&post=0&tz=8&srv=jennifer4.com&j=1%3A12.5&host=jennifer4.com&ref=&fcp=2210&rand=0.5664541339741618
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:20 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 394534554_3139512726342584_1125407462365260775_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 12 KB
12 KB 221ms
221ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/394534554_3139512726342584_1125407462365260775_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: daa0c2970e088fc8b0062dbc1165de1ccfb26687eb7f0de46893b8445a02a6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Sat, 21 Oct 2023 17:00:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11952
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 393495191_3678808895688855_2058213119723878002_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 7 KB
7 KB 221ms
221ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/393495191_3678808895688855_2058213119723878002_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 4aa4e7d47ae495651216ae5b5625e144146fcadd4c55e4ad77e794338d3f5578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Fri, 20 Oct 2023 17:00:17 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6850
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 393410983_23949645771349060_8182423391013258549_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 10 KB
10 KB 221ms
221ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/393410983_23949645771349060_8182423391013258549_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 49c6d65b4dba8e6d76974a11087bab2a938c49a4d8dc0594fc72fdaf779d1cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Wed, 18 Oct 2023 05:00:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9761
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 393641285_23949469154700055_167101744964969081_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 6 KB
6 KB 221ms
221ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/393641285_23949469154700055_167101744964969081_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 15135111f108d9c34bc4e055270d6021568da1d43e85de31b0d53f64db6cb783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Wed, 18 Oct 2023 05:00:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6092
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 392818872_1265295814241627_7511380039154862361_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 7 KB
7 KB 221ms
221ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/392818872_1265295814241627_7511380039154862361_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: c6b10bd7f3574ce25dcc4a766476902554f7928b4d8a336c868c81b7d1d569b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Tue, 17 Oct 2023 03:30:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7444
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 386829365_662781472511696_1205921732619836506_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
4 KB 438ms
438ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/386829365_662781472511696_1205921732619836506_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 9c62a2778f1392cb784b0592bfe3fc6804cdd0ee1dcedea4faaade38ed428295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Tue, 17 Oct 2023 03:30:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3712
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 386362955_286311580963107_6080706692977874588_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 7 KB
7 KB 438ms
438ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/386362955_286311580963107_6080706692977874588_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: b8f46d01a1673daa7a5b307436e04d79695181bdcde1ed3c4b22bf00bbe9fa01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Tue, 17 Oct 2023 03:30:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7414
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 385125921_338608005361160_8348514146417873946_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 8 KB
8 KB 439ms
438ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/385125921_338608005361160_8348514146417873946_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: e01afc77d59042df44454c3dd2669bf150061985dd79ea8086fe11473748b805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Tue, 17 Oct 2023 03:30:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8619
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 385030790_1817900035279707_4143222944314176838_nthumb.jpg
jennifer4.com/wp-content/uploads/sb-instagram-feed-images/ 10 KB
10 KB 439ms
438ms Image
image/jpeg 103.153.177.10
AS-FASTLINE Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jennifer4.com/wp-content/uploads/sb-instagram-feed-images/385030790_1817900035279707_4143222944314176838_nthumb.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.153.177.10 , Taiwan, ASN131657 (AS-FASTLINE Hong Da Storage Equipment Co., Ltd., TW),
Reverse DNS: 103-153-177-10.as131657.net
Software: LiteSpeed /
Resource Hash: 4882d78696d87a2caa676ad463cf0c10edd58e837cce27c3f61631218f9b0f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
last-modified: Tue, 17 Oct 2023 03:30:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10653
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231020163605_19-1080x565.jpg
img.jennifer4.com/2023/10/ 168 KB
169 KB 1054ms
1053ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231020163605_19-1080x565.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c181079260c18fcc52e6bfd658ab7076237a84a24e1f4346d26e80e20cf330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Oct 2023 08:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHOHi0MwqJ1dZR7hwjaFSZAo2EYQV%2FZSf2gapSKOyf7EjgePuul8uV7JDU9sQbOlNGZOYVAN6EwqnpjpfwRCD16QJIntBBmqRQKn2Pyz9d8KLsGgQGBHR9Rik9sU%2BTNZOxKbtIsG%2FqgWC1mYN9%2FRjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca015b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 172250
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231016174252_72-1080x565.jpg
img.jennifer4.com/2023/10/ 165 KB
165 KB 1047ms
1046ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231016174252_72-1080x565.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd792543ee3f33a6e21a6f03050c1c3b5ad773a06b33d2e50b1faf427b17c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 09:42:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIXKaXDjuGRL5ctC9JmjmchmCan7TMfnmfJDbdgVuVO64lXJWTpYuTqlsE7Q%2FdagZBWtDZpFcH%2FuokEazS8a%2BLZTv4lVKJiT%2FQQU3ltSzalF0kYoiJByFIMzOtL3nX5KSYhuME5LtSUBt7ZlPABD4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca025b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 168651
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20231013174544_65-1080x565.jpg
img.jennifer4.com/2023/10/ 115 KB
116 KB 1050ms
1049ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/2023/10/20231013174544_65-1080x565.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af25596021c4e799a0e73e1aaf6bd48a6fefcffc341b0d342c69aa4cf61d9b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 09:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0MHMeSYRCIvMOR%2FelTDcCFFy6ROzh6KvDIsdnPDFz5A1MF2e4Rr7BvseIs%2BQNYJoDeFMMsVerLpI%2FlolIH6Olp9ePoaR2fdV69FAVBWjeka1bvKZUNjTG0y6OKQQWuccwN%2BbJyLDSxhqmwfQQVCaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca055b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 117874
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 1597366426-d12d8a5acc6c8d9d7b3c4c189848fdc8.jpg
img.jennifer4.com/ 169 KB
170 KB 1048ms
1048ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/1597366426-d12d8a5acc6c8d9d7b3c4c189848fdc8.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: becf9725f0d23bf66a66c5c8cff6ad88fc0a515c767479a9b2069f405899710d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Aug 2020 00:53:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqsxpZzlAZ4VBJ%2FzMaxuiPfCDaHj24dM85ApZQhDBFBa1lx1LSkwixUsDhQulGfC6iTb8botV0bDIrDOU%2FRyYX8bUDymPCSS5dCZcYxjjd1mICZjbrQLQvjedr08gDddTmPFnrd%2F8PT%2Bje3VYgAvMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca065b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 173213
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20170614145301_34.jpg
img.jennifer4.com/ 14 KB
15 KB 847ms
847ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/20170614145301_34.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0caa295b48705699cf1728871073544a3ce10c58ec8cafd2d5f26d903b0dde6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2019 05:22:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IOqR%2BKhbeEDQrEhCOYd6cf4yEuqe3NpS9lNqi2J3ZFEcmgO4jETxQCi2Xj3CbzvRaHIR6JmsJOLpenDLzvWM%2FnSGmGrzZbzbcU7PnI%2BvKibp4EMhV76A6uM4Qs8W9ddqe8aXhgsj5684RJ1QnBsIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca075b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14550
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 20170614145257_97.jpg
img.jennifer4.com/ 12 KB
12 KB 643ms
642ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.jennifer4.com/20170614145257_97.jpg
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d9a007f450ea4e604862843d16c43c00af8416d6de35a6618d0da0fe1e8811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Apr 2019 05:22:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1KvsFbSvW6%2BDcxKqENnWoYzj4yo8FC7O84ikvTB78myU13susq0mZMqEJddp6dOw%2FOyJEf1f1pHP2086DulfYrSPvqyeUMIrJBAEhSgmrgy9%2F7EyrCMO5nEzxjEGoGUXAWhFuWIFq6%2BRyaSTsTbPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81e8d8efca085b98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11938
expires: Tue, 07 Nov 2023 03:35:20 GMT

GET
H2 200 prebidConfig.js Show response
ifoodie.tw/assets/js/ Frame 75F9 18 KB
2 KB 22ms
21ms Script
application/javascript 107.178.252.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ifoodie.tw/assets/js/prebidConfig.js?v=1.0.7
Requested by: Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.252.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 150.252.178.107.bc.googleusercontent.com
Software: nginx/1.15.4 / Express
Resource Hash: 270cf1bd918682e2e07613a9fd10581211c97b7f81d14643f39f14126b5e588b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:33:13 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 24 Oct 2023 12:59:40 GMT
server: nginx/1.15.4
age: 464527
x-powered-by: Express
etag: W/"46d6-18b61c4f660"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=86400,immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485

GET
H2 200 e76cf125-2f2d-42a5-acc5-9da41c9e6b50.js Show response
static.aottercdn.com/trek/media/ Frame 75F9 276 KB
103 KB 2267ms
1457ms Script
application/javascript 139.162.92.244
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.aottercdn.com/trek/media/e76cf125-2f2d-42a5-acc5-9da41c9e6b50.js
Requested by: Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 139.162.92.244 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-139-162-92-244.shg1.nodebalancer.linode.com
Software: nginx /
Resource Hash: 688c7af9d72c5f8492cddf9ba0de6af044cd5c4b2b943c470a92187170889d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 05:41:10 GMT
server: nginx
content-md5: OoI345sFXtx9E5mYeaFzJg==
etag: W/"0x8DB810843EEC30F"
x-cache-status: HIT
content-type: application/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 75F9 145 KB
50 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea23613d9534e96d683292d16d845d71c266328f52393312d51fa778946ed9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51313
x-xss-protection: 0
server: cafe
etag: 4757578966086213632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 75F9 96 KB
30 KB 125ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8910f5ac639eb100c682c4e8b224d16750da9d6b10b64ff5b5d7c504e286a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30052
x-xss-protection: 0
server: cafe
etag: 737 / 19661 / 31079210 / config-hash: 9617840091010596719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ Frame 75F9 7 KB
4 KB 805ms
265ms Script
application/javascript 104.199.210.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

b72ed4e794ebfc8120b4cd67016450c7f1eb121dd2029b5021e9023a10312b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:21 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK admanager-async.js Show response
cdn.innity.net/ Frame 75F9 5 KB
2 KB 109ms
25ms Script
application/javascript 23.197.7.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.innity.net/admanager-async.js
Requested by: Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.197.7.214 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-7-214.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 46f9b04f6c87499a597dc076f2d7c1be7e05f0a892a5f7d68c5119ed2af91561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 07:27:54 GMT
Server: Apache
ETag: "1363-5efece867f280-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1641
Expires: Wed, 01 Nov 2023 03:35:20 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 75F9 189 KB
68 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJWQMXS

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

858afccd925bf9c9f09a042747627aef51f2fad25aba25cf3505ac88078165e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69125
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H/1.1 200
OK config Show response
powerads.breaktime.com.tw/v1/bt/ 609 B
996 B 918ms
215ms Fetch
application/json 104.208.76.145
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/config?domain=jennifer4.com&pid=ZYDHF18&device=desktop

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=ZYDHF18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

eab860ba90c14938be13eb05228febacf3a90b4146c3bf4a5d935bac892eb316

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:21 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://jennifer4.com
Cache-Control: s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 609

GET
H2 200 d40143e1ce51d24c.css
ifoodie.tw/_next/static/css/ Frame 75F9 3 KB
1 KB 308ms
308ms Stylesheet
text/css 107.178.252.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ifoodie.tw/_next/static/css/d40143e1ce51d24c.css
Requested by: Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.252.150 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 150.252.178.107.bc.googleusercontent.com
Software: nginx/1.15.4 / Express
Resource Hash: adf7c6354065608b860ed7ca69fe36466bcc8b2905a0662271a0042cf7e01088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 30 Oct 2023 06:07:24 GMT
server: nginx/1.15.4
x-powered-by: Express
etag: W/"a54-18b7f31ad60"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 OXjjBmp1AgabHi-iprTeC0G8deVgnhpK0ufVljELXJc0hvOXzMxpH03ErBIwumbLXleBFNoY3yzlQhZTDX2ik_lqebMcY5I=s600
lh3.googleusercontent.com/ Frame 75F9 70 KB
71 KB 67ms
20ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/OXjjBmp1AgabHi-iprTeC0G8deVgnhpK0ufVljELXJc0hvOXzMxpH03ErBIwumbLXleBFNoY3yzlQhZTDX2ik_lqebMcY5I=s600

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1b311cf29e446a0f551d333f80db9020d3d775bb37031976e361889a2c52667e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:46:25 GMT
x-content-type-options: nosniff
age: 2935
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72022
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Nov 2023 02:46:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 75F9 271 KB
90 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2LQZNSZSYS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWQMXS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ad8af487226a67b176761854418bbeb5356b76368dee01a2fc931c943b389f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 75F9 199 KB
52 KB 42ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 03:35:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: D5CoaMkXalMTFwjGAJQdy8TDZYWYjutoOb76/X+WfEcaVgjxdp3IYjO5tTzmZZzufx6Qu6vH1kcJ6Jr85uxxxg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 29ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1123210560&t=pageview&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=372914311&gjid=1406562531&cid=1484857743.1698723320&tid=UA-219963448-1&_gid=874698219.1698723321&_r=1&_slc=1&gtm=45He3ap0n81T2GSGWGv858872173&gcd=11l1l1l1l1&z=199365247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

81aa91ef94548e48b6c1a08512c3f513a029e22026c035a72f0a9dc3b7a06eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 28ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1123210560&t=pageview&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=161545755&gjid=1419476479&cid=1484857743.1698723320&tid=UA-106748821-1&_gid=874698219.1698723321&_r=1&_slc=1&gtm=45He3ap0n81T2GSGWGv858872173&gcd=11l1l1l1l1&z=1158565319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1123210560&t=pageview&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=458685240&gjid=949961940&cid=1484857743.1698723320&tid=UA-135689988-1&_gid=874698219.1698723321&_r=1&_slc=1&gtm=45He3ap0n81W9CRLDWv79320947&gcd=11l1l1l1l1&z=2068074979

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ Frame 75F9 395 KB
134 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9874927516416876&plah=ifoodie.tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40054cfc816e7c3a01d850d4e47a1b49e70003143529c7dcc04cfb47b4856a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137226
x-xss-protection: 0
server: cafe
etag: 10255417213820016192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H2 200 v2329-5lUAK9N3q9TdTVlvQAy1d4yesUYprjv7DRRBbxsoXUWVDpfNc2YNL0skCGWPmDFQxmvCh3Kky6zitbDnqRKA0lecM=s600
lh3.googleusercontent.com/ Frame 75F9 7 KB
7 KB 715ms
712ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/v2329-5lUAK9N3q9TdTVlvQAy1d4yesUYprjv7DRRBbxsoXUWVDpfNc2YNL0skCGWPmDFQxmvCh3Kky6zitbDnqRKA0lecM=s600

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a64f648ec25a90483f17d3ff0e35b9cfc1532c74c82d761a33183fba6b5d781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7508
x-xss-protection: 0
expires: Wed, 01 Nov 2023 03:35:21 GMT

GET
H2 200 y5LpeddqoOp5DXerDEn2yBOVc_UZOMgoA5WEX69m0Np1ORrx1ErrkDTnnpFAbVjVjE_oszWcPNDjFb7s9tg4Nf5pTsthMBY=s63
lh3.googleusercontent.com/ Frame 75F9 1 KB
2 KB 23ms
20ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/y5LpeddqoOp5DXerDEn2yBOVc_UZOMgoA5WEX69m0Np1ORrx1ErrkDTnnpFAbVjVjE_oszWcPNDjFb7s9tg4Nf5pTsthMBY=s63

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d90cc845daa971d718a2e190f9ffc63b4ee132e2ce25e860f595793919f88eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:54:46 GMT
x-content-type-options: nosniff
age: 2434
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1465
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Nov 2023 02:54:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKBLJLT1WJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d793355cc34790c02c85cea76cf972beb8d83987d3ae4db156ccbc103f0d82ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82451
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 87ms
29ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-106748821-1&cid=1484857743.1698723320&jid=161545755&gjid=1419476479&_gid=874698219.1698723321&_u=YADAAAABAAAAAC~&z=1321856807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 421 KB
421 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:13:40 GMT
x-content-type-options: nosniff
age: 44500
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 431015
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 29 Oct 2024 15:13:40 GMT

GET
H3 200 pmp_ads.js Show response
power.adhacker.online/pmp/ 63 B
930 B 30ms
30ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/pmp/pmp_ads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4740
x-guploader-uploadid: ADPycdsLPkk80QewBS6lrO_pcNx5t4ZybofwfcjHoX3M5HDlfpouH0c_toaMkFwNHKR3jGIAOyNjsUi32cUpEXp3ZtgxTIDbs4zj
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 May 2022 10:18:21 GMT
server: cloudflare
etag: W/"90e3755e0f60542fe1ef74ba1639e239"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-hash: crc32c=ySZKkQ==, md5=kON1Xg9gVC/h73S6FjniOQ==
x-goog-generation: 1652869101997911
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHHWCZKgP%2Fcd22YtxeqIQWxrfTu%2F%2BefNnmV621tKL5BwkJUsu1rZ4rey5iQ3t7%2BwtKE7%2Bj2wHW8nOYehzaDYwNWQiQIu78NcHJyG48sluF4HiAVqfhYIrCs7Pk1dpxYiQcKXI%2Fe1749zDq7jxdoC38GHbDU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 63
cf-ray: 81e8d8f1c8883659-FRA
expires: Tue, 31 Oct 2023 04:35:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6d6b201216e03058ca331c2a2175947f9bbb54c695797df529f91cce67da599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/ Frame 75F9 422 KB
132 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310260101/pubads_impl.js?cb=31079210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 10:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61087
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135432
x-xss-protection: 0
server: cafe
etag: 13870563710225165476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 29 Oct 2024 10:37:13 GMT

GET
H3 200 1061731297241665 Show response
connect.facebook.net/signals/config/ Frame 75F9 141 KB
36 KB 139ms
139ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1061731297241665?v=2.9.135&r=stable&domain=jennifer4.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15780fd3f8f26966f7d83054274b93e02ab2bb010420759231cb8385580d6ef7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 31 Oct 2023 03:35:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: gC/ynE82idoDhBkv/2esmST7GKaUXRV32ccHXbG19pPmEiYI7QngVJ1egKRYaEJ9eVeWlGGxxofsZFqFYtnQkg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 82ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106748821-1&cid=1484857743.1698723320&jid=161545755&_u=YADAAAABAAAAAC~&z=1235491239

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106748821-1&cid=1484857743.1698723320&jid=161545755&_u=YADAAAABAAAAAC~&z=1235491239

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 42ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TKBLJLT1WJ&gtm=45je3ap0v9133990950&_p=1123210560&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1484857743.1698723320&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sid=1698723320&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKBLJLT1WJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3DCCEXXFQP&gtm=45je3ap0v9125256186&_p=1123210560&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1484857743.1698723320&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&ngs=1&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sid=1698723320&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DD8 603 B
68 B 40ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9874927516416876&output=html&adk=1812271804&adf=3279755396&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjennifer4.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698723320575&bpp=5&bdt=163&idt=167&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=8585601611374&frm=24&ife=1&pv=2&ga_vid=1174759540.1698723321&ga_sid=1698723321&ga_hid=1812648635&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=367&ifk=2688338180&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079079%2C31079190%2C31079265%2C44805934%2C31078301&oid=2&pvsid=2607031767033870&tmod=769978517&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C367&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5asmzsa0l07j&fsb=1&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9874927516416876&plah=ifoodie.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifoodie.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 posts Show response
provider-prod.mdeianet.com/api/ 132 B
237 B 565ms
191ms Fetch
application/json 18.139.138.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://provider-prod.mdeianet.com/api/posts?key=e3cd9108-b4ec-4c7a-ac66-9b6bb2eb811a&pathname=%2F&search=
Requested by: Host: api.mdeianet.com
URL: https://api.mdeianet.com/api/js-client.js?key=e3cd9108-b4ec-4c7a-ac66-9b6bb2eb811a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.138.204 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-138-204.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 01a77163f255e2bc5cddf4d6dff08e6283f7c6b1fdb3bdf8c897bb1bca1e4594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:21 GMT
content-length: 132
content-type: application/json; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ Frame 75F9 0
31 B 61ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1061731297241665&ev=PageView&dl=https%3A%2F%2Fifoodie.tw%2Fuser%2F56161fd32756dd731534a31d%2Fiframe%3Fstyle%3Dresponsive&rl=https%3A%2F%2Fjennifer4.com%2F&if=true&ts=1698723320837&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&cs_est=true&ler=other&it=1698723320682&coo=false&rqm=GET

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 03:35:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 75F9 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1061731297241665&ev=ViewContent&dl=https%3A%2F%2Fifoodie.tw%2Fuser%2F56161fd32756dd731534a31d%2Fiframe%3Fstyle%3Dresponsive&rl=https%3A%2F%2Fjennifer4.com%2F&if=true&ts=1698723320838&cd[content_name]=%2Fuser%2F56161fd32756dd731534a31d%2Fiframe&cd[content_category]=User%20iframe&cd[content_type]=user&cd[content_ids]=%5B%22%2Fuser%2F56161fd32756dd731534a31d%2Fiframe%22%5D&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&ler=other&it=1698723320682&coo=false&rqm=GET

Requested by

Host: ifoodie.tw
URL: https://ifoodie.tw/user/56161fd32756dd731534a31d/iframe?style=responsive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 31 Oct 2023 03:35:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-230439076-1

Requested by

Host: breaktime.tw
URL: https://breaktime.tw/affiliation/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff84f911a44335ea2e55eaee50a6f2301aeadb4aa62c092262fe0102b9967361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68699
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN32RKN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cba2acb7380bc6453fc66d5eb049e51e12dd1b3e53bcb78937f9753399d6219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68787
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Oct 2023 03:35:21 GMT

GET
H2 200 / Show response
cell.adbottw.net/affiliation/ 0
446 B 588ms
532ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell.adbottw.net/affiliation/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnvopZ6AC0p0P6n8dRt%2BlgYnX6t3iM27LOQswiy%2Fc%2FwRJfah4MO7yfEfG8SWLIU%2BVZAMFNV90OlDgbBa8%2FP6KrfCiybppN0KO0S%2BQtwOH0CbjxbvLZPCDds1dwkwXD723EkLjjIyD0ppJHEepRqw"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81e8d8f56a9c365f-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK p.gif
s.lndata.com/ 43 B
708 B 1048ms
251ms Image
image/gif 3.114.84.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.lndata.com/p.gif?type=pageview&sid=4c4fa69&uid=654075f9.63efb457&url=https%3A%2F%2Fjennifer4.com%2F&tl=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&cs=utf-8&rl=&sr=1600x1200&sc=24&tz=1&sp=0&vh=1200&pt=2110&_=67155224

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.84.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-84-80.ap-northeast-1.compute.amazonaws.com

Software

nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Oct 2023 03:35:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
Age: 197808
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230439076-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f874b2963c47036bdb8a5ecbaf97d73120367e626c975fd0e3d00cc897ac9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1123210560&t=pageview&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=1551691170&gjid=1652682122&cid=1484857743.1698723320&tid=UA-230439076-1&_gid=874698219.1698723321&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=7244072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NCBMBRV2DM&gtm=45je3ap0v9126077342&_p=1123210560&gcd=11l1l1l1l1&cid=1484857743.1698723320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698723321&sct=1&seg=0&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ Frame 75F9 0
192 B 1293ms
257ms XHR
application/octet-stream 104.199.245.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=add23f4b-3dda-4925-a3fb-c65fc97e4681
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 31 Oct 2023 03:35:22 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=ZYDHF18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24a1a877e52ac8ceb3ae2a5c3c3784492ea75fdb895cb7e686a46a4913c31f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51165
x-xss-protection: 0
server: cafe
etag: 624616443608937827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:21 GMT

POST
H/1.1 200
OK ad Show response
powerads.breaktime.com.tw/v1/bt/ 1 KB
2 KB 217ms
217ms Fetch
application/json 104.208.76.145
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/ad

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=ZYDHF18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4ebfb77d3f78a5169b34967ead91f7d5327cd0bbe3c94ad972cde972813604b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

Date: Tue, 31 Oct 2023 03:35:21 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://jennifer4.com
Cache-Control: s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1454

OPTIONS
H/1.1 200
OK ad
powerads.breaktime.com.tw/v1/bt/ Frame 0
0 216ms
215ms Preflight
text/html 104.208.76.145
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/ad

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://jennifer4.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://jennifer4.com
Allow: POST, OPTIONS
Cache-Control: s-maxage=0, max-age=0 private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 31 Oct 2023 03:35:21 GMT
Server: nginx/1.12.2
Vary: Origin
X-Content-Type-Options: nosniff

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 73ms
29ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27141
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHfeq56fGK9Qp%2Fsy%2F%2FgvNjJyg7OrlQZxbGWr%2Ff2xK0h1aB05R9ideoSTb5PQnyVY9DHLNSrMF2lFSoklB6Xn9r%2F0S7t6mKrPO6ErHn4YvhDmRrUJ2rgNL5BMZSX7HYpi%2FFLgnzCq8P6cNdUtcXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81e8d8f92eaf9110-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 79ms
30ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: JWJDAN1XR6GATQDQ
age: 958
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81e8d8f93cfe37f6-FRA
x-amz-id-2: Ef+zRSY5m1l5O/qNEP9qXrov5kpci+PWBE+duOZn8RfWRfK8fxpzs/23mChcD+sxFKSVyfSeJCnE1vDWU3gxhg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 67ms
19ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:17:52 GMT
content-encoding: gzip
age: 551849
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 23 Oct 2024 18:17:52 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 149ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 01 Nov 2023 03:35:21 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 88ms
20ms Script
text/javascript 2600:9000:2250:5800:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 30 Oct 2023 05:50:55 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 78268
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: MFo-0hHn9eNbnNy9Sjak3TKTpY2PUbNmPEPwVWMQAD4vxwWiw8liyg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 74ms
23ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 05:49:30 GMT
content-encoding: gzip
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 78352
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: rcuoSNIyjOJGNSUFp3Kb5AARU_QJ3OApWglqKBq87ZhvSSe5Um6qYg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 94ms
35ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: c474fdc35d72990437e6ed629c37fe1f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 88ms
26ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 20156
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 81e8d8f9be636a77-TXL
expires: Fri, 03 Nov 2023 03:35:21 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 101ms
21ms Script
application/javascript 2600:9000:223c:8000:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:8000:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:48:17 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 2825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: hfOiXPMokvD76viywCYPY7D-6iOpbtYJbE1nYhwWfuRHay5u7XoL1Q==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 300ms
300ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_a_H1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C336x280%7C320x50%7C320x100%7C300x250&fluid=height&ifi=2&didk=3850745391&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321748&lmt=1698719721&adxs=260&adys=818&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=1080x15&msz=1080x0&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-partner%3DZYDHF18%26zi-cwidth%3DLarge&adks=1341314224&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e071f0859de3d6056d1db499fa4ada42ca229d68c46e1c40c989d2c60e28bfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45863
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F1F 6 KB
3 KB 100ms
27ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
expires: Wed, 30 Oct 2024 03:35:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
45 KB 564ms
563ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_li_iL1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C728x90%7C360x343%7C360x230%7C336x280%7C320x50%7C320x100%7C300x250&fluid=height&ifi=3&didk=949605186&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321758&lmt=1698719721&adxs=260&adys=7033&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=740x8924&msz=740x1&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-inlist%3DV_Title_Image_Body%26zi-partner%3DZYDHF18%26zi-cwidth%3DMedium&adks=290622890&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49391ae8063a15967e320b1f8fee26dd6fc94c803650ba87463a0af7a94551c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45788
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 751ms
750ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_a_SBS1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x600%7C160x600&fluid=height&ifi=4&didk=782529683&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321762&lmt=1698719721&adxs=1040&adys=7769&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-partner%3DZYDHF18%26zi-cwidth%3DSmall&adks=301097889&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

459888dfb83fb98f0012346e74d5eabd42221603049c86bc9ae3f6c63f4d7874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11413
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
40 KB 958ms
958ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_li_iL1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C728x90%7C360x343%7C360x230%7C336x280%7C320x50%7C320x100%7C300x250&fluid=height&ifi=5&didk=949605184&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321765&lmt=1698719721&adxs=260&adys=1747&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=740x8924&msz=740x1&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-inlist%3DV_Title_Image_Body%26zi-partner%3DZYDHF18%26zi-cwidth%3DMedium&adks=290622888&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9be2ffb15c15e5690f627818bbbd553d800df7a1f70d7f73fba0e621491151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40644
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1159ms
1159ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_a_SB1&enc_prev_ius=0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C160x600&fluid=height&ifi=6&didk=2998117064&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321768&lmt=1698719721&adxs=1040&adys=859&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-partner%3DZYDHF18%26zi-cwidth%3DSmall&adks=1435103038&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

637c0312614310314e51fc47e254b8996b9c2a83a102c6aba2e94e1068a54da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11744
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 1571ms
1571ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_li_iL1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C728x90%7C360x230%7C360x343%7C336x280%7C320x100%7C320x50%7C300x250&fluid=height&ifi=7&didk=949605185&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321771&lmt=1698719721&adxs=260&adys=4374&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=740x8924&msz=740x1&fws=4&ohw=1080&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-inlist%3DV_Title_Image_Body%26zi-partner%3DZYDHF18%26zi-cwidth%3DMedium&adks=1214710906&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

380e97d0cac2a79abd9df22d887c9d4c5e27eb314ea00586fa7b406c947763c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
46 KB 1373ms
1373ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4336634259696724&correlator=3969255739236854&eid=31079239%2C31078660&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21697024903%3A67215924%2CBT_a_F1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C468x60%7C336x280%7C320x100%7C320x50%7C300x250&ifi=8&didk=1061932178&sfv=1-0-40&sc=1&cookie=ID%3D069207500ce58cfb-22129fd320e3004a%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw&gpic=UID%3D00000cadd8b9a2c6%3AT%3D1698723320%3ART%3D1698723320%3AS%3DALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ&abxe=1&dt=1698723321774&lmt=1698719721&adxs=315&adys=9877&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fjennifer4.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1484857743.1698723320&ga_sid=1698723320&ga_hid=1123210560&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiMr7OeuDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiLr7OeuDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGIyvs564MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuvs564MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiLr7OeuDFIAFICCGQSFwoIcnRiaG91c2UYjK-znrgxSABSAghkEhQKBW9wZW54GIuvs564MUgAUgIIZBIZCgp1aWRhcGkuY29tGIuvs564MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yi6-znrgxSABSAghk&dlt=1698723319010&idt=1760&prev_scp=zi-web%3Djennifer4.com%26zi-path%3D%252F%26zi-partner%3DZYDHF18%26zi-cwidth%3DLarge&adks=874712046&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba74c93c63114948ecfb87ca913eb896b191b517db4a25744fed167a424633a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47098
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp&cc=1

85 B
194 B

133ms
132ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp&cc=1
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 03e4e6b7174f5b25c2888bcda4f39ce25057a08869bcb7e75d626e93402e1a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-5/VsW9PGBnyFvqfAWGy/h+vRiFg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jennifer4.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 31 Oct 2023 03:35:21 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://jennifer4.com
location: /esp?url=https%3A%2F%2Fjennifer4.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 139ms
44ms XHR
application/json 34.253.64.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.64.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 22ac20938c64d5a9be0da799630fc87ba08847234d8dcde247ac2cadcf856e79

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache
x-server: 10.45.22.211
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
229 B 75ms
22ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://jennifer4.com
date: Tue, 31 Oct 2023 03:35:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 467B 15 KB
6 KB 154ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=jennifer4.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 359276
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
210 B 123ms
26ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fjennifer4.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://jennifer4.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 bootstrap.min.js Show response
cell.adbottw.net/js/ 38 KB
8 KB 544ms
544ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell.adbottw.net/js/bootstrap.min.js
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293efabe8c9d4314f5fbddbc95bf9c9d61f612a48d94d27ff3bb948522315fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 May 2020 10:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5eb928f7-964c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pHO1Jfn%2FMXg%2BWabTUXJ5Wypuk1o1c7hVcUgm%2FZRwU0toGC8xCxVwBkCJ8t3Nhn%2BE44aaieqHKhwBcE%2FAvrtaEqSfaTrIxSyPNwFVcaq10MESKquf6GKQwAnHrWlYza%2BjLhExNkmQZwEjyVzoqHS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81e8d8fa3ddc365f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

sid Show response
mug.criteo.com/ Frame 467B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=jennifer4.com&sn=ChromeSyncframe&so=0&topUrl=jennifer4.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=N04LVnxTQWxlamRob2tlTkxhajBTbDZxTWQ0VmxtbGp5am5MYkdFMFdrQ040ZVpkWjg4TGdGeSthVExIQXBxemxYMGpLNlBITzJ4RWVBakNDdlNSL2tSTHNMQUxiZ1BhQTNJUlU0Rm9SVmd3aWZoRnVJVGZ0TFRRSnlSS2...

422 B
650 B

44ms
43ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N04LVnxTQWxlamRob2tlTkxhajBTbDZxTWQ0VmxtbGp5am5MYkdFMFdrQ040ZVpkWjg4TGdGeSthVExIQXBxemxYMGpLNlBITzJ4RWVBakNDdlNSL2tSTHNMQUxiZ1BhQTNJUlU0Rm9SVmd3aWZoRnVJVGZ0TFRRSnlSS2M0d2xDTXdhTUltemcrNUtOQ1pROVhmbjN6Nlk5UkdVN0VJWDJPUEdiaEhWZXpOUCtZTm96V0JJNG1lY2pHbTBsOUsyWENyV3ovTHFkL2tZZWd4bWhOYW5UaDdpRm5sOUhrbnZaVGtOczk3VHpRMkl3WXpWd2ZMU21TUDAvMWJCQjJJY0laWmtYUkFsdVg1SGRVS2tWb0hvcDJ2d09ScENhc2xLOUg1c2hFMEt0WnowNU02ND18&cppv=2

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b757a087adeb63ecd17755a42f3bc3b7dde93ec384890f0bf55cf977749d47f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4671135
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=N04LVnxTQWxlamRob2tlTkxhajBTbDZxTWQ0VmxtbGp5am5MYkdFMFdrQ040ZVpkWjg4TGdGeSthVExIQXBxemxYMGpLNlBITzJ4RWVBakNDdlNSL2tSTHNMQUxiZ1BhQTNJUlU0Rm9SVmd3aWZoRnVJVGZ0TFRRSnlSS2M0d2xDTXdhTUltemcrNUtOQ1pROVhmbjN6Nlk5UkdVN0VJWDJPUEdiaEhWZXpOUCtZTm96V0JJNG1lY2pHbTBsOUsyWENyV3ovTHFkL2tZZWd4bWhOYW5UaDdpRm5sOUhrbnZaVGtOczk3VHpRMkl3WXpWd2ZMU21TUDAvMWJCQjJJY0laWmtYUkFsdVg1SGRVS2tWb0hvcDJ2d09ScENhc2xLOUg1c2hFMEt0WnowNU02ND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 243466
content-length: 0
expires: 0

GET
H2 200 container.html Show response
1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DE0 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
expires: Wed, 30 Oct 2024 03:35:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9FF6 624 B
242 B 33ms
32ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsYk8LF-gEwAQ&v=APEucNX0i_HKz7d2DN59qnIDJQzWxn1ZVSkHO2A9EIlfBiURslKws7Us0pR2fEBgLoh2SmK-IjhjJ5IaAtCcygCUkwqWXMSG2_KNfvfqFVQKdy2gYU1B-A2IjZnBB7UOEoTyy7UfTUCY9RJk0JwoEvoiIoUj6PFHGHvKYPNX011-4nmUQk4TraE

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1DE0 111 KB
39 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Origin: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 1DE0 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:28:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 1DE0 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:34 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DE0 41 KB
14 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1DE0 3 KB
1 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:41:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3DD 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1DE0 20 KB
9 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DE0 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFd0dqlJ8exNSvZpo5U8h3nYzhGq6CM3_9lRFv046lLg6VxCB1Mmm7qK5QAur6qQZW6SL4219uitRNo94BGrL0gPT2_GMJh3o8KLZjr6RWD8WZYI8

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1DE0 0
0 30ms
28ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdMGScv3WMpRYjDfhN7jZD9vIRybrfcJulZk3xJkWQqkm984yp3kAa5WmpDa8ZMYhFUEwFHCOURZF_rTtlbb6LgK--aw
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DE0 188 KB
59 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:22 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9E65 0
176 B 94ms
30ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 31 Oct 2023 03:35:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9FF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1

43 B
339 B

38ms
38ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsYk8LF-gEwAQ&v=APEucNX0i_HKz7d2DN59qnIDJQzWxn1ZVSkHO2A9EIlfBiURslKws7Us0pR2fEBgLoh2SmK-IjhjJ5IaAtCcygCUkwqWXMSG2_KNfvfqFVQKdy2gYU1B-A2IjZnBB7UOEoTyy7UfTUCY9RJk0JwoEvoiIoUj6PFHGHvKYPNX011-4nmUQk4TraE
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHGIPhmumJSG48kxVeMuISP2ey5JRmJqHbKZM4C5C5hW8sHT42MXWXGhqi5CnOQudsUI%2B2IMClqaRqhMnRPDC0QPtqRVpOqloR%2B3%2Bq4XNWk1Ud0FwH9DXHa6r96dKP%2BCktA12sD9qZUfmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81e8d8fc28b7195c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9FF6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUB1.ux86YAvymoMAqTjzgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1&google_hm=2

43 B
770 B

38ms
38ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsYk8LF-gEwAQ&v=APEucNX0i_HKz7d2DN59qnIDJQzWxn1ZVSkHO2A9EIlfBiURslKws7Us0pR2fEBgLoh2SmK-IjhjJ5IaAtCcygCUkwqWXMSG2_KNfvfqFVQKdy2gYU1B-A2IjZnBB7UOEoTyy7UfTUCY9RJk0JwoEvoiIoUj6PFHGHvKYPNX011-4nmUQk4TraE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BVOkJ6Bpkw4MzQwwMlAOma0fZDFIbCHJbY2VzeUvXqjHFe39ZYH1uOT62ajA9AsxeBk9lXXCe6nSEvYro8ZS5h%2BaD9%2Bnj0VtJEvUXysUvFW0nh8qN50t5Um5CpLso0d1L3YuLxJAV%2FXgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81e8d8fc9ff91cbd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKAYX67WxNmY66yrzjhLX0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9FF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELp24tEBw7V621RVvgMFVU4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELp24tEBw7V621RVvgMFVU4%26google_cver%3D1

43 B
888 B

36ms
36ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELp24tEBw7V621RVvgMFVU4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsYk8LF-gEwAQ&v=APEucNX0i_HKz7d2DN59qnIDJQzWxn1ZVSkHO2A9EIlfBiURslKws7Us0pR2fEBgLoh2SmK-IjhjJ5IaAtCcygCUkwqWXMSG2_KNfvfqFVQKdy2gYU1B-A2IjZnBB7UOEoTyy7UfTUCY9RJk0JwoEvoiIoUj6PFHGHvKYPNX011-4nmUQk4TraE

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
an-x-request-uuid: 3ba38846-73d4-477c-b577-ed250e3c5dc7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
an-x-request-uuid: b61c7cb5-f3eb-42ad-a804-a83042aaec37
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELp24tEBw7V621RVvgMFVU4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FF6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MzAyOTYxODQxMzY1NzU3Nw%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MzAyOTYxODQxMzY1NzU3Nw%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
an-x-request-uuid: 40a61793-6845-484f-ba28-97fe785515a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MzAyOTYxODQxMzY1NzU3Nw%3D%3D
x-proxy-origin: 217.114.215.132; 217.114.215.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B3DD 35 B
464 B 100ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAQnWjU50dOCncZtPS6wCp4&google_cver=1&google_push=AXcoOmToLXa_x76mmjRu4o0nvddVONhOX46LAG7m7_1phThxfWnkwIGVhvF23V3YBMXf0eddu8Vt5K1l0x7WoNb2a4B5df-W4y6j

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3DD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_push=AXcoOmRAQGudRvO8ZkgtwRF0oaDW2qejrosEMfn2W4RYX6CBnyvV9bZ2Vf...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_push=AXcoOmRAQGudRvO8ZkgtwRF0oaDW2qejrosEMfn2W4RYX6CBnyvV9bZ2Vfj1DJn7dOAtH4EjqFyiV-EjGUL9JDJewNsgsbf0eexI

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230059-FRA
pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698723322.248964,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_push=AXcoOmRAQGudRvO8ZkgtwRF0oaDW2qejrosEMfn2W4RYX6CBnyvV9bZ2Vfj1DJn7dOAtH4EjqFyiV-EjGUL9JDJewNsgsbf0eexI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B3DD
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKoyFJ2RmlSdjRvd8tC7RDE&google_cver=1&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU_-pbqeUxdU33o
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=553DBA5909AA474590ABCD38433892F3&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU...

170 B
243 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=553DBA5909AA474590ABCD38433892F3&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU_-pbqeUxdU33o

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 03:35:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=553DBA5909AA474590ABCD38433892F3&google_push=AXcoOmQlAUyF71U4MaXrQF91RHm7VVxm3fS6i4eyH3qVzeEzmm61jngkSCBCsLMtgwYPtsv3l6N4v37JdSd0xPU_-pbqeUxdU33o
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 30 Oct 2023 03:35:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3DD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0y8ZUyU8TERSUh55ZXjwQ&google_cver=1&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0y8ZUyU8TERSUh55ZXjwQ&google_cver=1&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwd...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODgwMDAxNTYyNjI3NDQzNQ&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRl...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODgwMDAxNTYyNjI3NDQzNQ&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDaWbmH2cNwpjE1VpihbcEy

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg3ODgwMDAxNTYyNjI3NDQzNQ&google_push=AXcoOmRu_xrvTO4KVsdbr7cbDDBSRuIKToeBgLLyhoX6v6Ak3Wtetn_GoUKTt7rV3l2_XOnHcwdxRlDaWbmH2cNwpjE1VpihbcEy
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B3DD
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw4...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw4...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

170 B
232 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Oct 2023 03:35:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQwOTlowc5DTR-TenP19RtbX_FJF7RUUPU1-iMe2l3EHmrAonjAIOiFUHwpCTJgJsEvrUw70M2FRAhE7RMw47w_ReWoZ-Q&google_hm=Hk23qGZHe8SPIr1zTiqksoZy
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame B3DD 0
236 B 96ms
32ms Image
text/plain 2600:9000:211e:ec00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBh-l-xtqoCmrvJx7kC0uz8&google_cver=1&google_push=AXcoOmTwJ1Jy7TabD_iHMr5uBQES0T8lfioC8Cv61SPrYJ_nex1AELEv4OlYR6-uZvqzfKRodemFtcunO4Qcz7xGypcCgNr0w7mG
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: GVFYUQhZ3yxBhTCgkKePtioNMn7_LVA1wP506Guu6x-JEbG8xTj8aA==
x-cache: Miss from cloudfront

GET
H2 200 ebda
match.360yield.com/match/ Frame B3DD 43 B
199 B 191ms
46ms Image
image/gif 52.210.34.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEFSJYdaj-f5DKP3hP2w1haw&google_cver=1&google_push=AXcoOmRQ6hZfon24eqUwRMIuGQoQvgIhi_XtT2gHZlu9xB4hVIwotUUwlnoPkbRVF59Z7jyq20nKNJP0DicaQdHo8uCR7d6qTmY
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.34.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B3DD 0
130 B 79ms
27ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUP4nV87uZIOkD8c-EtSmiR2ztMzPlvg2FiF2PAoNn9wz9m5pKAHXvBu2PHXbFV5-beWEh

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 1DE0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5b58882c5b70eccb73235aa0738045f1d89cb49247ff7ce7c0c9857efb0c3ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/349498087921017068/970x250/ Frame 333E 6 KB
2 KB 66ms
21ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce69d85a4c17d0dce07435bf2302100fcb81f5887236c02a1aaec899aab6d7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 487924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2427
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 12:03:18 GMT
expires: Thu, 24 Oct 2024 12:03:18 GMT
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DE0 0
0 132ms
66ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4yjSRhJvUVK9KjRdJ58Y6KDgpiu-KCDYeO-74I1y9ujhbXir6nokcd9gY95LPSCa5Zcv2DjAJyfNmo5Sa9sbUkFZJMHdG_OVdyKLtXNRi8_4cWI7BnqFnHxSuM0Tz8KJiuA58mB4cVrKzykVStdIJ5jDe_3ZThLqPtP_AZ-cs8_j-f93gA6ZHCdD2BkyBsDcuAyH0105mvPSm7JAMej5X6xezNBQQPp-Eg1tYxH05ocspnGAZdq5KC4JCHf_Xv3OzB4hFh9iCyEGCBMpMnpP4vU9OaI_42DLbA0wwgfGXhqU6Uqoeh3lfp5elb4cuUGF-4rvDGloOegXwUEkEAqt7ntcXtVdmEOim9aKVq-LneQ1w0wWLVUoGlwXnAt3KmD3Wd4_1Mx5PguPBCVs0-UL3zqBVsHDsUwCeA5rOXaqR3nskug2pFXI9pml09I7djHdrvPVupgue5gQhEiM-k8_Gh17gQ-Eb85l6gmiye1l2tgl7mmBEpGzd5bKpJbIOX39hJQaVPOQzDQQgOXJaRpvJEGEN6EXC_cj2gd-oR1L0qPKCmHS-dpk3hSZvzuVxeiskBmRRZLbBFY43gxfNLRYdeApSWHOTr3gyfLaoYH6RCn9EcRpc-io3LXxub0fE-SatfYy62F97P7RZWmH24TvBjNuNWzklhn5DRoPtzW9eBbByZ93bGz8RAkdiQ4XE0zgzOiy_j3PpWHPiRqEFgSnUzT3nVesCxtNVGOtAv19ENX7f9k8jNTCRxzbLKJR11Fc302S6cbPh5hK3aDk-xil4SW8ojIinbXhSJ_DcvOKYg66xzLIzq4TfXfKq_gm2NM8fHD62RWBdT30uRTEjOrynO19MFUN85Y5H4rh7C-NUV902ShFAn2J9xiNkLAoxmp4ou3wsigme8rvObx0WzrpfcNelV-aiOUlS67L6QAD2smtAUDEIm4oNtyRjTo0ez4CVMLCQbGgdatddEziIEm-Uhdpjh8fYGmm_gYWBa5IfoYfMoPHEVOr88mJXyzZIDTot4T1azdwTAaUGJjJ4MuWeyu4_RWEGXTKT56uzEsnbMwaTNalVRZfnhBH2UhWFmvuh5cYPcOBN7cDkNMrx5cxaF-BdpE7cvkD3HSIsJRIJMuRzuNky0DkG4dAuCru3ihVjrwwIUPZ9xZ2kdXF7MU31_G99Lsm0jPJ4TGC4TwtsfYOGVEUhMwK6paHc3uL5XNptS4Fnh8ihLNNfMUetICCXaR-UEUm_E5SJEDa-D2kkKUCPqIor3f-vuA6zAwjarnx9F_43IHMipkzCvFdrN0uvclBOqz5jMSgzR5MTlNMyOiBhtahrYvWnNJ2e9pC2mgl3eLzVcHTyvICsiZc4oHYOC-CcRtkTTrnUK_giqbgOl41Tsz_3SFugYA&sai=AMfl-YQXOn-XUpjdt55wpd9hodxfq6E0qDbjP-kT0Y6mDpyTCH0AfW6-wQuKA_2Fk4bAvPkUZhT5U12VZYsjvFj0zukLtOHpd8vR55-JVgrzW7GYkmlG6xRc2GGTMSz_t7fPf6PowXkQPmSWYgs0YUFjTcmP5iv4b8jl_kD4-4iVzsxJw75Ypk1em4bIGUl4FkEi-3lJCntqWv_xEhR_rhlf8hA51UNK_8j6v0WrzLeQ8nF-aOBv145aGmpgplHtpgA2eSZTEDwZxIzW9NrEz1XwTLmiJzkshFaso35h2lUBo-4DYWp5jrkuxKxSMjyVneUkBd65RI81Jcd-Gt1PanqWG_rN7rtWLDlVWAPxfng7MkaDD0lR7iJ8lc4u-mwQxjRnfieOvCwv0Nma5IAWx6mEM7U_&sig=Cg0ArKJSzLmlr7BTM_zuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&cbvp=1&cstd=130&cisv=r20231026.40576&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 76C9 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 76C9 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 333E 186 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 03:35:22 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 333E 236 KB
63 KB 93ms
28ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 31 Oct 2023 03:50:22 GMT

GET
H3 200 970x250.js Show response
s0.2mdn.net/sadbundle/349498087921017068/970x250/ Frame 333E 43 KB
6 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d1c8408f99907cb34a0b564150efd58c057326c440cb947a9148426eb308285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6062
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 23:03:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 76C9 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BANVB-XVAZZq6MJvF7_UPgOOn2AEAAAAAOAHgBAI&bg=!FxSlFFvNAAbo5yKYyOc7ADQBe5WfOE6u0o6vBQxAoWrL6LJCrCyt0fjElCA4IeDpW5M3Tr_9dHAo8mX5Qf1Z9PTKQNGHAgAAAExSAAAAAmgBBwoARFKpgYn4AOYWlq1D-HEdH2dKlxzPNcgbSN-Cs-Q3LZGckaW9T1SsDaC0V3P7NKo1GVnquwcivTgsNiv7TnBnd_t-JB0vmQL-xp5AVat0bxnhTMiSTtHT7l_jG7Tzt4K9UUbgWjRcPUNbPDW4k_xjNMILg23WB3EkoZOdnARSamkb7VPuviruQBBsd2_YvNgKfwmtpONzPA_OLT5rPEvBxKYNZHH2lWHlMYWjOKN4_EaDR4HV2iORBX14qbVDqmHf3U_mY7qxC7B7uD7O38Xn0L9NyeeAm_ksjeYqhigb12iZ61b5WTcumK9U_y012h4C_vo5LmECdVFdLUPeKJnlOILuySHodp2Ok9lM6YSPz80RbW72-1FRDQtjZDJ82H7L4Sa-2F_fMR6BSnLF04ESgyn4aa64Da07qHUvDZfnsZqV5bEFwUY9DNBICf5rVobRGd9xgMZKj-Udm-N8tNz7CgQz9397FvhmEDFi-p7lWSWs0-CZjJ7VcMsQnBeYdC9-Y_3UbxyI6P9x-8f593d1vlyV3v1_81SfmhzqXmEFhCjNSWlANH7X2mcJ0wd4uaH7do_ke2KPW-vo2D7PyBOVgslfqMZvsbvggX7uH2UzXDOMMrtakv9qvD658p5iop_yAX6POkipPvOFRjhjdu6kmYHaODv704O9cnTeRRgZ2tVZhg_ck9VDJWv7uE0g2oPtqHOp6GEO3DD6kLdRU38_Ni-winkDU-jxMx13AeqGPz4omJkeHCaDPtNJrg8bpnwOrJMXXFbTFBMhzTakFX6jt8ULFU_COO7NoclKzXRrqOYioBj5r3nh0VjzyLWiVzX-R8a9PYc_7Lnoz8AgLmpFRFso_j0E-YFbiK8RuPMBPXLAaPxRHYHzUlJT7lT3AEolGK4hy0OSerpC8sijLYOmJyaUphZ2pQwPXyhddNIr6qsLmNjdVgkJ2BMx7dG7hOajkL9eOv6-Tz9t6TBJdCjO77S31wDm0fuCn2BM9RnrtDif8Bh1v8mjY_3LGKoot6yIk8LX4DmDVf-J4O2LHyuQ2ub-0riI-UDbKBhtdv57qcDtU-IF9Owe7gupxsVoFURNSCYEdghBA8YNnxKVBYGlItA9BtLh-w

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 40 KB
40 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/bg.jpg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a022e9c64e75eaac9fb8214aae8effc83d5f873c4764d122122c2802fcd59be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:03:55 GMT
x-content-type-options: nosniff
age: 487887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40536
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 12:03:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DE0 0
0 60ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4yjSRhJvUVK9KjRdJ58Y6KDgpiu-KCDYeO-74I1y9ujhbXir6nokcd9gY95LPSCa5Zcv2DjAJyfNmo5Sa9sbUkFZJMHdG_OVdyKLtXNRi8_4cWI7BnqFnHxSuM0Tz8KJiuA58mB4cVrKzykVStdIJ5jDe_3ZThLqPtP_AZ-cs8_j-f93gA6ZHCdD2BkyBsDcuAyH0105mvPSm7JAMej5X6xezNBQQPp-Eg1tYxH05ocspnGAZdq5KC4JCHf_Xv3OzB4hFh9iCyEGCBMpMnpP4vU9OaI_42DLbA0wwgfGXhqU6Uqoeh3lfp5elb4cuUGF-4rvDGloOegXwUEkEAqt7ntcXtVdmEOim9aKVq-LneQ1w0wWLVUoGlwXnAt3KmD3Wd4_1Mx5PguPBCVs0-UL3zqBVsHDsUwCeA5rOXaqR3nskug2pFXI9pml09I7djHdrvPVupgue5gQhEiM-k8_Gh17gQ-Eb85l6gmiye1l2tgl7mmBEpGzd5bKpJbIOX39hJQaVPOQzDQQgOXJaRpvJEGEN6EXC_cj2gd-oR1L0qPKCmHS-dpk3hSZvzuVxeiskBmRRZLbBFY43gxfNLRYdeApSWHOTr3gyfLaoYH6RCn9EcRpc-io3LXxub0fE-SatfYy62F97P7RZWmH24TvBjNuNWzklhn5DRoPtzW9eBbByZ93bGz8RAkdiQ4XE0zgzOiy_j3PpWHPiRqEFgSnUzT3nVesCxtNVGOtAv19ENX7f9k8jNTCRxzbLKJR11Fc302S6cbPh5hK3aDk-xil4SW8ojIinbXhSJ_DcvOKYg66xzLIzq4TfXfKq_gm2NM8fHD62RWBdT30uRTEjOrynO19MFUN85Y5H4rh7C-NUV902ShFAn2J9xiNkLAoxmp4ou3wsigme8rvObx0WzrpfcNelV-aiOUlS67L6QAD2smtAUDEIm4oNtyRjTo0ez4CVMLCQbGgdatddEziIEm-Uhdpjh8fYGmm_gYWBa5IfoYfMoPHEVOr88mJXyzZIDTot4T1azdwTAaUGJjJ4MuWeyu4_RWEGXTKT56uzEsnbMwaTNalVRZfnhBH2UhWFmvuh5cYPcOBN7cDkNMrx5cxaF-BdpE7cvkD3HSIsJRIJMuRzuNky0DkG4dAuCru3ihVjrwwIUPZ9xZ2kdXF7MU31_G99Lsm0jPJ4TGC4TwtsfYOGVEUhMwK6paHc3uL5XNptS4Fnh8ihLNNfMUetICCXaR-UEUm_E5SJEDa-D2kkKUCPqIor3f-vuA6zAwjarnx9F_43IHMipkzCvFdrN0uvclBOqz5jMSgzR5MTlNMyOiBhtahrYvWnNJ2e9pC2mgl3eLzVcHTyvICsiZc4oHYOC-CcRtkTTrnUK_giqbgOl41Tsz_3SFugYA&sai=AMfl-YQXOn-XUpjdt55wpd9hodxfq6E0qDbjP-kT0Y6mDpyTCH0AfW6-wQuKA_2Fk4bAvPkUZhT5U12VZYsjvFj0zukLtOHpd8vR55-JVgrzW7GYkmlG6xRc2GGTMSz_t7fPf6PowXkQPmSWYgs0YUFjTcmP5iv4b8jl_kD4-4iVzsxJw75Ypk1em4bIGUl4FkEi-3lJCntqWv_xEhR_rhlf8hA51UNK_8j6v0WrzLeQ8nF-aOBv145aGmpgplHtpgA2eSZTEDwZxIzW9NrEz1XwTLmiJzkshFaso35h2lUBo-4DYWp5jrkuxKxSMjyVneUkBd65RI81Jcd-Gt1PanqWG_rN7rtWLDlVWAPxfng7MkaDD0lR7iJ8lc4u-mwQxjRnfieOvCwv0Nma5IAWx6mEM7U_&sig=Cg0ArKJSzLmlr7BTM_zuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&vt=11&dtpt=196&dett=3&cstd=130&cisv=r20231026.40576&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK jquery.min.js Show response
brain.adbot.tw/js/ 95 KB
33 KB 1090ms
536ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/jquery.min.js
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jan 2017 02:20:26 GMT
ETag: W/"5876e7ea-17b8b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Thu, 30 Nov 2023 03:35:23 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 34 KB
34 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/bg2.jpg

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ef6da1684f83f781ae3635fc6a94ce8524ea5184200cb23f03faa817212f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:03:55 GMT
x-content-type-options: nosniff
age: 487887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34813
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 12:03:55 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 4 KB
4 KB 23ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/cta.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a1c54cc815d6d40a41d0f1d47b727828833398fb05268963d360111c04edd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 00:08:37 GMT
x-content-type-options: nosniff
age: 12405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4298
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Oct 2024 00:08:37 GMT

GET
H3 200 hd1.png
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 9 KB
9 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/hd1.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0be40bedf24a0814c233857889e6a74c91b74f9b0789d6cfd3316999717fa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:50:30 GMT
x-content-type-options: nosniff
age: 308692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8787
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 13:50:30 GMT

GET
H3 200 hd2.png
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 14 KB
14 KB 22ms
22ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/hd2.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4491d574536affd24d0e2fe3f4bef8bc2fb95bff7a00bf7a0fc57ed56962b03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:03:56 GMT
x-content-type-options: nosniff
age: 487886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13894
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 12:03:56 GMT

GET
H3 200 linha.png
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 4 KB
4 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/linha.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d634787c78d2bb877a7a961704e4fa1fa1dd52aa5bc73b661dd30589fb239bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:03:56 GMT
x-content-type-options: nosniff
age: 487886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3905
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Oct 2024 12:03:56 GMT

GET
H3 200 seta.png
s0.2mdn.net/sadbundle/349498087921017068/970x250/images/ Frame 333E 4 KB
4 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/349498087921017068/970x250/images/seta.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86040e9c0339b2f4ce17a91eeee19c06bb2a2aaa17126892556fbe08881ce56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/349498087921017068/970x250/970x250.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 00:59:55 GMT
x-content-type-options: nosniff
age: 268527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4041
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 14:29:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Oct 2024 00:59:55 GMT

GET
H3 200 container.html Show response
1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E79F 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
expires: Wed, 30 Oct 2024 03:35:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AED4 640 B
262 B 38ms
37ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame E79F 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:34 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame E79F 7 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:28:19 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E79F 0
0 143ms
68ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss5gNwKzlOOmlk19fgwDHSu-p0vwIfOItWtO6TLsBqrjsXNJThOp7iMs1SwjyB6ud72jQdOzG_687SJKfw1AzKwk7uuHLc9zfXKGrLuVw_zIhRQuaiNxK28SLq92-wMxPxdUDR1H0c7dJPpbpGBcR2RcHT9mckY1S1zfXQiMihttNhlZ_V3Gyp6_aauMgzTayJKdArF82Q1ZkaCWm98eWMpE998K0sRQZWW8CXUQH1-RKJLesZSOyqehnnvO816hPZfAZEUBB83zC4IuKUUFfnhK28aeibeZWLXK9SaZuGYuBxT9V76ZywuxyznyNej8I6jWwIvCXHOcsBGjq017vSMNLWDsTZ7BXGNvWaqF3r6x4vCbhvWfDakj5NzMJmWNjqx2fl1UjcgIygsxHK7TOi1QJQjy-T7CWRNL_2_akNIG1FUhxS4WQXyEgZ9okxdtvkVjpSn1WtUfzGJS1S8ILn3669g5fSOKecmyAWEkJpxvO7ODyy172sbN5QZCtU1VsrjuGAkh1HP93QIjfDVjtUdwYhyrgMbozm_i1UciAB5PCUY0G_Q_RHUTh04L1K_b835b03chiPlzWTPyiaFarIFn5JSOZwHAL_TQnyGVCaHU9oWQAXaqtH1h9JfHJnC0XNEMwUaW1zDZATqC6p0NSuLpLmo7K6LszcXJ6hrpzygHWEVwAT0znd3qarUBSK56NeHMcfnRw4B2yPY7NA779EX6gYdJGU-fWtFpJPe03FIytopIJmE8Ol26ZllW1KBWiNlZoiTpoo-3Pf_6Fr8q2yw6IERAodpEaaIOuWDR4s1AYwl2pFZ4F48OAvh8oFxb5TSocgACmL0yJ3wfVGWpPFuDAkoYFNavWsfI2a40Ccd1BKhFY9dhDAVIpBxDlo73U0dAvDAsuplDnajmlRcWtUhZ043lHLNR36cJvF5rJB_hmKC2O5hS9V6TAMUDSxBfu5sLRKctU2gywv_vHYVw6Q1z2a_-gGy04xPD4NaopcKdbRFqwkzmsGe2eewK_PMh3ZVbsx4p2K8KEbi3Jg7ws_f1lNPlpDSXVdAgHsjBiAxAl_B670-YtHpnRCPUZ_NvVLfmdof4NwNtODB0l1T_wELza6ty5BirMYceGpUkWiX5v_Hwn_GbkdUN6Ame0zr3WQbBQPJP_ljD2ceVBuTgWDt4LOZlWyE9uZijEgTZ9ZwS39cIyDqSl_fACXOZfO-fw4JucMWFemXFTLYi0KhQ-CgoFzWimuPcAPDLiV5jnPfpSzX3ycwJppWMgkrNoKsre6dSLR3sYR2MbqIYvxJuHS3qdbFXXIdqk9Ty16EvgDRZlcwe_FNAhsv9m51EmdByKUbUiVkaJh9GoiNZME7EVN8sbItvH4WtOv77qn4pt-PScJ9kwHXLCoyMumi8A&sai=AMfl-YRWEPtXrgIaW1A6hoYtag2XlEJtFNdeuNs5dlzUs3psoZnOblyAsDl_GWc3h8HBBPk6h9aZA1Wi9jPLimtMfGepQs1L58V1fvo0MQ85rSOgiFKL5uWUyTXfHKGyaZFhDsbUSqZ82P7fZTQkffQ8qR-jTmUxIsM5KVPxD4OxOlkm1B46N1zQyfqCBe6JbgNN4FY9iRqUyAyFt_culeKhPffASPmwE6VLHskmTY2JKc8BVLTiQHec7uDUGKGe2LHLiOI71xMqg52bsEKhygZdbmwjnuoBGTg2mJwJk_irbpCDGKo2HM7NtWW_-Nean7waqpwlj2U8H4kTOCpuen26yyCQGhPkbcl5Yx2zD_c0a_LeYGdbloqRuMjkbBq-QXsaPJuNTiCeEVYsxTbFmb59334aZotiDopSsZxBYjFk&sig=Cg0ArKJSzO8aLy2kckiQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231026.18715&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E79F 41 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E79F 3 KB
1 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:41:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5924 1 KB
643 B 29ms
27ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E79F 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E79F 42 B
63 B 60ms
57ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiZySbchd5oxMWyzKp0JsbxhSADLp4PDQkD9C4WHnN0r7XvhfK-MReJlpNdpDMnr35AFFN8nf1yIvVlCPunPBD5t-eyvXYwbCtcImsj8OKZkCBzTE

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E79F 0
0 41ms
39ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyiEMIuIVK0SXcHsBo50m2z9S-RMlPcI7sjI3an-k7qurNLYTeXJ-u8rm78ASOk4oRacaHXIivCNzWCiJocxul10zjXA
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E79F 188 KB
59 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:22 GMT

GET
H3 200 10173851963065104796
s0.2mdn.net/simgad/ Frame E79F 53 KB
53 KB 31ms
28ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10173851963065104796

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58355a565fa089b86a32188e63bfb70b5833099051515a9ccd9aff60e447454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:16:05 GMT
x-content-type-options: nosniff
age: 87557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54169
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:37:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 03:16:05 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AED4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENpoqshj5hz6deSaj9Nka3U&google_cver=1

43 B
105 B

38ms
37ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENpoqshj5hz6deSaj9Nka3U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENpoqshj5hz6deSaj9Nka3U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame AED4 43 B
219 B 61ms
30ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame AED4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEM_hOtrYt_jZKaLevwO0dQg&google_cver=1

23 B
163 B

143ms
75ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEM_hOtrYt_jZKaLevwO0dQg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 03:35:23 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEM_hOtrYt_jZKaLevwO0dQg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame AED4 23 B
163 B 206ms
73ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGMHrivQBMAE&v=APEucNUHg_F1NPjNS7u23rtIcal_QLVI6KF8QJd-1YjdHhqjBbLOobagTsMXa7oB3yinJli-8X0CJ8yvFanMGbnxryglBUYmskdqH5ujl301TfBPa054WrNWfEtk5w_v98Xw7W_qqtSLYffzFrNy4zESqW7FeQhO9qpnGdpbb1nxO065KcgnDOg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 03:35:23 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame E79F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c42c9a8abecb6e5733fc9ad519d88a6dc765c415672fc3970f15fc07b75b2874

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5924 0
104 B 200ms
72ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGWz4GanUw7JiKcbQ-LMNJ0&google_cver=1&google_push=AXcoOmTSlGLGd1ZeOGgFM24ndqGoK3YeGwVQ3eh-UJmh2tb9trS1l9NiKKjfCPhGoTUIPTYSC3RzeshjsRKncmQDBJjzl56cg48
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5924
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKm4HNiqMKcIangJQPh26tc&google_cver=1&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg1OjcFipq0QMe69qk&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg1OjcFipq0QMe69qk&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmROV_XGtvF93fDfCeFRCPibN11Pjny5V7oJOsxYXfl3iJdDNPuL3tVQIbefgto7NBu5BOollECnvzg1OjcFipq0QMe69qk&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5924
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM8lv5T3EvIudGyvhR2mH_I&google_cver=1&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2rjvepXCdLYk

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2rjvepXCdLYk

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQVG6VsJbZLOW6eN3fCHKS5-f5AC8BNpav4RxpMPSH2jFTfOjORpHhQ109d3iRuN4BmH5i-wVxYmsz6QAt2rjvepXCdLYk
x-host: tde-deliveryengine-production-5bf79cd4ff-k65d5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5924 43 B
245 B 115ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEP_pbFymepyUThpZAHg5E1s&google_cver=1&google_push=AXcoOmR8Aw0ge0ZmEmS9pBTd_ERZlcvxv6eRZmyYEaePQnhhrtzCVUx8M8T_BQkKu58QtlgmtYu4gydN_kSTJAlPZDO2cmpDuBQ
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5924
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGdFexjKy5xPe3QPbOg98VE&google_cver=1&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qf...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qfxs6LCmY7dY&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

170 B
188 B

39ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qfxs6LCmY7dY&google_hm=Hk23qGZHe8SPIr1zTiqksoZy

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Oct 2023 03:35:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSorSvnUkJ7gZBfz18KZEWekqk4VMYp3UTG_oxw2wMZSaDM39DHeOrhNORTTK4bmftOt3GYtGEonkGhTV1qfxs6LCmY7dY&google_hm=Hk23qGZHe8SPIr1zTiqksoZy
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 5924 43 B
198 B 55ms
47ms Image
image/gif 52.210.34.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEFSJYdaj-f5DKP3hP2w1haw&google_cver=1&google_push=AXcoOmROLhiOt7R_755phYc3qLqoE74SnWO-oYaNO-3FHS2m_zGBKGPDUNY5r_RT5x-hFBsOIWdgxeqw_FKfBgo_Hm7SdY4zgtU
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.34.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 5924
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBzwk4fbd6rZ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRnMHqB3hZL28tk9KMypJi5m_lH-o9n9_jUrOw7K-Zhw-PNKnbdj-ezRasdXS4P4NP5KIIx1ygaI7_04wmeFKCGTJ-lGDX9
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

64ms
63ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 03:35:23 GMT
pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5924 0
12 B 36ms
29ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXlf83Tc8EsF5_iphhr6hO8SVeZWgj4Bggs-QiRI8oy2W-9motKgm0RId-VzPY0O8o9Eivgg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E79F 0
0 83ms
64ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss5gNwKzlOOmlk19fgwDHSu-p0vwIfOItWtO6TLsBqrjsXNJThOp7iMs1SwjyB6ud72jQdOzG_687SJKfw1AzKwk7uuHLc9zfXKGrLuVw_zIhRQuaiNxK28SLq92-wMxPxdUDR1H0c7dJPpbpGBcR2RcHT9mckY1S1zfXQiMihttNhlZ_V3Gyp6_aauMgzTayJKdArF82Q1ZkaCWm98eWMpE998K0sRQZWW8CXUQH1-RKJLesZSOyqehnnvO816hPZfAZEUBB83zC4IuKUUFfnhK28aeibeZWLXK9SaZuGYuBxT9V76ZywuxyznyNej8I6jWwIvCXHOcsBGjq017vSMNLWDsTZ7BXGNvWaqF3r6x4vCbhvWfDakj5NzMJmWNjqx2fl1UjcgIygsxHK7TOi1QJQjy-T7CWRNL_2_akNIG1FUhxS4WQXyEgZ9okxdtvkVjpSn1WtUfzGJS1S8ILn3669g5fSOKecmyAWEkJpxvO7ODyy172sbN5QZCtU1VsrjuGAkh1HP93QIjfDVjtUdwYhyrgMbozm_i1UciAB5PCUY0G_Q_RHUTh04L1K_b835b03chiPlzWTPyiaFarIFn5JSOZwHAL_TQnyGVCaHU9oWQAXaqtH1h9JfHJnC0XNEMwUaW1zDZATqC6p0NSuLpLmo7K6LszcXJ6hrpzygHWEVwAT0znd3qarUBSK56NeHMcfnRw4B2yPY7NA779EX6gYdJGU-fWtFpJPe03FIytopIJmE8Ol26ZllW1KBWiNlZoiTpoo-3Pf_6Fr8q2yw6IERAodpEaaIOuWDR4s1AYwl2pFZ4F48OAvh8oFxb5TSocgACmL0yJ3wfVGWpPFuDAkoYFNavWsfI2a40Ccd1BKhFY9dhDAVIpBxDlo73U0dAvDAsuplDnajmlRcWtUhZ043lHLNR36cJvF5rJB_hmKC2O5hS9V6TAMUDSxBfu5sLRKctU2gywv_vHYVw6Q1z2a_-gGy04xPD4NaopcKdbRFqwkzmsGe2eewK_PMh3ZVbsx4p2K8KEbi3Jg7ws_f1lNPlpDSXVdAgHsjBiAxAl_B670-YtHpnRCPUZ_NvVLfmdof4NwNtODB0l1T_wELza6ty5BirMYceGpUkWiX5v_Hwn_GbkdUN6Ame0zr3WQbBQPJP_ljD2ceVBuTgWDt4LOZlWyE9uZijEgTZ9ZwS39cIyDqSl_fACXOZfO-fw4JucMWFemXFTLYi0KhQ-CgoFzWimuPcAPDLiV5jnPfpSzX3ycwJppWMgkrNoKsre6dSLR3sYR2MbqIYvxJuHS3qdbFXXIdqk9Ty16EvgDRZlcwe_FNAhsv9m51EmdByKUbUiVkaJh9GoiNZME7EVN8sbItvH4WtOv77qn4pt-PScJ9kwHXLCoyMumi8A&sai=AMfl-YRWEPtXrgIaW1A6hoYtag2XlEJtFNdeuNs5dlzUs3psoZnOblyAsDl_GWc3h8HBBPk6h9aZA1Wi9jPLimtMfGepQs1L58V1fvo0MQ85rSOgiFKL5uWUyTXfHKGyaZFhDsbUSqZ82P7fZTQkffQ8qR-jTmUxIsM5KVPxD4OxOlkm1B46N1zQyfqCBe6JbgNN4FY9iRqUyAyFt_culeKhPffASPmwE6VLHskmTY2JKc8BVLTiQHec7uDUGKGe2LHLiOI71xMqg52bsEKhygZdbmwjnuoBGTg2mJwJk_irbpCDGKo2HM7NtWW_-Nean7waqpwlj2U8H4kTOCpuen26yyCQGhPkbcl5Yx2zD_c0a_LeYGdbloqRuMjkbBq-QXsaPJuNTiCeEVYsxTbFmb59334aZotiDopSsZxBYjFk&sig=Cg0ArKJSzO8aLy2kckiQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sZy5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&vt=11&dtpt=57&dett=2&cstd=0&cisv=r20231026.18715&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D07B 38 KB
13 KB 26ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame D07B 38 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 200 container.html Show response
1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DB0 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
expires: Wed, 30 Oct 2024 03:35:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8EBA 466 B
235 B 34ms
33ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP7J-PsBMAE&v=APEucNW7Czt2dCu_ww0cqoCcuIlr8dLUU0D3sRKlTIFAyhIRskiLkDsw61v4ijFTrTNTpVoC6x0fN5HQUfth25wrsIeEJC1t2AitVSjY-iHUUGrCay6riuEwjbBqark5k_RhrVuIe9NKXnR8yCtIl41hMpy1KaKeGo_YD66xnf9MIERy6wpJe50

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3DB0 89 KB
31 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB0 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9GzjmOh4Mjh4l8Zh1aOHeWXO6fo6Bp8E5KJO_0U12CtZgjgewdeJ_Z4402QmoGj8RbnNTBjeqG3TGlWLzdQM6DacrMwz_iL6LH3rT-50qmQEegzg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB0 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8922432967493668618&x=1&ct=119

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3DB0 60 B
60 B 204ms
29ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=300&extProvApi=roller-dv360&extPu=ROM&extLi=55228403&extCr=528360702&rnd=1698723322681451

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 31 Okt 2023 03:35:23 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 713
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 3DB0 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:41:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 3DB0 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3DB0 0
0 30ms
29ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs7Q0p023vOOri7UXE2m57nQnrx_eB_OQcYyCWWlg_oMb2atcJPvHERBEONWFYXzG33hyADTjx_D_YzDs2fm47X5_zmg
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DB0 188 KB
59 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET

partner
sync.search.spotxchange.com/ Frame 8EBA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENO1996i7HsuS0FsTQHjcyg&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 8EBA 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 8EBA 0
38 B 24ms
24ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP7J-PsBMAE&v=APEucNW7Czt2dCu_ww0cqoCcuIlr8dLUU0D3sRKlTIFAyhIRskiLkDsw61v4ijFTrTNTpVoC6x0fN5HQUfth25wrsIeEJC1t2AitVSjY-iHUUGrCay6riuEwjbBqark5k_RhrVuIe9NKXnR8yCtIl41hMpy1KaKeGo_YD66xnf9MIERy6wpJe50

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB0 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=870224163365&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB0 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=870224163365&version=m202309260101&ct=119&x=1&cor=8922432967493669000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3DB0 89 KB
38 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzZop0etUeG9nOyBqq7gqbBijEngHZ-Dosd8wEoFxUPQ00lVMc6ocdE-jgfynKyDwEoG0eCvK3q6B_rK3VFArOKO6jtZh6UDLSr1kcqlUS7Czzo9go1ZvJ-U4V_z1rcLmjGh7HC_ONy4AZVw31TxXqd9R1O_3ghRTV3tHx5KokTEJkxHw&cry=1&dbm_d=AKAmf-AN1LyvmVtv-b-z6Rc2zV1nDNS65A2dphEFNpxne6Fy840KB_s-cA6dsdmNBgalfnDF2TRXrBLml9bcsciEUFjoMB7NHfr5yq4DR2on9qIseEZvrH88LVsujhO-N670ukk-jNcenKJu1-gyyrOQEOTPSC77EF_nl0Id8Cx9QpsbMsQ0VflthnRWQbYeLXtllhjWQotnlI1fwxnoNaCC12fFGHSfpzG-Bl6WMd9zlzPy7sJ1dYxt78dn_9T6ewe_IGLDVTuc1-zDc50ediTabdjgg4bO1F0ZbYvbM4-QG9h0pShEegfJF5DBpEImjvcGsa6qYbgltHUY-slsQx8Da0Px6IYTYk4i81PMgVhcEwXhIgCJHzgfrH6JzVJW1eSMqj2vxCjLZV9GbVR6RDBh7DyFsoREHsH3v3rkgxjNdSLpw9Q0EITVz2m-Rsj3CeklhIgndxX97ObZ31uDsI8OlBk42qNfCuQHrXgE9LzIaP_BGWVl069da4GdgWCRamGAfWrwAKeFYY19NjDMwQBbfPK5bOpEX4xVyN12RHBdAop8kU2dMMXYIayZykA0Voh1X50-yq9fgsVI1q9iHSpYdllscVnEc342YHCexaofmUm9Dhi-mQvRT7zVdhZ_P1iwPYH-mThWNSQN_WXOzhg_YggN2KKg94T6XzJEj2C7zVgdHjLNcL0N_9so5urF-MrIvfFnqzwjGYAenKUthmYXqQeD8cIon2aFvUGvp5qBzRdYddyIN9lGSyqz1AoB6kTYXSJklotIyqaMldeWC6Z9WUN3iIiUndoNgQPuX9q2-AaxxYLFy-AaTu3kZ_g_RnjXN57UrEZEZc84__tP0N_PSlfz_I3lnLGcisunnmE1oI129CzhTWO9ulBH7ov8irZI-eUKlTrOrb-VWgVrR3nIoxD_S9O3s38z2WU2KDz1L246bokcIxjIjUoVysTfEzHdJd9Ithpa35z-Q1DZ1vQaqhvWwEZ_NJqdttjpyqO5GY0u5qy7dm6SqW6-8uWNNRQP74r7E_tNZ9ziEJwhajkguPu0Axvsim4Hye9cYKTv_-p9KhcQS8aF31WnPbzqPzh_exSkqklOf_-3Qjaf-yF3tV9PX-vnXRSUpslrqzJaSlCjhqWfrR1qu53S1Wxm3shwAa0Ojfsq61ae9w_iZ0NpjucTPm70WWX-J0pgW9evOvWU-K4g_5PfMJChFU2Lr3lqd9ZrIV5h5L1RPjuDutQww4YLhVo0C7Ze8AFSrei7x4elpN7OznQJx1SvdrziC6-FnKIODef78GIIL3gVYL1fsofMDfkVakSHFjGttwg0jB31o1qRHJTTKVn_ZvPeN--qDFYI0WRs4Mfnlt7DQW2mGDofeUGbZxBtRpVApgqRpHKot_CIQgZcnVoikN1b2X-an7kdk7BqzLrrcaQ2TSe67GGw1H_y6a9bm8OyaA76W0QfgA3TRx-TFGvO8bhUjFREPpyItdnp8EpABAA5tGo70pHhH-K6-Wn9NxLKJ3jWYIoQycOjFpfOTi1KJo6P4uFYY7R_U3QlOHVZkAlCwE9D1UyosLp8dt8URZ9N8QaGII8lCLCirjjzvxY_YO8HyAOZhUu7tASiM4S9p9f99DJdOou9dnSDKyPJW7IdQGKLcYOyPlRD_v7FGHuYivDmGUgNVTKNrnP9MHJI2rPI3xrDLRFaWyuNugd-hrX7oeUuv8YhyP30Wq3EDFAtGtg4kt8EoY253ItkHR8aM7VpBbjFK_5FNwTFjumsi_3lYByU69OHJ0l69YYqneOxLHf5BSnWTi374IZKhgTNjQQ2Yhawb2U59mjQ2D1xnpcoHiVTbZ21zglsWz2gYiyNymLGulxVtO4yJ4tR0jv0XZwp339aevF6Y5sUwCmhOTfuydUAc2TZtYja84g-6INu3zFSNExC6VssK6q6Zqw8LZ92ROyvr3unuU-5I0AadF8I4TmW8p2AE2PPg6pRr9-UpANp0AgzToDJCBzdt3A03HfAToiUlh4H8KgpZWxVN-Le7XvWesOyRa4ZvPypGEz631SsIjvTG2MOunrIUdhBKgtLH9nWsFsQlWi6wZjAlyIO3vmF06hVAND4BrZw4V8GHwpCbLaNfSBji9-JmYB5al0Kd0lcel6W6WdSiaJbaZ-E2eHGmBpCH6kXP6dgTx2pMG2nIoKbIB_qnuoYwQriyzgNe0xByKm59ND5nM79XShKcjsDlOw3uHYcPi2fylV7OhnFGRHCoPJAHlRKys9gIfFzXi8kdmEzgyUFIwMdIkShyKlLPPslm2ZUYVmIfmoZend0BimPrM5FmzxE45awQxIJMUm-dhdPzgzgKxZVrn1EdrlBs7BoT35X8Vxb9N_h-aP73s99R8UvtXGeFMNm0JR_4OAGnwwVnm-TLMkWn9aGlkc3K41HfDz3sVaU0Q-c5GFFueXK-RgTwMu53OYtP3iN_2qQF1z03C_5-A9u_Hg9_YKVQoVe4-nG78l15d3QyD5Mqwxiwcb0Jy6uH7LbkjckfFyzGb3u9JgorOsEJLcagiL1yv7Y-j7zhwzLzuSBrv8DQgUJ7RNIuLK8lSaz_Z32uYk2mXrzfBDu6PzCzl_nMrXd-o7D_aoWnT0Qo-Y0cZSbJecsqtfC62YGPmvrXx8W2jH1iYOvc8YRtF4bR8JVWn7Ynin-UqEANc54eY87CmHn1eVmOxRIMLIuijUgru6Cbum0NWLmCqJh_eBJNlHPgGHDTb7w3-YugyKTC0_LDd6TwQ57HZzvdIgNnKvQHr3sKmbRIbS_zsI8s19SJFFdcaWhUdNUGI5IuPZBkClj_UmPTQpiwYo4GbAFQMyriBZrk17O00X0Jaqdituvn07QErmhCl16sWNRiB7OzBsQgV1OAba2QkFcJf12GuxNJF_PhXYkfZpZL6ex6eBaARcYN_EIm43itt9azyeoEfThlzVUbjzGSd5bUqVbts9skLhMEdLynfetiIeSKJH1LnO1i9J8N6WLluQYpKB4j2Om_x1ydkD7wbgokL3P4rOV4T3pn4yQJZOEvopDaYu6DPatEuGPGvXRxpgfzkJo0_QNDIho-h20CKZhUFdbhV4oPVFELP-zpOejtXztowfyuEtaa2uUCsV4Snl0MCpqH0ADlIOTDib66gOa8jNsonKl7q-xnd0sCfLw9mgQ1pxSqmHcRgj3zW33NYucwzyKKWjKAnZmGQo1xFmKZ_c5LJnhtgBvxoIarrT4Jb_vJSloDT6eP-S5kE-MOC9ZlHh54LZoE55PKNb9-g6AzkmQ_9y8M71txSiuLm8Y6HWu1Wcvy4IJQDVvtqd4mEuB3SdnVnD16V8HTN-tnW_2NChcDTr1RqeUvVM940ebpfP3fPSdHHm0_OmfOnuHNR95RdA3RFDEXRUrticiOy5haiZniinfyJKQD4pIDRRGYZc-aG6Aa086ZkH3qTUAqIM__rE4pWFI0vbvr7EeYrWijWJryQ42ksfRYHyilfZfjMv82v7vvzPb4a2ixsqTT6rOofLw_3PcdbiAwc9oF-NewzicjrQFo6uvXjSD9NUaqjcwKkfWpe5f7ouIBhxonpL3WE5iUAWjXtH1dk3Lp7AB9mX3KsB1shMuGV84BGrUP7SUNdvUm8WCVTmABle8WMez27GgcjIrQbCNP-smCbocjJaI39NFVPO-qbaw0CIpnJWHyEpBdP156Z8-GfwhC9Lk78_i_OTPpf9JiGvAHDgmzK9KO2scc9Z2Ga5ysv-UeaDS7RwNaJ955MQLgWl0m2T8OesltzzFyHXoyKZ8keu7kv1DhxEHk9LiEUWGq9P0QgtnpnvizDXZzLf4y-gqJCr9xMSk0JivlCyi6ZPjF0PPZvML3ABff6DVRDAUwNqfjh8eSnKc3_QZ4AgSPzy9MMRTQeCI_yMtmu4CKj90UaipNvW9SvReLbCuIGS7-8O5INMAeewm1gz3VbHlirJN-21uNuuHMozryXGVVPOs3fvmGE09vzS_JOm5GMoZ19g8sCRXY7yZ_sl-lQUO4VuqOcTv_9g&cid=CAQSOwDICaaNNfYgI88Xr5Q3CqeQsRbiGgGyJynJ-gZJOzHrBnu3YP3zR4vZMV5V2a4qblEEaqhnVmM84Y0VGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fjennifer4.com%2F&ds=l&xdt=1&iif=1&cor=8922432967493669000&adk=2086295851&idt=38&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c489d9e511d8f713cfe7539579b562fd9729ed3b806931ca4a5a618fb3f672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D07B 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BC7Zn-nVAZarfHezG7_UPme-h4AQAAAAAOAHgBAI&bg=!rq2lreLNAAbo5yKYyOc7ADQBe5WfOICPxRw4jrFsNnPowts5CvBxHvxuJEoDNpijpGLDFGSQ3yJ-FlpkJ3Azb6XO_zlzAgAAAJVSAAAAA2gBB5kC_vdQQk9T_SVD2j_2e4s1k_ab590ZQIlbzQ0x9T8Mpg5NY0oguz-lDbLDZUnDaeU5U7lbbO8AM4xGUjUWrOaoj3x2KedPE2FDPoqZTVCWk7PKeo632YMFi6BM8s0HdeffULJic0htuGpEzlssqdKixErrhGOMNqr-Fa7iZ1RF9JE2rVc3rKXh_MlMEXEkOZ-NjMCNeI2UONrkXcZ-0N133y_tmgL6ORHDKKgcMv3v-vAWyZLqifEu5y63aGyCmc-aiPVefEDr6uzeB3zAUrdInhvSeDhSxbOlIDF8h4NSu739ZiceEqwq8Yg4D0MbVel1zP854uojxkVw0v8eIvOjBvhSTFCVl11q0uFDFueBwwveFFWAbwCoNWomCtxKHs8a2gSlZHyHzghhE2goLAkhlEQOzFrByQUd-NfS5ghrHf83h5YOTLtz4mTyg1V4gFPO4U02jj5ti32d04xolaWcphtJIz_PZfqdZSbZ4S5xTxqdN5bv0DhwQ1UeMCBHAbcezvrCqix7QJgNCp5w5Hsa3ceQYZQKxLWmQZzd1Qci3AF8wZPPXrbozc2LBeYByBrH3OWrdMwskCtsgNq1kZ7KPSBq6C_30xAkobUHnU_Ax9njfMmLOW3-25ZkkKLAZ0gsaYEcopOk6dllrBenOmJs4ZfSajDuhaCy3NxNpQHhq6mJ5DElehpVv5dH539ULXACmBbvMLsx3nCxeK-h6piaEV6cl3uTNBSnRM1mJsOY7rEnYfv_PxtJFPuvMGn5lzXDDcak8Tx8lJjijIk1BlAdv4J4090AJpxvJmJI5PB7c8HKsZ6-KD5WlJFjRYRQn7EeTcHog88ySeE324SIETI3d7F2PiTiDIJlHlEncj1kew21n5cQLeXh7fL_4g4d2raA3iLyrAFFsATPvmBt7acOUfau05o3Qv9-Eg9D-pYkn5olNU8wWYqM4M2eXDyQWOSiPjfQKk2lJSen2R-d3q2xgbblYkURLLbYWMFFryJHV6ml5F4skIdZAaezXAYOnsM

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3DB0 111 KB
39 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Origin: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 3DB0 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzZop0etUeG9nOyBqq7gqbBijEngHZ-Dosd8wEoFxUPQ00lVMc6ocdE-jgfynKyDwEoG0eCvK3q6B_rK3VFArOKO6jtZh6UDLSr1kcqlUS7Czzo9go1ZvJ-U4V_z1rcLmjGh7HC_ONy4AZVw31TxXqd9R1O_3ghRTV3tHx5KokTEJkxHw&cry=1&dbm_d=AKAmf-AN1LyvmVtv-b-z6Rc2zV1nDNS65A2dphEFNpxne6Fy840KB_s-cA6dsdmNBgalfnDF2TRXrBLml9bcsciEUFjoMB7NHfr5yq4DR2on9qIseEZvrH88LVsujhO-N670ukk-jNcenKJu1-gyyrOQEOTPSC77EF_nl0Id8Cx9QpsbMsQ0VflthnRWQbYeLXtllhjWQotnlI1fwxnoNaCC12fFGHSfpzG-Bl6WMd9zlzPy7sJ1dYxt78dn_9T6ewe_IGLDVTuc1-zDc50ediTabdjgg4bO1F0ZbYvbM4-QG9h0pShEegfJF5DBpEImjvcGsa6qYbgltHUY-slsQx8Da0Px6IYTYk4i81PMgVhcEwXhIgCJHzgfrH6JzVJW1eSMqj2vxCjLZV9GbVR6RDBh7DyFsoREHsH3v3rkgxjNdSLpw9Q0EITVz2m-Rsj3CeklhIgndxX97ObZ31uDsI8OlBk42qNfCuQHrXgE9LzIaP_BGWVl069da4GdgWCRamGAfWrwAKeFYY19NjDMwQBbfPK5bOpEX4xVyN12RHBdAop8kU2dMMXYIayZykA0Voh1X50-yq9fgsVI1q9iHSpYdllscVnEc342YHCexaofmUm9Dhi-mQvRT7zVdhZ_P1iwPYH-mThWNSQN_WXOzhg_YggN2KKg94T6XzJEj2C7zVgdHjLNcL0N_9so5urF-MrIvfFnqzwjGYAenKUthmYXqQeD8cIon2aFvUGvp5qBzRdYddyIN9lGSyqz1AoB6kTYXSJklotIyqaMldeWC6Z9WUN3iIiUndoNgQPuX9q2-AaxxYLFy-AaTu3kZ_g_RnjXN57UrEZEZc84__tP0N_PSlfz_I3lnLGcisunnmE1oI129CzhTWO9ulBH7ov8irZI-eUKlTrOrb-VWgVrR3nIoxD_S9O3s38z2WU2KDz1L246bokcIxjIjUoVysTfEzHdJd9Ithpa35z-Q1DZ1vQaqhvWwEZ_NJqdttjpyqO5GY0u5qy7dm6SqW6-8uWNNRQP74r7E_tNZ9ziEJwhajkguPu0Axvsim4Hye9cYKTv_-p9KhcQS8aF31WnPbzqPzh_exSkqklOf_-3Qjaf-yF3tV9PX-vnXRSUpslrqzJaSlCjhqWfrR1qu53S1Wxm3shwAa0Ojfsq61ae9w_iZ0NpjucTPm70WWX-J0pgW9evOvWU-K4g_5PfMJChFU2Lr3lqd9ZrIV5h5L1RPjuDutQww4YLhVo0C7Ze8AFSrei7x4elpN7OznQJx1SvdrziC6-FnKIODef78GIIL3gVYL1fsofMDfkVakSHFjGttwg0jB31o1qRHJTTKVn_ZvPeN--qDFYI0WRs4Mfnlt7DQW2mGDofeUGbZxBtRpVApgqRpHKot_CIQgZcnVoikN1b2X-an7kdk7BqzLrrcaQ2TSe67GGw1H_y6a9bm8OyaA76W0QfgA3TRx-TFGvO8bhUjFREPpyItdnp8EpABAA5tGo70pHhH-K6-Wn9NxLKJ3jWYIoQycOjFpfOTi1KJo6P4uFYY7R_U3QlOHVZkAlCwE9D1UyosLp8dt8URZ9N8QaGII8lCLCirjjzvxY_YO8HyAOZhUu7tASiM4S9p9f99DJdOou9dnSDKyPJW7IdQGKLcYOyPlRD_v7FGHuYivDmGUgNVTKNrnP9MHJI2rPI3xrDLRFaWyuNugd-hrX7oeUuv8YhyP30Wq3EDFAtGtg4kt8EoY253ItkHR8aM7VpBbjFK_5FNwTFjumsi_3lYByU69OHJ0l69YYqneOxLHf5BSnWTi374IZKhgTNjQQ2Yhawb2U59mjQ2D1xnpcoHiVTbZ21zglsWz2gYiyNymLGulxVtO4yJ4tR0jv0XZwp339aevF6Y5sUwCmhOTfuydUAc2TZtYja84g-6INu3zFSNExC6VssK6q6Zqw8LZ92ROyvr3unuU-5I0AadF8I4TmW8p2AE2PPg6pRr9-UpANp0AgzToDJCBzdt3A03HfAToiUlh4H8KgpZWxVN-Le7XvWesOyRa4ZvPypGEz631SsIjvTG2MOunrIUdhBKgtLH9nWsFsQlWi6wZjAlyIO3vmF06hVAND4BrZw4V8GHwpCbLaNfSBji9-JmYB5al0Kd0lcel6W6WdSiaJbaZ-E2eHGmBpCH6kXP6dgTx2pMG2nIoKbIB_qnuoYwQriyzgNe0xByKm59ND5nM79XShKcjsDlOw3uHYcPi2fylV7OhnFGRHCoPJAHlRKys9gIfFzXi8kdmEzgyUFIwMdIkShyKlLPPslm2ZUYVmIfmoZend0BimPrM5FmzxE45awQxIJMUm-dhdPzgzgKxZVrn1EdrlBs7BoT35X8Vxb9N_h-aP73s99R8UvtXGeFMNm0JR_4OAGnwwVnm-TLMkWn9aGlkc3K41HfDz3sVaU0Q-c5GFFueXK-RgTwMu53OYtP3iN_2qQF1z03C_5-A9u_Hg9_YKVQoVe4-nG78l15d3QyD5Mqwxiwcb0Jy6uH7LbkjckfFyzGb3u9JgorOsEJLcagiL1yv7Y-j7zhwzLzuSBrv8DQgUJ7RNIuLK8lSaz_Z32uYk2mXrzfBDu6PzCzl_nMrXd-o7D_aoWnT0Qo-Y0cZSbJecsqtfC62YGPmvrXx8W2jH1iYOvc8YRtF4bR8JVWn7Ynin-UqEANc54eY87CmHn1eVmOxRIMLIuijUgru6Cbum0NWLmCqJh_eBJNlHPgGHDTb7w3-YugyKTC0_LDd6TwQ57HZzvdIgNnKvQHr3sKmbRIbS_zsI8s19SJFFdcaWhUdNUGI5IuPZBkClj_UmPTQpiwYo4GbAFQMyriBZrk17O00X0Jaqdituvn07QErmhCl16sWNRiB7OzBsQgV1OAba2QkFcJf12GuxNJF_PhXYkfZpZL6ex6eBaARcYN_EIm43itt9azyeoEfThlzVUbjzGSd5bUqVbts9skLhMEdLynfetiIeSKJH1LnO1i9J8N6WLluQYpKB4j2Om_x1ydkD7wbgokL3P4rOV4T3pn4yQJZOEvopDaYu6DPatEuGPGvXRxpgfzkJo0_QNDIho-h20CKZhUFdbhV4oPVFELP-zpOejtXztowfyuEtaa2uUCsV4Snl0MCpqH0ADlIOTDib66gOa8jNsonKl7q-xnd0sCfLw9mgQ1pxSqmHcRgj3zW33NYucwzyKKWjKAnZmGQo1xFmKZ_c5LJnhtgBvxoIarrT4Jb_vJSloDT6eP-S5kE-MOC9ZlHh54LZoE55PKNb9-g6AzkmQ_9y8M71txSiuLm8Y6HWu1Wcvy4IJQDVvtqd4mEuB3SdnVnD16V8HTN-tnW_2NChcDTr1RqeUvVM940ebpfP3fPSdHHm0_OmfOnuHNR95RdA3RFDEXRUrticiOy5haiZniinfyJKQD4pIDRRGYZc-aG6Aa086ZkH3qTUAqIM__rE4pWFI0vbvr7EeYrWijWJryQ42ksfRYHyilfZfjMv82v7vvzPb4a2ixsqTT6rOofLw_3PcdbiAwc9oF-NewzicjrQFo6uvXjSD9NUaqjcwKkfWpe5f7ouIBhxonpL3WE5iUAWjXtH1dk3Lp7AB9mX3KsB1shMuGV84BGrUP7SUNdvUm8WCVTmABle8WMez27GgcjIrQbCNP-smCbocjJaI39NFVPO-qbaw0CIpnJWHyEpBdP156Z8-GfwhC9Lk78_i_OTPpf9JiGvAHDgmzK9KO2scc9Z2Ga5ysv-UeaDS7RwNaJ955MQLgWl0m2T8OesltzzFyHXoyKZ8keu7kv1DhxEHk9LiEUWGq9P0QgtnpnvizDXZzLf4y-gqJCr9xMSk0JivlCyi6ZPjF0PPZvML3ABff6DVRDAUwNqfjh8eSnKc3_QZ4AgSPzy9MMRTQeCI_yMtmu4CKj90UaipNvW9SvReLbCuIGS7-8O5INMAeewm1gz3VbHlirJN-21uNuuHMozryXGVVPOs3fvmGE09vzS_JOm5GMoZ19g8sCRXY7yZ_sl-lQUO4VuqOcTv_9g&cid=CAQSOwDICaaNNfYgI88Xr5Q3CqeQsRbiGgGyJynJ-gZJOzHrBnu3YP3zR4vZMV5V2a4qblEEaqhnVmM84Y0VGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fjennifer4.com%2F&ds=l&xdt=1&iif=1&cor=8922432967493669000&adk=2086295851&idt=38&cac=0&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 3DB0 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:19:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11597
x-xss-protection: 0
server: cafe
etag: 8023538936332676572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:19:41 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DB0 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2827 1 KB
648 B 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3DB0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7998a6596897c766dd683788e5683ef2f7c89d735853e8a39f37e023ed65eb4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2827 0
103 B 52ms
48ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGWz4GanUw7JiKcbQ-LMNJ0&google_cver=1&google_push=AXcoOmT7wqp0TDZ_8pXXg0XDqzdQmmqTy91HEBhzwjXid9RhDONJbOqU-3rCbxldM3Jt7R_KQsFBpazvvi1yHEGzDLZ3wctM86msZQ
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2827
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM8lv5T3EvIudGyvhR2mH_I&google_cver=1&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3VQ_r8m7wioPxcQ

170 B
188 B

34ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3VQ_r8m7wioPxcQ

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 03:35:23 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5uxt2NVYRzEcWemGwBNLng&google_push=AXcoOmQFBas4h5OknFPh8j2I0hJa321e-CG1DPAEqb6CDCbMJVyWsFX39tALqhnJxikzDR0F40mTYTBIS8Ww3Qj3VQ_r8m7wioPxcQ
x-host: tde-deliveryengine-production-5bf79cd4ff-68798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2827 43 B
103 B 34ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEP_pbFymepyUThpZAHg5E1s&google_cver=1&google_push=AXcoOmR031B_8Uc_iPqMNPYxNMX5GnbaIQ1MWU1cMA7LVRKfymbq7OqVcASaLRuepiqpyFxbFYloS9niQWtRoqZBecJoOPc0-MMs
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2827
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmT28nuIRO4H7wXmtWj9EdjNcd9nkyN4Q...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmT28nuIRO4H7wXmtWj9EdjNcd9nkyN4QyIIPGm2dqJoRcmRRu-YUFoX3li0FUvTx3RQFPWvfA-Vy0Ny9OlMv6z441hyqN-XoQ

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQ5IL7p42kPBoVxa%2F1Qo5I%2BkWqnN5OWEodtRnRMOJQenFtkQcV0FkMjDKz2KKdqdIXpRoBWV31P%2F7HhuebnYO5Zeeon43XM1aJT91bXeccbdz6s3v23mbfD2tB%2B6y9dwUCoGvVhMpdC5mA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmT28nuIRO4H7wXmtWj9EdjNcd9nkyN4QyIIPGm2dqJoRcmRRu-YUFoX3li0FUvTx3RQFPWvfA-Vy0Ny9OlMv6z441hyqN-XoQ
cache-control: no-cache
cf-ray: 81e8d9022dab195c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 2827 43 B
198 B 50ms
47ms Image
image/gif 52.210.34.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEFSJYdaj-f5DKP3hP2w1haw&google_cver=1&google_push=AXcoOmQx91JkSJJv3eRfU5oHNDGDr_Q19tNWgFKWnNYLy-Z3X4QQhO_YiJKjDAdMukP1HJFgKcarTSsEPUPbFyuVn-dIqCm0_lznMQ
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.34.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2827
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGR...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODE1ODkzMzE2NTcwNTQ2NTc2OQ%3D%3D&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGRoQ1xI_h7JAnJKUcvQ...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODE1ODkzMzE2NTcwNTQ2NTc2OQ%3D%3D&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGRoQ1xI_h7JAnJKUcvQsgJIopjyRMXi2bccJbe57kw9jyPH5gFrEzKiHpHVIyGe2nNj89IPbVeefTpfWKuY4tumU

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
an-x-request-uuid: 523e0a96-c72d-4c50-82a3-308c6a6e6154
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODE1ODkzMzE2NTcwNTQ2NTc2OQ%3D%3D&google_gid=CAESEGpoekggj1WpWTC2oJTJ6VY&google_cver=1&google_push=AXcoOmQ-kK5lHkJGRoQ1xI_h7JAnJKUcvQsgJIopjyRMXi2bccJbe57kw9jyPH5gFrEzKiHpHVIyGe2nNj89IPbVeefTpfWKuY4tumU
x-proxy-origin: 217.114.215.132; 217.114.215.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2827
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=516a0cd6-fc9f-44c4-a4c4-35989a273f49&google_cver=1&google_gid=CAESEMk8w6zzgo0gZIcD6fkUhPw&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=516a0cd6-fc9f-44c4-a4c4-35989a273f49&google_cver=1&google_gid=CAESEMk8w6zzgo0gZIcD6fkUhPw&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSmvdII3yoXUNxQfuNqjXRmwcy3JowFXKcxOBljgm-AGDVKNR00cC0OUPLCyMNIuDvWmEbiQhMLrlJI5ERy7g_HPj_2Lgn7svs&gdpr=${GDPR}

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=516a0cd6-fc9f-44c4-a4c4-35989a273f49&google_cver=1&google_gid=CAESEMk8w6zzgo0gZIcD6fkUhPw&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSmvdII3yoXUNxQfuNqjXRmwcy3JowFXKcxOBljgm-AGDVKNR00cC0OUPLCyMNIuDvWmEbiQhMLrlJI5ERy7g_HPj_2Lgn7svs&gdpr=${GDPR}
date: Tue, 31 Oct 2023 03:35:23 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2827 0
12 B 30ms
28ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_-oryrVjLx5B1l21oVOGeIrgVwgm-fz_daaDZo1x_Hb4_jzcRdjOCOmRquXFEDYE5X-q_M1w

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B234 38 KB
13 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/ Frame 023C 8 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a209c9f6cd10cb3caf430918142b530d23106126fbf86ca69c68f0bb210a89b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 157243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2828
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 07:54:40 GMT
expires: Mon, 28 Oct 2024 07:54:40 GMT
last-modified: Thu, 26 Oct 2023 20:26:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DB0 0
0 67ms
66ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQoFyHJjh36M6qrnMHHht-TRwZVNEaYlzSwe9kdzXdpbT-u-4ZOvs-7X40OMsDPGqusWeMBp5F-u2Oc-B_Iph_29K3g7rRWXi9T0o3_PD8ttPfrntw-06MDluMP2WIVdFPdgJSj_jt6k6lMNb5geEuyRQbxxu8q7P_qawZqCOw8zilmbSACcqFVwyhsALWxxEhLj6HP4MtVZotLGqzlIVnyLaJO3JnnFPgaG1zGQxxUH1hXEQcJ73Stx-FRzyUC44PEnYWWp8vl_FJMyllVrw59xHJz09Ddkj72uvZat6dftNgBUbn88U8FGt58A9xm5o9QdjoB7YVxxPLj9CCXsEkuw-buRMwMq0MZxea57yEqtBeq1wv7Lp2QAiwNYaslX2cci7TZoHBlxknvtZ4ODezLneA8G_RnZcp1fvLhQ9ctbWSvma9sD9a7Lh7rGTuWm0eRkkao8yM8QXRI_VHt2CJIf5QrVC0WpgV6OU9GKUJanNLi0dHTynF5KfKCC0j-g2NHgci5HtHU--0kn8eIH0f7bMkBqRkxNiLVGlMOIQLce9LnWppECgS-Tzj_uxIDzngNLcVS44e24OBu9AR2qRtDplg2LJ3eEQUFJIBSkKtwxkvlh1OxVzfOq54AChM2WBNAvEHvRiwO-yqzlkN1M5Z89Ydupr4RdOuns9Ic-vGo21u0iYwjyyCpgcJct0XtFCUXIqyNL-MDyJ9D28DUzSoDicT6HP_DvVP_m91lAnFwGAJMSvUUNBeGAhUlrDbhY3gJw6pwLCN4dTDgn5Gc-6kS4aJSBsKnh9VNXsJ1-hHFFmvKvZrb8jQn5Y4KXdD98eXSG0A9jDwFPRkZ-Ia1bR7cuEPKZNRdq-fKP_yhmzHzJOLIZ_5S8jpH2CAunD6b6GgeeXxJzs_H8bmDKuc_X-QgVuzWVEMc-UlVgcmy4Q14et-G7jhV73kTlCg66tNN1dui003sB0ZG2UI1HLbzpgYrXdKDle-r_vPQG_XYGxK8VPJYcBmxycefNdQi35cwAlfI17Z2V_PMq_Jt4vYq-JnIwyO-XP3PwdGwIglHb6UtobwuE1dsOsDKRRwMZ3LxAqkF9nc6rseRh_jSeN5yPSWXBdPJTbqrhSHwM1sl8PNaX-blxfOd2TOd7kqQoUkKqUkAHoOtnpLMdke468SrWaYQtukw6j63Y2rNKCoHl5p3DYsKTGxBVW0aQks0kMW5_wcJOYqhGCXsPJfqzNRPdZlaaUsj_tpQp2dvaIkyAr2xvfSK5W8OSIAvCLwtC6YszBE-FrcqsrFiaGULM2T1KWTTmEXEgzyj-LVKsuk5Tw_7RXYAqDQ0HAHNR72_JLM5jgfCy2PbTrp2JAWo6L76t6ptDXoV3CU&sai=AMfl-YTD6gm978rk9P42jR7Y7sPf49alfkjPf-somu4ounKeLtPvcwHPIzHzTeVcmDv6T32JpTOSYVZ6N21KTG6wExrhUrJC-AiUWR6f-cRwTBGWV21IZ7WJvtOCb_2uGtPkk4HoooKscZ8fHf6CmWCshS_IrWPb3K0kkw-oYJjq4thXKUwPSwRkenVcQJcjR3wkQlkzfX-fxwIj57kKetvWtXD8uZZvDd5HsF8eTD7GWwrOLkHnNTBAMpMcrdHY1rS7oEaP&sig=Cg0ArKJSzKH5EMWf4bGWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=44&cisv=r20231026.06423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 023C 236 KB
63 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 023C 1 KB
591 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 01:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H3 200 roller-kw25-300x600.js Show response
s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/ Frame 023C 27 KB
7 KB 22ms
21ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/roller-kw25-300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa6daf8d75a3d4c029ddc0b88f87e5b698651730ab2deacb4ec231a060a7eafd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 07:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6688
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 20:26:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Oct 2024 07:54:42 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame B234 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DE0 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzN9Vn1CihxOJlqlIB-Wo3Onr6lOfpGT8kUf9D64GOzZMUe2GIZPRDqgAvEX31zDY8TavHoCeKfqXWx5LliUFNS6b-vrstWSGpLC30-ygO2QbiNVdscnRoTX9QJ9mcJVyF4sjBgAI06eHz&sai=AMfl-YQ7Yyejkthm5ubGDhjVdS6IKkmwTp5maUH01sPIkhQtD0jRsoYZrC-JLn9CUQkQBsM1qAhTIaJn4YtZ1ML6lcRFqQ7-79RUUi0bZ-5GtqaSrKHmpcTArHrbD-E&sig=Cg0ArKJSzEAuMva9VbiJEAE&cid=CAQSOwDICaaNs_UwYptYmpeey6r5VO-PHHJIjmGn4kmPxJAL5725fjvRSL0EjFW5dBCjvwrsjimVMLTJhWYxGAE&id=lidar2&mcvt=1000&p=818,315,1068,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1341314224&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698723322099&rpt=154&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 roller_kw25_300x600_atlas_1.png
s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/images/ Frame 023C 77 KB
77 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/images/roller_kw25_300x600_atlas_1.png

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

047980604af52912fa15b218a4d5b9beee2a64a6e3e58b0c0d46a75e64cc0311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17429342680777858876/2023-44-Staffel_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 07:54:44 GMT
x-content-type-options: nosniff
age: 157239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78883
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 20:26:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Oct 2024 07:54:44 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3DB0 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQoFyHJjh36M6qrnMHHht-TRwZVNEaYlzSwe9kdzXdpbT-u-4ZOvs-7X40OMsDPGqusWeMBp5F-u2Oc-B_Iph_29K3g7rRWXi9T0o3_PD8ttPfrntw-06MDluMP2WIVdFPdgJSj_jt6k6lMNb5geEuyRQbxxu8q7P_qawZqCOw8zilmbSACcqFVwyhsALWxxEhLj6HP4MtVZotLGqzlIVnyLaJO3JnnFPgaG1zGQxxUH1hXEQcJ73Stx-FRzyUC44PEnYWWp8vl_FJMyllVrw59xHJz09Ddkj72uvZat6dftNgBUbn88U8FGt58A9xm5o9QdjoB7YVxxPLj9CCXsEkuw-buRMwMq0MZxea57yEqtBeq1wv7Lp2QAiwNYaslX2cci7TZoHBlxknvtZ4ODezLneA8G_RnZcp1fvLhQ9ctbWSvma9sD9a7Lh7rGTuWm0eRkkao8yM8QXRI_VHt2CJIf5QrVC0WpgV6OU9GKUJanNLi0dHTynF5KfKCC0j-g2NHgci5HtHU--0kn8eIH0f7bMkBqRkxNiLVGlMOIQLce9LnWppECgS-Tzj_uxIDzngNLcVS44e24OBu9AR2qRtDplg2LJ3eEQUFJIBSkKtwxkvlh1OxVzfOq54AChM2WBNAvEHvRiwO-yqzlkN1M5Z89Ydupr4RdOuns9Ic-vGo21u0iYwjyyCpgcJct0XtFCUXIqyNL-MDyJ9D28DUzSoDicT6HP_DvVP_m91lAnFwGAJMSvUUNBeGAhUlrDbhY3gJw6pwLCN4dTDgn5Gc-6kS4aJSBsKnh9VNXsJ1-hHFFmvKvZrb8jQn5Y4KXdD98eXSG0A9jDwFPRkZ-Ia1bR7cuEPKZNRdq-fKP_yhmzHzJOLIZ_5S8jpH2CAunD6b6GgeeXxJzs_H8bmDKuc_X-QgVuzWVEMc-UlVgcmy4Q14et-G7jhV73kTlCg66tNN1dui003sB0ZG2UI1HLbzpgYrXdKDle-r_vPQG_XYGxK8VPJYcBmxycefNdQi35cwAlfI17Z2V_PMq_Jt4vYq-JnIwyO-XP3PwdGwIglHb6UtobwuE1dsOsDKRRwMZ3LxAqkF9nc6rseRh_jSeN5yPSWXBdPJTbqrhSHwM1sl8PNaX-blxfOd2TOd7kqQoUkKqUkAHoOtnpLMdke468SrWaYQtukw6j63Y2rNKCoHl5p3DYsKTGxBVW0aQks0kMW5_wcJOYqhGCXsPJfqzNRPdZlaaUsj_tpQp2dvaIkyAr2xvfSK5W8OSIAvCLwtC6YszBE-FrcqsrFiaGULM2T1KWTTmEXEgzyj-LVKsuk5Tw_7RXYAqDQ0HAHNR72_JLM5jgfCy2PbTrp2JAWo6L76t6ptDXoV3CU&sai=AMfl-YTD6gm978rk9P42jR7Y7sPf49alfkjPf-somu4ounKeLtPvcwHPIzHzTeVcmDv6T32JpTOSYVZ6N21KTG6wExrhUrJC-AiUWR6f-cRwTBGWV21IZ7WJvtOCb_2uGtPkk4HoooKscZ8fHf6CmWCshS_IrWPb3K0kkw-oYJjq4thXKUwPSwRkenVcQJcjR3wkQlkzfX-fxwIj57kKetvWtXD8uZZvDd5HsF8eTD7GWwrOLkHnNTBAMpMcrdHY1rS7oEaP&sig=Cg0ArKJSzKH5EMWf4bGWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&vt=11&dtpt=105&dett=3&cstd=44&cisv=r20231026.06423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7D5 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:21 GMT
expires: Wed, 30 Oct 2024 03:35:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/ Frame 023C 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:46:25 GMT
x-content-type-options: nosniff
age: 330538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:51:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 07:46:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AC0D 398 B
222 B 33ms
33ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVuF8gKHZDNi5v-ouSrFzLzd4Wn2LdBtjTqciI5vGsSm3dVlXZ6zXh9rEgqxYv9I-Ab5HAtlVC4sJFV9nN2ga5R76hd14RJc_gLFTC4oiaOiSXgxQOqusOVFXdrvyxzYu92QRFLQUC73vJQvQzaEZJTQnAlysz3OgjFptbtG97Nz3oHI7M

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E7D5 111 KB
39 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Origin: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 02:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 02:22:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame E7D5 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:28:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame E7D5 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
server: cafe
etag: 3118617226516770384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:20:34 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E7D5 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 307044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 14:17:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E7D5 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:41:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E624 1 KB
648 B 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 31 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame E7D5 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 19:18:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8430
x-xss-protection: 0
server: cafe
etag: 7000445677337367579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:18:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7D5 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAZynfVwFnOzzqwotiQxMBWfQXJYcTb4ZPzlusUvcZGqUXcZ6nMYobReviaeGm2Szcmx5Na-ipQusp9EfRiZedU8NSkMldGfm5nxKhJMNUtvs0SBg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7D5 0
0 33ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMkgE15sAjFXTUsW2QZe2zO4fqh5A9ckxySxpKlH80p7hyYUIxJvhlUpy-CirSlX_y-CvaW_PCftIyBBx31NOKvMcqMw
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7D5 188 KB
59 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60393
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698666127188353"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B234 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BY9BI-3VAZbKbBsGIgQfov5m4DQAAAAA4AeAEAg&bg=!39yl3JPNAAbo5yKYyOc7ADQBe5WfOMIlEV2TehOgXQmmy8LwjUz2OREZCLYxx5S3LCrhj2bdMUABcPvSB2atUXzTTzvFAgAAAHpSAAAAAmgBBwoAZIyrp37mF29mVJBNJnro1gVimE7MEUxDasH9yCp-zVvacIktGSHMD4zid6yQ99Zq0N7vKCEgkQ9qT0vaZV1y5Wj4GBWJAh53OUXnDnB9MRzrj5MmqtggL1--yurIiCrx7Zwi3kSZAvobiW4mg1jcYnsfVPbA-uMozRNI6Z2_f_MrwwKvY6ld0PYsAmowR_Jgx4mPj0KlM48xOvu7KAuzP_Tc4-RNUg0dVCKoh2-8kb2_GnNLQ399NFRIOPPcRPTd3HSAGh36-9kxaaFzda67b7Ht70V0Psn321aLx026UiDOaNpo94l0oU-QpyuxOTb3xSymtuF7YD-6x4kecEMvzgrW071LgAHATiPG56rGCtQKwW8miCDcEaSTTZpDD9tCt3RBxtNjeoW0439lRsoYbl491PX3Nhq1G2f3LMZxbmpW-yC6HsCXDuc2eW9R545evBLY0WWfZRj_AdbkNSXQRv_XBRjpfTdnsgxaYqu-e2T5oBEeh4sMfeSqVqGpqCSzaRYs1xhLfxUnE0mbVuv5EHW6LcAKYSs7GuoNwPB8JTFJS7dbrrEcm0RV2GVqLWpqVjFNBeUXvh8o-7yvySZWDKbw5PHDr24Cks1jiRJo5cmPMALA7kZlNqnRvPXqf3C1v8R2k9LWF5UNM-4HiV_VKA8fRBg7Olq5yESvfw2kVy9gCXeJFbpmTZVp65nBpomrVDHeWZUZsyGpz-A3TFAWDpolUqa7SndHeTpbrQV9WbJpto4Vsup_JRwOrS3-7vjTLvT9gC9GMu_SC-3mArY4BGzB_UKw-vcgyTnAapInZayLlQkWKNLqn3hIXqONFktPM8TWj1kTm22PuPbTAQN3GwIPY4tYvMjlkqN8VaqPIS2GCbwJvw8T-eXncyc8W-qDuv1E19rMXz4gfXo6a-jzPWmRwQdJk2oiT6Iju3m9Jd5eq_vx0_QAuMPZ0STfnOPG-k29U0simZAGaSi7E44XHNeMOMGJ5Dk38aevfICuO5WIEktY5ZJW-2RPYMGXCbsIb29escp5iMuYPQb-RaC-a59uroLz4P_f4pjAikKgXFtIQ5vD5Kd_23o3rBb8dT0QTgI2RFm6AxY-v-ZsF2ZWJTpBi_6Js9d5mwlMFU5ZpNBYVmp1A-9U0WULSE7ssC1gJV4

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2E23 38 KB
13 KB 28ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 14:18:21 GMT
expires: Sat, 26 Oct 2024 14:18:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame AC0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAjmTZh3f5qpf8Icr7-zh-E&google_cver=1

43 B
163 B

140ms
70ms

Image
image/gif

185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAjmTZh3f5qpf8Icr7-zh-E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVuF8gKHZDNi5v-ouSrFzLzd4Wn2LdBtjTqciI5vGsSm3dVlXZ6zXh9rEgqxYv9I-Ab5HAtlVC4sJFV9nN2ga5R76hd14RJc_gLFTC4oiaOiSXgxQOqusOVFXdrvyxzYu92QRFLQUC73vJQvQzaEZJTQnAlysz3OgjFptbtG97Nz3oHI7M
Protocol: HTTP/1.1
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEAjmTZh3f5qpf8Icr7-zh-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame AC0D 43 B
163 B 173ms
36ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhi9hsHjATAB&v=APEucNVuF8gKHZDNi5v-ouSrFzLzd4Wn2LdBtjTqciI5vGsSm3dVlXZ6zXh9rEgqxYv9I-Ab5HAtlVC4sJFV9nN2ga5R76hd14RJc_gLFTC4oiaOiSXgxQOqusOVFXdrvyxzYu92QRFLQUC73vJQvQzaEZJTQnAlysz3OgjFptbtG97Nz3oHI7M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E624
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVCMV9nQUFLQklDaEFBag==&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmQaygM0jL0IV3cVzmlwMyVeOd1oS5...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVCMV9nQUFLQklDaEFBag==&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmQaygM0jL0IV3cVzmlwMyVeOd1oS5a5Bq7obg3YSpf_gap7vb5Zl2J73RDdP7Yc0EUo6LHk7xdOE4DKaver7pGJw9Hmtz0f

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230059-FRA
pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698723324.504669,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlVCMV9nQUFLQklDaEFBag==&google_gid=CAESEKgJY8moyJBSWLt7nIbides&google_cver=1&google_push=AXcoOmQaygM0jL0IV3cVzmlwMyVeOd1oS5a5Bq7obg3YSpf_gap7vb5Zl2J73RDdP7Yc0EUo6LHk7xdOE4DKaver7pGJw9Hmtz0f
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E624
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKm4HNiqMKcIangJQPh26tc&google_cver=1&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNx...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNxNg3J_A51iLODUSfY&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNxNg3J_A51iLODUSfY&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSGYO2S96hmY6VNyJg6mhmO3UVwGB4eAkGIBBzpzieLBOqOm2FaHfXsBP7U5KOfULMM85RIlyUopNxNg3J_A51iLODUSfY&google_hm=3HOmdw6hQl-gCAINZ5_CIYQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame E624 43 B
146 B 130ms
21ms Image
image/gif 3.65.51.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMRN3It6Mp1YB8FZkmEdpbI&google_cver=1&google_push=AXcoOmTVSoGl8ShoTsCQV9BtUuvzyfQ0l81qSxhsjzKpen_GbzKsQSeQBagMMpoblqUXEvGu5YtQrW9N6EIcUrRRlUSj6K0QlxA
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E624
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmSGjjQG_JmE68Xa819F53FC8boFhroCm...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmSGjjQG_JmE68Xa819F53FC8boFhroCm8an5vmxpJbpTygwxC3xXbxiMp6dTmAwMG5cVdmcaT8TFj0LGQhNhqbZpBrSD1KQ

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1llSg9egYj1PMQm9MwLN17Ww%2BsuxMjFuviqoxy9IoQRTjK8jHGmjCguXaKEtpGdvShnIEPIA6OkX%2B%2FL0uGmY5JPEhXhTgLh%2BSNQvD26o73KK0vbBNTThyQvweoXua78ys9pM2vpt%2F7uuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELkFNpISTcpgM20MBmy-neE&google_hm=ZUB1-ux86YAvymoMAqTjzgAAFD4AAAIB&google_nid=index&google_push=AXcoOmSGjjQG_JmE68Xa819F53FC8boFhroCm8an5vmxpJbpTygwxC3xXbxiMp6dTmAwMG5cVdmcaT8TFj0LGQhNhqbZpBrSD1KQ
cache-control: no-cache
cf-ray: 81e8d903ec241cbd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame E624 0
241 B 25ms
23ms Image
text/plain 2600:9000:211e:ec00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBh-l-xtqoCmrvJx7kC0uz8&google_cver=1&google_push=AXcoOmT3FH2QVOjqn6GDZg6neQfCogjU5tYRgHeSi25-WSxWZxA_nZ7THzKEKlROLkOjJ9S1e9qry6AYKUVkCrHnBTWsvDor-BNA
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:22 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
age: 1
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: 5zDJIyEsKV7NVLSHpNhTBudfPSZP-AmjAIO8WeKd5laZvHio2tvukQ==

GET
H2 200 ebda
match.360yield.com/match/ Frame E624 43 B
198 B 49ms
47ms Image
image/gif 52.210.34.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEFSJYdaj-f5DKP3hP2w1haw&google_cver=1&google_push=AXcoOmRvN7_rA_ttRSTLeW8yqT5XXD--Ff4mbfJXGA8-pv6JdlA1UeQjXiMGN8sCo8ZaEWk2e0se1ruGn1UDNiPcTPnXXRPx76Q
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.34.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-34-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 31 Oct 2023 03:35:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame E624 43 B
145 B 130ms
22ms Image
image/gif 3.65.51.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDDTgccaOk9ANR-VDuoppdY&google_cver=1&google_push=AXcoOmQmhMJIPBLeqm2LP30BfTzo5He-1Zx9ixQY7cj0pt7Ev4kgISCuLwA5iBo1UiVgtToGlnZ2s26JPAAvukeg4RlBuZcVPXErkQ
Requested by: Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E624 0
12 B 30ms
29ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-byhYrQnxFC8WapkFzVQc8ZsNwdV_Pdl1X-wP-K-2t2Molu577_gxNy1OLwMEmUrgUHvcEg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 6 KB
2 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a1ad8599d395bf94f20d32a7d2a17b7506a52737e6b34677be70fcf180dd3b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 358392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2130
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Oct 2023 00:02:11 GMT
expires: Sat, 26 Oct 2024 00:02:11 GMT
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E7D5 0
0 66ms
65ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD1xClLeZBuTxqL3kzQnKKVLwskoznxvJ-1iQOcM8iH4T_fNHSOaqsZwYeIfvFn6M4fn0V-4aSIqhFjaQ8JGRxSyq1DhopOoabPfmdyYU57E0m6h7N2ySqk7qDSUtHlOloH1teE1YQWrG_lVbbGwgHW5Eo-99OcjZE9ghD1kjh5Mutm66u2inIHIPD8Zsw0dEhgOLRjtOU8xGaa-Qz0Hc7uJRYvdTb-c8XQGQJ5J75-DwL7lL7FTHWmDMgIJu9wJUXLBEjs5t5ue--6mY62hCN2dZezHZXTnwcc0-ufbQvvRn1soUAubcVPpfQHfislNtPvDjtX2KijXhUJuQDkqkg_HWdH3n37FFsLa1LD_exzoaBVJeExfuoA-PMXwMp5G-Erx2quEI47Jne0VNWM5XGaacKFU9resnzRVTQ4O4xmqEwCULeXKZA1F49XczbP4W9x414k7gdClHQLM9TJz8cUSrJnFOGvL__J_jVgZLDmlwQ6QxfkK9Ssc_2CwOIsXcq7z92hnbQvB5jVrz0rx5zJLNrQi_e8Wj8pldKmaHmbflsgVSajBXEk51AHAT0mkFMTE8dd9MAVzQjFwKmwyY1XUp7salDb-AjlwWBn_Tmxf3zzZCLqqdtmWJZysqjhIekGRFDbCnHen73yMpL_4OmSNFDM8_og09PLW_gjjd5evzAVa4cmk0u8LRTeXYWn-aplgokKcfDYXxwM-K6YaN_xH6_ilDmjbfoEGdOP2PPm_HE-KgXJ_y1GGvFnuW2fhI8PeJYKKhy6BqY0YwsQ3gIHKO1aLJI_SOLMn5sfSPzxYaw4SWzm_BB9g0Tvp8COqVR0q0fdcBiWL6tX7raki7GlJwuPHcVjbHgFA6PSD0xP_oOD-WslQv2alF8OUT-ZLU_chztPioTY5jXRF7wolk-oQkRdfqGwqDeZp2xU4MNB63aNHQueovT-3KrVaCQIQmsK_WXO9SGTWN-6eO4U9_jWbKS8dKNdMvjwZeg4W2KU4JAk84CRPX4IDglxeE_LiAwGNsLL8pMY5-eR5pH3bcQ5MUvsyLRsWwFx4MPDWCut4m9KjQI2pb9AMgRmiTjMw93sDwd-BRUnr1HUiXD2zZhVMivIQp5DGUWr7LlAfm6AEXYxtZaGObqZ4Lu4Qzq0jZ-s8AwAbR3mBd9Zy6vdfdKimeTVGIgCRPa_tGwx16NB-OvHwxnJx-ptOCHZ1sM822FtRJAkWU9xWip3ORKaNeYTlBW8l_2VwUdHNs6HSSnpkToa3wcmUjaF_NBVSk9xjAhlNIbHCrUd-mLCzGOwjmsk4TmvPyOGX08XiJafDj2sFVdY9_42pOplnxz4opxPnM7EjKGqHF7zgqS8UlzIDMVyIYZh6fhFSDeO3z-IFeEqlRCmC9awfoss-0vqo6j_6AkySnUAGJaFg&sai=AMfl-YTDx0_0FqssyfVDp0dePIfRwwXZMwO6Kn8YdRoyvkoPgoLVb6-VQHbViK04InZe22Cb93hJucxZ8pNAwW1uurtG7t7UcybFEkedppgHicf9UgXKDkwmYYBC-kZK4sBu649dD813jYfeoh35KND16tJj8ey9XM4GbREeCx89KzONQ1os0TRfGeVvKbuhA0T1-HE8eRS1poJ5DR4HPl_NuFla0yUuANtN227lWbdbYHtdBJSj92-zU_k220tj7MEoQq1y26nALsEXn3hQcmKcDuJoOf3c5YhohLWUsflB7tSKQgref27TfNAkRGRppfZt1HjHvVKo_-tYCbuRmppxjb8HS1I2ZEnzHCuAmcgxZwLDoub4H8lw4u0-I5DvQn93-3lpP6-_6pNlExiDEzT91bJu&sig=Cg0ArKJSzMZvXZRebCb7EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=49&cbvp=1&cstd=48&cisv=r20231026.29107&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E7D5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8adaa640eb43470b71f182d1824954661430abea93a3cbbf0f413958dc8e8ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 75F9 16 KB
12 KB 36ms
36ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1607769e873bc6c340ab654a4deb4ef4c32257f0b5777a65a9bf77ec7543df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12161
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 948C 236 KB
63 KB 29ms
28ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 31 Oct 2023 03:50:23 GMT

GET
H3 200 300x250_kia-flex_picanto.js Show response
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 41 KB
6 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/300x250_kia-flex_picanto.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ca59b988cbfb75b3cb18696cc421b25e2b2ccb0741f4c994a6bafc091076de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 20:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6132
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Oct 2024 20:10:00 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E23 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 75F9 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H/1.1 200
OK e98f6328de681ba4966c6b25ca4d4ef1.min.js Show response
brain.adbot.tw/js/cfg/ 2 KB
1 KB 266ms
266ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/cfg/e98f6328de681ba4966c6b25ca4d4ef1.min.js
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: f64e213942f412af3bc34d67607bd19c2d50f4477fe11ff9b7b2aa607c5afeda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 04:00:53 GMT
ETag: W/"5eddb7f5-9c2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 31 Oct 2023 04:35:23 GMT

GET
H3 200 bg_01.jpg
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 21 KB
21 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/bg_01.jpg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0131a7f26b1261d26332b3c3286ec65da3bd8df18182ef95c6fed4cf64ef841c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:35:27 GMT
x-content-type-options: nosniff
age: 331196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21419
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 07:35:27 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E7D5 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD1xClLeZBuTxqL3kzQnKKVLwskoznxvJ-1iQOcM8iH4T_fNHSOaqsZwYeIfvFn6M4fn0V-4aSIqhFjaQ8JGRxSyq1DhopOoabPfmdyYU57E0m6h7N2ySqk7qDSUtHlOloH1teE1YQWrG_lVbbGwgHW5Eo-99OcjZE9ghD1kjh5Mutm66u2inIHIPD8Zsw0dEhgOLRjtOU8xGaa-Qz0Hc7uJRYvdTb-c8XQGQJ5J75-DwL7lL7FTHWmDMgIJu9wJUXLBEjs5t5ue--6mY62hCN2dZezHZXTnwcc0-ufbQvvRn1soUAubcVPpfQHfislNtPvDjtX2KijXhUJuQDkqkg_HWdH3n37FFsLa1LD_exzoaBVJeExfuoA-PMXwMp5G-Erx2quEI47Jne0VNWM5XGaacKFU9resnzRVTQ4O4xmqEwCULeXKZA1F49XczbP4W9x414k7gdClHQLM9TJz8cUSrJnFOGvL__J_jVgZLDmlwQ6QxfkK9Ssc_2CwOIsXcq7z92hnbQvB5jVrz0rx5zJLNrQi_e8Wj8pldKmaHmbflsgVSajBXEk51AHAT0mkFMTE8dd9MAVzQjFwKmwyY1XUp7salDb-AjlwWBn_Tmxf3zzZCLqqdtmWJZysqjhIekGRFDbCnHen73yMpL_4OmSNFDM8_og09PLW_gjjd5evzAVa4cmk0u8LRTeXYWn-aplgokKcfDYXxwM-K6YaN_xH6_ilDmjbfoEGdOP2PPm_HE-KgXJ_y1GGvFnuW2fhI8PeJYKKhy6BqY0YwsQ3gIHKO1aLJI_SOLMn5sfSPzxYaw4SWzm_BB9g0Tvp8COqVR0q0fdcBiWL6tX7raki7GlJwuPHcVjbHgFA6PSD0xP_oOD-WslQv2alF8OUT-ZLU_chztPioTY5jXRF7wolk-oQkRdfqGwqDeZp2xU4MNB63aNHQueovT-3KrVaCQIQmsK_WXO9SGTWN-6eO4U9_jWbKS8dKNdMvjwZeg4W2KU4JAk84CRPX4IDglxeE_LiAwGNsLL8pMY5-eR5pH3bcQ5MUvsyLRsWwFx4MPDWCut4m9KjQI2pb9AMgRmiTjMw93sDwd-BRUnr1HUiXD2zZhVMivIQp5DGUWr7LlAfm6AEXYxtZaGObqZ4Lu4Qzq0jZ-s8AwAbR3mBd9Zy6vdfdKimeTVGIgCRPa_tGwx16NB-OvHwxnJx-ptOCHZ1sM822FtRJAkWU9xWip3ORKaNeYTlBW8l_2VwUdHNs6HSSnpkToa3wcmUjaF_NBVSk9xjAhlNIbHCrUd-mLCzGOwjmsk4TmvPyOGX08XiJafDj2sFVdY9_42pOplnxz4opxPnM7EjKGqHF7zgqS8UlzIDMVyIYZh6fhFSDeO3z-IFeEqlRCmC9awfoss-0vqo6j_6AkySnUAGJaFg&sai=AMfl-YTDx0_0FqssyfVDp0dePIfRwwXZMwO6Kn8YdRoyvkoPgoLVb6-VQHbViK04InZe22Cb93hJucxZ8pNAwW1uurtG7t7UcybFEkedppgHicf9UgXKDkwmYYBC-kZK4sBu649dD813jYfeoh35KND16tJj8ey9XM4GbREeCx89KzONQ1os0TRfGeVvKbuhA0T1-HE8eRS1poJ5DR4HPl_NuFla0yUuANtN227lWbdbYHtdBJSj92-zU_k220tj7MEoQq1y26nALsEXn3hQcmKcDuJoOf3c5YhohLWUsflB7tSKQgref27TfNAkRGRppfZt1HjHvVKo_-tYCbuRmppxjb8HS1I2ZEnzHCuAmcgxZwLDoub4H8lw4u0-I5DvQn93-3lpP6-_6pNlExiDEzT91bJu&sig=Cg0ArKJSzMZvXZRebCb7EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=195&vt=11&dtpt=146&dett=3&cstd=48&cisv=r20231026.29107&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3521 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ifoodie.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 01:41:21 GMT
expires: Wed, 30 Oct 2024 01:41:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D6D 829 B
561 B 31ms
31ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ceab43f4286da5b4a1b52c163f98fd411766dfc2f7ef8bf3351d72116c9382b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dGGSC3gpVKDjXuG2SSIPBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ifoodie.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dGGSC3gpVKDjXuG2SSIPBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:23 GMT
expires: Tue, 31 Oct 2023 03:35:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bg_02.jpg
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 28 KB
28 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/bg_02.jpg

Requested by

Host: 1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
URL: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fa09d352afd9ec9576a670bd2056d564f2b7e3a34ee10cc1eb0cb3924be814d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:23:46 GMT
x-content-type-options: nosniff
age: 385897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28425
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 16:23:46 GMT

GET
H3 200 btn_cta.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 761 B
795 B 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/btn_cta.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68552cca682bb0b73fe0c5bccadba8c66051f3bb0f87e49aafabd3915249eee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:47:01 GMT
x-content-type-options: nosniff
age: 193702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Oct 2024 21:47:01 GMT

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3521 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D6D 0
0 55ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=2607031767033870&rc=
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 headline_01.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/headline_01.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c80c5883759feba7ae4e6d3a6cb4c4f5a625b1fbfca4d3af95c1ba8c2712721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:38:08 GMT
x-content-type-options: nosniff
age: 554235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2610
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 17:38:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E23 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bcw1K-3VAZee7BYet9u8Ptaa80AMAAAAAOAHgBAI&bg=!Q0ClQA_NAAbo5yKYyOc7ADQBe5WfOEl8yG0Mvj455-qsCKvIbK4xG8mFdy0hLRhf8MvlFAVlY-BeqGVwy5m0R3Zt3ilDAgAAAGNSAAAAA2gBB5kDCJH8CFxM8XOgEf6GfzsRxXmi7_Ro-3CZmqq_tozKK7aQIr7FRwSkl536KyZadM2lbA73tUh_iaAFPjtfJ2r7NvGfBjV0KoKthJ-W-YN8w46glpY4P3sh62o9CvEzr9-MRKX-0DD80OLpZMLjSRhKGM74N9wuelBFgGl0-dTg0YRJ2EsCZKX2P--r_TcjrA9oRiO8KEL79KOuw3wADbh5udImbhcUu3ey9PxQFn1zk32q9Gog4y6fEw2GhPnU2aJ8sdKRcvqkHBf5DTLh-dICBZ779zRfF7D0YFWNdGvw8U2tN1z9YrDRzt22mwNfBbwjX8poqFoU7SxHZ8f2K5RKuIMyRcJywv1Z0yDfAlmUk6lu0d_v5LHTicoBoblWD65SX6dislq3drNhkXMxlyyaq03j3kBhEuSN4J5-K-v7r2MlwxBEdPRcLC7VSSC8-JbmJRw82WD3BV_H8SLi1B8sVTI1KbxhIy-bXW1XZbCee34eHnFRY6pbHwAqSwfqQGCqUxFGrFymmJrVpWO9miu66_ENORt7jt-yjORmcNjVk94b0Dh4FgoTWL184joBxAPpPCuTt7OBJ8DJqsOzztbARanErvmWgUj_IAEVADeSKKnY-kmO9gcU28sxJyM_c2OHgnMj2uPxm50w3wXkmdQlcUKN9UU-n_fqY4RxfSq04Fpbz1KH-joI1a9gEXbsv_jQQiqo9ntgEQFVfs9KLt8WwonaQFwm0SuqM__PRs1o7XdtsdtAPudGXMhOuhkxAt_B4dA0YQR4y8psQj8QGIEGBMBB53H0iGDrCmGU3aAtWOyV3T38fWNlo943LW-EXRB7D2t1_rOZNVrsC7Jc5zX62K6wdIeC_0iXD6hfoBVZ7ROh609zQ2zSsSwJx3Bkc4vftZ80FwjvDLSmm0J66XbDIBeh1PKOHVZVQvfToGxEYg6ngvlipcVE1dK18fhDNpqq4xsM8KdDaNGP4RNxixw1FluKisqiX-O78DRiNeuJ6a5oNQhJzl-wyCVL7GIbPjfO5HmHjTq-HM99

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 headline_02.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/headline_02.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2562707fbb527236c793e1bb96b0a09b2251184a45b12b905c53c5aa0160bb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:15:31 GMT
x-content-type-options: nosniff
age: 332392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1748
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 07:15:31 GMT

GET
H3 200 icon_check.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 656 B
690 B 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/icon_check.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0334984e5f44af91c12d8ed33b76b040558ef5100a1985cb5bc0354ebcab64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:37:57 GMT
x-content-type-options: nosniff
age: 39446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 16:37:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3521 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?60xNpQ
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 kia_flex_white.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 1 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/kia_flex_white.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb158ee3a60ca46559d0535a2101a6569c76957c58c4da910744adc525d77949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:28:08 GMT
x-content-type-options: nosniff
age: 331635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1515
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 07:28:08 GMT

GET
H3 200 liste_01.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 1 KB
1 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/liste_01.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb6bb2316416b6f3440548ea3ee0ff5472d742c8477b7a3b12234e8703256c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 19:16:05 GMT
x-content-type-options: nosniff
age: 289158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1085
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 19:16:05 GMT

GET
H3 200 liste_02.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 1 KB
1 KB 22ms
22ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/liste_02.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85764e3d281c3748129051ff30544d7705cd95ac363e17d599cf0358ed7c0584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:58:17 GMT
x-content-type-options: nosniff
age: 250626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Oct 2024 05:58:17 GMT

GET
H/1.1 200
OK ypalocation.js Show response
brain.adbot.tw/ 81 B
410 B 267ms
266ms Script
text/html 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/ypalocation.js
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: 665c27bdbc24e4347087818b713a7a18d2cd43b4aac2420d39c25486ae49608c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: public
Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=3600, public
Connection: keep-alive
Expires: Tue, 31 Oct 2023 04:35:24 GMT

GET
H3 200 icon
fonts.googleapis.com/ 569 B
366 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 03:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 03:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 03:35:23 GMT

GET
H/1.1 200
OK ypakeywords.js Show response
brain.adbot.tw/ 3 KB
928 B 262ms
262ms Script
application/json 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/ypakeywords.js?_=1698723323602
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: 4eb827e40f38ad5ab643361f347ad79c6fc0e767f56ab6e796e925d71eb05a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json

GET
H/1.1 200
OK js.cookie.min.js Show response
brain.adbot.tw/js/ 2 KB
1 KB 524ms
261ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/js.cookie.min.js?_=1698723323603
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: b9e902238705b06b640bb8fcbaf78e930e7151e73993f135070e62c06ecddd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 10:23:44 GMT
ETag: W/"5a9d1ab0-778"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Thu, 30 Nov 2023 03:35:24 GMT

GET
H/1.1 200
OK md5.min.js Show response
brain.adbot.tw/js/ 4 KB
2 KB 531ms
266ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/md5.min.js?_=1698723323604
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: 4b968dd9042b119b4c62bb90938d7cc8aaaa841f12e8060fa9198b6730a07e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Feb 2018 01:03:29 GMT
ETag: W/"5a94ae61-fe6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Thu, 30 Nov 2023 03:35:24 GMT

GET
H/1.1 200
OK data.min.js Show response
brain.adbot.tw/js/ 1 KB
863 B 781ms
260ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/data.min.js?_=1698723323605
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: db15da32296382af4df5523c292893a2f403e7788ff761c45a675334abcf572a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2017 09:55:13 GMT
ETag: W/"58760101-410"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 31 Oct 2023 04:35:24 GMT

GET
H3 200 func.min.js Show response
cell.adbottw.net/js/ 66 KB
11 KB 1034ms
1034ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell.adbottw.net/js/func.min.js?_=1698723323606
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883305a308a696d24084a1eb21151efb3ad5604eb56b1774151f986a6ec2a4d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 May 2020 08:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5ec641b3-108d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GlSd0WLRCDdJ3o2RKByizJxJSVC2LCtFx9WY2HdoerEOXm4M%2BB%2FB5ICpGF8J64c%2FKD9ds8IzUOPrjZvJnAe5us8yMHCkz4LC94JN%2BUN6F%2BflhExlqWnarJ49EcIOrNFEpnDOYLZBiQp0iOMH2ga"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81e8d9064ec718e7-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK lineads.min.js Show response
brain.adbot.tw/js/ 222 B
552 B 784ms
261ms Script
application/javascript 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/js/lineads.min.js?_=1698723323607
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: ce199809cce8c12d848eecc371b6d8546304e052d2009766dded8f6dc55206ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 May 2017 02:22:21 GMT
ETag: W/"590a905d-de"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 31 Oct 2023 04:35:24 GMT

GET
H2 200 adskeyword Show response
gene.breaktime.com.tw/v1/ 508 B
717 B 368ms
311ms Script
application/javascript 2606:4700:3037::ac43:9661
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gene.breaktime.com.tw/v1/adskeyword?url=https%3A%2F%2Fjennifer4.com%2F&callback=_pi_adbot_bootstrap.init_gene_keywords&_=1698723323608
Requested by: Host: brain.adbot.tw
URL: https://brain.adbot.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c76303b20c6e1cb54e49e2249050d4000c2b90ddd74902ef2b140d5c73b95ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BDNqBU6MUWr%2FwAPZ8kxtGTFjml%2Fe5zJKivT2axjYA9DswYhZGhZrNPcglq02C4UThqA9JNMqdcB9xYLDYUeRGrDOKbc4FDrTspbmN2DEEdXj1hGzfULhupLWZKB6tz%2BTPJkCH8uUpQKASlA1swp4%2BvBb%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=0, max-age=0
cf-ray: 81e8d906a8c32bf7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 liste_03.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 1 KB
1 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/liste_03.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc4fec40905fbd51adf29ef0554369e7e7ead1adfbaa03adfe158faf2ddd5872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:56:01 GMT
x-content-type-options: nosniff
age: 376762
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1227
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Oct 2024 18:56:01 GMT

GET
H3 200 liste_04.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 1 KB
1 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/liste_04.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa45add05fb6a742549affbe0c6351520d4a2d7e2a8677ae431b88c7d8846d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 00:05:38 GMT
x-content-type-options: nosniff
age: 271785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1187
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Oct 2024 00:05:38 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/preis.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6e5a83211909b83cf5acaed836a5d08663dfa738f205977cbff3e68065b7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:38:58 GMT
x-content-type-options: nosniff
age: 330985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Oct 2024 07:38:58 GMT

GET
H3 200 va.png
s0.2mdn.net/sadbundle/4486057005446783324/ Frame 948C 4 KB
4 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4486057005446783324/va.png

Requested by

Host: jennifer4.com
URL: https://jennifer4.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1f218151c6df1dab3a5f3da6f5cd1da78f7e9cde44eb2b8e49fbc3a3d79d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4486057005446783324/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:55:37 GMT
x-content-type-options: nosniff
age: 34786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3914
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Oct 2024 17:55:37 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB0 0
25 B 55ms
55ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=870224163365&version=m202309260101&ct=119&x=1&cor=8922432967493669000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 75F9 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=2607031767033870&bg=!0dKl0p3NAAbo5yKYyOc7ADQBe5WfOMeUbhlqQEQ6s2dCvpi2DF60mQWn79knHzsec4gXBplgXY3rKSoYm5Pq6Qshc148AgAAAE9SAAAAA2gBBwoAZox0yka8e2VNsr6TlfJjYX7tej-Gy7VhsQ1QNL7uL-E0d1q2isX56zq1dd7vpAVpbd0AXcG2uZYg5WgdokEv7FK5IDQc8AJVeBviDD3nl0rkzccPx0-xzg4IpgCIXE8CO-78SL0UR5kCzjG47cIOgMqQDW08so2xnfO0rgtFJGjLSuKcIag69XFsJlqrlt7uzeB-MFz62oxTZQwkYeD6Vl1FgL6LZG0n8E-CSjCdn3jA4GvHedZDW0VoY1HA6TrrbqPkrJ_f0AWbuVRto3p5NFR9V8TH41sg8qBgiheTH1gu8aXJDp9JQ86_X0iOeGx3dgUpD9l7MEB8QslqJUfmIR4yGKI7qxJ3bZVmDV4OnEYJK26aDkP-uo-meS2FHyA963WzIDXPa4X1PacyizRZ2d-gXGZDikFNzW-VOjxOF1PUEH6VjwrSJiqaXSUAz_25pNWd926pcm6ii8nTVM2rAu94TvNiFjd8UVupar_1BGhLCmxUsgkQgIxd_g5LC0Jedy8IPoFaSAYE38kidMXgrtNjZDzomCeSWG5anz6vMLSyKAM7FWWANf9fUniJ6ljR0aPssh2ktbuafL6UrrsDVQRByiptPRtExLetcVgj5SJuJ9rQ8q7k_yv6gSs2Jiam2Idi2QuFo60QvnE1be_W6wke-a_Jml8VOel9-M-MU2bWRkVxl3URK6i44v081XMArfhvmNcezb6ExZ7Y9prfB6QQByO54zxBpFVu_NouTg93VEwTccZy68cSrqldvLNxwOTwupsVEUdw5s4NQKuDvZNSQv14VFJjG2RGsnHTp729apd_ta5rxj-uJr7HECfhDQZKL8hyQnT-R05ISFIAPeVsvGTiwFtqMDfN-jxWdq-z0_EVSk23Yf09cpcITDKFLQaJBLtpYBjuQVg5rU4-_YHWY6evNjpTaRnwSSUm5C07kdsGTbPguQpOrm6LRAEMLDovr1amr1O4c1V57Z7vkwwbWnM2i6siRNE3Sde8FGd7JrUp5Iw_aZhlzb85WUF6OaQs7V5wMVj2x5lpjoyUR6dbDgWTxH9fTilZXZRGP1UdcoKMdhRYAOqyA8QKE9jBVF6XAbnLaEY
Requested by: Host: jennifer4.com
URL: https://jennifer4.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ifoodie.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 503 latfpkws.js
learning.adbot.tw/ 0
0 825ms
272ms Script
text/html 45.32.50.234
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://learning.adbot.tw/latfpkws.js?h=8ad39ce6dd8454aacac7dcba84ec19ba
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.32.50.234 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.50.234.vultrusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK ppiiad-DTgeneral.min.css
brain.adbot.tw/css/ 9 KB
2 KB 262ms
262ms Stylesheet
text/css 104.155.220.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.adbot.tw/css/ppiiad-DTgeneral.min.css
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.220.179 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 179.220.155.104.bc.googleusercontent.com
Software: /
Resource Hash: e12da6309c50c072343e9638e1754cafa221369cb8a172460dc67c40e2c79c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 03:35:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 07:34:02 GMT
ETag: W/"5c7e266a-22f0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 31 Oct 2023 04:35:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1123210560&t=pageview&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&ul=en-us&de=UTF-8&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=619068862&gjid=897890051&cid=1484857743.1698723320&tid=UA-92404416-7&_gid=874698219.1698723321&_r=1&_slc=1&z=1058598831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2b8cea37a40fdca96cf62970dd26ab7b3f7c0477f90aea5aae5b70911949f9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 agent.min.js
learning.adbot.tw/js/ 0
0 272ms
272ms Script
text/html 45.32.50.234
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://learning.adbot.tw/js/agent.min.js
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.32.50.234 , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.50.234.vultrusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 au.js Show response
a.breaktime.com.tw/js/ 114 KB
40 KB 43ms
43ms Script
text/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.breaktime.com.tw/js/au.js
Requested by: Host: cell.adbottw.net
URL: https://cell.adbottw.net/js/bootstrap.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 31 Oct 2023 03:35:25 GMT
content-encoding: br
last-modified: Tue, 20 Jun 2023 01:51:40 GMT
vary: Accept-Encoding
x-azure-ref: 20231031T033525Z-760avq0gzh54zegt5h3qusb044000000023000000000atdd
content-type: text/javascript
x-ms-request-id: 83216103-801e-005b-5828-068a37000000
cache-control: public, max-age=1800
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jennifer4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 331209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 07:35:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G67NCDDEJ7&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ff26fdbbe6197ffd53f7bf49ed3af28a3c90be2e3c8a9355cfe1e6823ea77e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Oct 2023 03:35:25 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G67NCDDEJ7&gtm=45je3ap0v9127390592&_p=1123210560&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1484857743.1698723320&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&sid=1698723325&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G67NCDDEJ7&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 35ms
35ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6343a1de071547347b554a57c5cca8c2e7ea923c8e095a17d2c08f80199927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12207
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 03:35:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C48 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 01:41:21 GMT
expires: Wed, 30 Oct 2024 01:41:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC01 829 B
558 B 69ms
69ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c6eb317b92bd2d756731769804ed1a8e6e4c2d7ac8ad88a879e4eb4157d0d95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-geXOibXAhdCr8jRfvWpOWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jennifer4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-geXOibXAhdCr8jRfvWpOWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 03:35:26 GMT
expires: Tue, 31 Oct 2023 03:35:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C48 38 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 01:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 01:37:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC01 0
0 55ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=4336634259696724&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C48 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yPQ5XA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 03:35:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=4336634259696724&bg=!0tGl0Z7NAAbo5yKYyOc7ADQBe5WfOBbN9c81jG_4nDE7t18gpMw5toVB3rp35aIjY934VL6XlvsTsCmh9KdMeO1TAu3iAgAAAFNSAAAAA2gBB5kCrZau693OHyzAt6TxriGmN3cDq1BUv5vJKptiFOZc3CFkmqFPQpzItd5L_uxIAVtZ_j5bipFCjf950f1NbJq0fkvmGURtWBRabauk8-QzpH3RPQVmGRL0-TftFMFr9ZZM3yypLhsSapp9X3FWPxm3VMCQ2S_rsToLsM8Etd5NGwhXOFXBoWZ2RGjvzG7HBW1ceQRm7DHaVYmpVUrxt55ENj8p0ty2vot3vw2BLAUubLcTVOttKsWLxi234jNFQfxlJMqNZ09cBnvbhPd76TxPpjAXnWDnWpPH8HhdJY_uy_AcQ_lO5NOgicnduWsFoMbCVwrwijJaRQNJb824bkRzXrRViyzMh4wwnp0tX_7bmM6LB_3hvoDrOvQeyzE6_4anUojg0DoOND4g-x29XI4hC7QAIp-oIwJXE0c_lcUAUdS6KJSzd6EJhawJtqpNNJczUp6aIGvwddT4fRzry8r_4nXiHgn0_Y__dHU388UbTn4L2uPN3-CL8eLmf7D_FwIGzbEGsKwvMbcxT_NjZPXwZqcRP3TU_nkzMOCjLRNoxVXu9b-Jb6RCcKxO7i7jzSDSOUqFuqa872a4rEY6cqxyfudkId7058ha0bh5mOlgrIuDYAn0LNnwnu8sf9uWH-YyD1YRHZHKiBsTJXZoMEDW22X3B-eCq_0sQa5Fde78ogaTGa34vWTgTsgKYKH0GJZ1ZxC2CeCZkcjfPKotmDbSxARKe1yQDcUf3F7AvF6hOIFYlM_4u9qNCb1c--YJgEBLvfAEInUqgPb0MCu_eQ7R1l4XCOOUcwCVWVBZUcZh1G01WCNFGcd-z6QlVkOuenTtGEufaE0gWEWAKOkh1Mb4QNS7tFAUYc9q28IORQ42hdaJxmxvktmLZTXNHynuI27BFm8h61LGUpr3WaJTfPs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jennifer4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-34D08J2LV5&gtm=45je3ap0v890810521&_p=1123210560&gcd=11l1l1l1l1&cid=1484857743.1698723320&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1698723320&sct=1&seg=0&dl=https%3A%2F%2Fjennifer4.com%2F&dt=%E7%9C%9F%E5%A6%AE4%E5%90%83%E5%96%9D%E7%8E%A9%E6%A8%82%E7%87%B4%E7%94%9F%E6%B4%BB%20%E2%80%93%20%E7%BE%8E%E9%A3%9F%E2%94%82%E6%97%85%E9%81%8A%E2%94%82%E7%83%B9%E9%A3%AA%E2%94%82%E7%83%98%E7%84%99&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jennifer4.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 03:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jennifer4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixnet-network-falcon-asset.pixfs.net
URL: https://pixnet-network-falcon-asset.pixfs.net/js/adsbyfalcon.min.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.2.3

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENO1996i7HsuS0FsTQHjcyg&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jennifer4.com/	1970-01-20 15:53:29	Name: cat_trid Value:
jennifer4.com/	1969-12-31 23:59:59	Name: cocat1 Value:
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_EXP7T8L8LV Value: GS1.1.1698723320.1.0.1698723320.0.0.0
.jennifer4.com/	1970-01-20 15:53:29	Name: _gid Value: GA1.2.874698219.1698723321
.jennifer4.com/	1970-01-20 15:52:03	Name: _gat_UA-219963448-1 Value: 1
.jennifer4.com/	1970-01-20 15:52:03	Name: _gat_UA-106748821-1 Value: 1
.jennifer4.com/	1970-01-20 15:52:03	Name: _gat_UA-135689988-1 Value: 1
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_TKBLJLT1WJ Value: GS1.2.1698723320.1.0.1698723320.0.0.0
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_3DCCEXXFQP Value: GS1.2.1698723320.1.0.1698723320.0.0.0
.jennifer4.com/	1970-01-21 01:13:39	Name: __gads Value: ID=069207500ce58cfb-22129fd320e3004a:T=1698723320:RT=1698723320:S=ALNI_MYeRBGSgzDdiErJYcUoVnhkHC1Vnw
.jennifer4.com/	1970-01-21 01:13:39	Name: __gpi Value: UID=00000cadd8b9a2c6:T=1698723320:RT=1698723320:S=ALNI_MYj6IPpgWnNoECvpV4Qo3Pn2rjZkQ
.doubleclick.net/	1970-01-21 01:13:39	Name: IDE Value: AHWqTUlLrNsFX2L9PgUqolfLSQ10FOInzpqliL_svTdb_-EOvS3ROYEombdROMFeSZs
.jennifer4.com/	1970-01-21 01:28:03	Name: _smt_uid Value: 654075f9.63efb457
.jennifer4.com/	1970-01-20 15:52:03	Name: _gat_gtag_UA_230439076_1 Value: 1
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_NCBMBRV2DM Value: GS1.1.1698723321.1.0.1698723321.0.0.0
.lndata.com/	1969-12-31 23:59:59	Name: admses Value: 1135214983082
.lndata.com/	1970-01-21 00:38:08	Name: mapping_hist Value: szeJ.T00utTM0vSdQ.NLO0MDcyNjYyBAA4wwUc
.lndata.com/	1970-01-21 00:38:08	Name: viewlist Value: szeJwVx8kNACAMA7CNInJQwv6LIfw.0JUOmG2FWODcHtkifj0pK6YPutsIhw**
.eyeota.net/	1970-01-20 15:52:03	Name: SERVERID Value: 19027~DM
.openx.net/	1970-01-21 00:37:39	Name: i Value: 4a3130df-2c58-4d48-b8dc-a6659ca7e44d\|1698723321
.jennifer4.com/	1970-01-21 00:37:39	Name: connectId Value: {"ttl":86400000,"lastUsed":1698723322042,"lastSynced":1698723322042}
.criteo.com/	1970-01-21 01:13:39	Name: uid Value: 23189d6f-90c9-479c-a835-5766f6779f1a
.jennifer4.com/	1970-01-21 01:13:39	Name: cto_bundle Value: 3gUmTV9ZT0VFNmJRMyUyRnl5cnJkR1FvSERCWHNSWEpHNjFMdFZmejFOQ2xHWDM3dTFRenlnRmVyVG1rV0l5cDBoMFoxckZUb29ZSmJnUCUyRmYxazZMWmxkczFGb0pPeU1KU1VRNEZEQThUemJROG9qY0trejE4TlZuTHpvYTFCdjJCTGdmM25aNkV1bWxQQno4Wll3dWUxalBuZlNBJTNEJTNE
.lndata.com/	1970-01-21 00:38:08	Name: admckid Value: 2310311135201368043
.casalemedia.com/	1970-01-21 00:37:39	Name: CMID Value: ZUB1.ux86YAvymoMAqTjzgAA
.casalemedia.com/	1970-01-20 18:01:39	Name: CMPS Value: 5182
.casalemedia.com/	1970-01-20 18:01:39	Name: CMPRO Value: 5182
.simpli.fi/	1970-01-21 00:39:05	Name: suid Value: 553DBA5909AA474590ABCD38433892F3
.lijit.com/	1970-01-21 00:37:39	Name: ljt_reader Value: Hk23qGZHe8SPIr1zTiqksoZy
.quantserve.com/	1970-01-20 18:01:39	Name: d Value: EBoBCQGoKoEA
.quantserve.com/	1970-01-21 01:22:17	Name: mc Value: 654075fa-3fb4f-dca95-471ff
.adform.net/	1970-01-20 16:35:15	Name: C Value: 1
.adform.net/	1970-01-20 17:18:27	Name: uid Value: 2878800015626274435
.adnxs.com/	1970-01-20 18:01:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6LPmor!@wnfH8K6pQK`!5=E<L5?%L[cw[Anj_'Aigks0c1).zYk1EU):/_adee9lk%nugO%v4VB%nnjG-ej_
.adnxs.com/	1970-01-20 18:01:39	Name: uuid2 Value: 8158933165705465769
.everesttech.net/	1970-01-21 00:37:39	Name: everest_g_v2 Value: g_surferid~ZUB1_gAAKBIChAAj
.c.appier.net/	1970-01-21 00:37:39	Name: _auid Value: IEg02DUPCZW67egK-nVAZQ
.hinet.net/	1970-01-21 01:28:03	Name: uuid Value: 27078a98-5247-4937-9a30-48a718ca8487
.travelaudience.com/	1970-01-21 01:23:44	Name: _tracker Value: %7B%22UUID%22%3A%22E6EC6DD8-D558-4731-1C59-E986C0134B9E%22%7D
.ctnsnet.com/	1970-01-21 00:37:39	Name: gid_CAESEKm4HNiqMKcIangJQPh26tc Value: 1
.doubleclick.net/	1970-01-20 20:11:15	Name: APC Value: AfxxVi5p2o4J87joSSBlmef99hhOI8LWTHPCaUomb9baLpBBsV2LOQ
m.exactag.com/	1970-01-20 18:01:39	Name: exactag_new_gk Value: 40644c6f14d54456824c4b6e61441bb4%7C30.12.2023%2003%3A35%3A22
m.exactag.com/	1970-01-20 20:11:15	Name: exactag_new_uk Value: 2d89a524df654b52b3db94d6c6f7f08f%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 8d3cffa2039d46d5bc3b0485
ads.travelaudience.com/	1970-01-21 01:23:44	Name: _tracker Value: %7B%22UUID%22%3A%22E6EC6DD8-D558-4731-1C59-E986C0134B9E%22%7D
.csync.loopme.me/	1970-01-20 18:04:32	Name: viewer_token Value: 516a0cd6-fc9f-44c4-a4c4-35989a273f49
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_34D08J2LV5 Value: GS1.1.1698723320.1.0.1698723323.57.0.0
.ctnsnet.com/	1970-01-21 00:37:39	Name: cid Value: dc73a6770ea1425fa008020d679fc221
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga Value: GA1.2.1484857743.1698723320
.jennifer4.com/	1970-01-20 15:52:03	Name: _gat__pi_adbot Value: 1
.jennifer4.com/	1970-01-21 01:28:03	Name: _ga_G67NCDDEJ7 Value: GS1.2.1698723325.1.0.1698723325.0.0.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://jennifer4.com/(Line 59) Message: Mixed Content: The page at 'https://jennifer4.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.2.3'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://pixnet-network-falcon-asset.pixfs.net/js/adsbyfalcon.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9874927516416876&output=html&adk=1812271804&adf=3279755396&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fjennifer4.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698723320575&bpp=5&bdt=163&idt=167&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&nras=1&correlator=8585601611374&frm=24&ife=1&pv=2&ga_vid=1174759540.1698723321&ga_sid=1698723321&ga_hid=1812648635&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=367&ifk=2688338180&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079079%2C31079190%2C31079265%2C44805934%2C31078301&oid=2&pvsid=2607031767033870&tmod=769978517&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C367&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5asmzsa0l07j&fsb=1&dtd=179 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENO1996i7HsuS0FsTQHjcyg&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://learning.adbot.tw/latfpkws.js?h=8ad39ce6dd8454aacac7dcba84ec19ba Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://learning.adbot.tw/js/agent.min.js Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ec92d9a07d02c76f835c8fc8cac7bee.safeframe.googlesyndication.com
a.breaktime.com.tw
ad.doubleclick.net
ads.travelaudience.com
alliance.breaktime.com.tw
ap.lijit.com
api.mdeianet.com
bcp.crwdcntrl.net
brain.adbot.tw
breaktime.tw
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.innity.net
cdn.jsdelivr.net
cdn.lndata.com
cdn.prod.uidapi.com
cell.adbottw.net
cm.g.doubleclick.net
cm.lndata.com
cms.quantserve.com
code.createjs.com
connect.facebook.net
connectid.analytics.yahoo.com
csync.loopme.me
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gene.breaktime.com.tw
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
ifoodie.tw
img.jennifer4.com
invstatic101.creativecdn.com
jennifer4.com
learning.adbot.tw
lh3.googleusercontent.com
m.exactag.com
match-hubble-man.vm5apis.com
match.360yield.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
pixnet-network-falcon-asset.pixfs.net
power.adhacker.online
powerads.breaktime.com.tw
provider-prod.mdeianet.com
ps.eyeota.net
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.lndata.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.aottercdn.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
t.ssp.hinet.net
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lndata.com
vawpro.vm5apis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
fonts.googleapis.com
pixnet-network-falcon-asset.pixfs.net
sync.search.spotxchange.com
103.153.177.10
104.155.220.179
104.18.36.155
104.199.210.210
104.199.245.202
104.208.76.145
104.75.89.75
107.178.252.150
116.50.36.71
139.162.92.244
142.250.181.226
142.250.184.194
142.250.185.102
151.101.194.49
162.19.138.120
172.105.221.29
172.64.152.89
18.139.138.204
185.86.138.155
185.89.210.180
192.0.76.3
2001:4860:4802:32::36
2001:4860:4802:34::36
203.75.214.136
216.52.2.6
23.197.7.214
2600:9000:211e:ec00:1b:5138:8a40:93a1
2600:9000:223c:8000:10:dd8:5e40:93a1
2600:9000:2250:5800:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:3031::ac43:a025
2606:4700:3037::ac43:9661
2606:4700::6810:5714
2606:4700::6812:bcf
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:bdf::45
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c06::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:f::213:7edc
2a02:fa8:8806:21::1720
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.114.84.80
3.127.178.105
3.33.220.150
3.65.51.143
3.71.149.231
34.102.146.192
34.120.135.53
34.253.64.164
34.96.70.87
34.98.64.218
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
35.214.211.17
35.244.138.40
37.157.2.228
45.32.50.234
52.210.34.203
54.150.62.140
65.9.66.97
85.14.248.91
002d1979ce0ea87e44eda8144b31faf92eb58bf86b3622ebb8fb1d0ca5b87b4d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0131a7f26b1261d26332b3c3286ec65da3bd8df18182ef95c6fed4cf64ef841c
01a77163f255e2bc5cddf4d6dff08e6283f7c6b1fdb3bdf8c897bb1bca1e4594
02a0dfaac31356fb5912205adfc9acf2647ee7dcba718d09859495b53031ad20
02d9a007f450ea4e604862843d16c43c00af8416d6de35a6618d0da0fe1e8811
03e4e6b7174f5b25c2888bcda4f39ce25057a08869bcb7e75d626e93402e1a33
047980604af52912fa15b218a4d5b9beee2a64a6e3e58b0c0d46a75e64cc0311
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c80c5883759feba7ae4e6d3a6cb4c4f5a625b1fbfca4d3af95c1ba8c2712721
0caa295b48705699cf1728871073544a3ce10c58ec8cafd2d5f26d903b0dde6f
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0f634eab6fe03fe003e26f28b8d61ec723f67c18a66a33b6e41cf993c60846ca
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
101abeadc3215292bb65bca2a01045f2ae2f2c3e200d44585a1492c240d770eb
107d8d5e4f558bdfa65fc9c3463d694d43a1a126a9077142af1c31eebbec7d90
123dafca27bf43442846d02d6c94ad6f56eae6b36b9f4f9403b49f8c43a94af8
14f88b30b4223c42fec632e214f164fa42a2f37ce0579adced90b7bfb7b713af
15135111f108d9c34bc4e055270d6021568da1d43e85de31b0d53f64db6cb783
152c84e46b3466b723a4cb9bacbbce881a1fd9af042dfa716eaf02df28d6ad7d
15780fd3f8f26966f7d83054274b93e02ab2bb010420759231cb8385580d6ef7
15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16e74b5834ba86642eb79bc39aa4350c94eb513dfb1d5906ecc9f42172ecc04c
1a074a456bae0f510a3a62f159d9c90c0a26894e4a0689a13a69f01af1a634aa
1a64f648ec25a90483f17d3ff0e35b9cfc1532c74c82d761a33183fba6b5d781
1b311cf29e446a0f551d333f80db9020d3d775bb37031976e361889a2c52667e
1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355
1bb6bb2316416b6f3440548ea3ee0ff5472d742c8477b7a3b12234e8703256c4
1c6500e114cdac56f55c61e0f9e115e760560c1c18bb1b1bfa57ec85ab3b2dcb
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f
22ac20938c64d5a9be0da799630fc87ba08847234d8dcde247ac2cadcf856e79
23b7d97e49b583ca2949e8ef9a5b2badd67db17614d6e0934848f66d39d1dd17
24a1a877e52ac8ceb3ae2a5c3c3784492ea75fdb895cb7e686a46a4913c31f8d
2562707fbb527236c793e1bb96b0a09b2251184a45b12b905c53c5aa0160bb4b
270cf1bd918682e2e07613a9fd10581211c97b7f81d14643f39f14126b5e588b
293efabe8c9d4314f5fbddbc95bf9c9d61f612a48d94d27ff3bb948522315fb2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8cea37a40fdca96cf62970dd26ab7b3f7c0477f90aea5aae5b70911949f9e4
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fa09d352afd9ec9576a670bd2056d564f2b7e3a34ee10cc1eb0cb3924be814d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
380e97d0cac2a79abd9df22d887c9d4c5e27eb314ea00586fa7b406c947763c1
3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13
3f874b2963c47036bdb8a5ecbaf97d73120367e626c975fd0e3d00cc897ac9f7
3f9be2ffb15c15e5690f627818bbbd553d800df7a1f70d7f73fba0e621491151
40054cfc816e7c3a01d850d4e47a1b49e70003143529c7dcc04cfb47b4856a16
43164bb861d5fd7ba9010cd8b0e604bea9e54e602ce90ca8748f54ff97d89884
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c489d9e511d8f713cfe7539579b562fd9729ed3b806931ca4a5a618fb3f672
43db7e2f290d80dbff6a0f430191dfdde4eaa8778ae974cd6bead6f33d318be1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4491d574536affd24d0e2fe3f4bef8bc2fb95bff7a00bf7a0fc57ed56962b03f
459888dfb83fb98f0012346e74d5eabd42221603049c86bc9ae3f6c63f4d7874
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f9b04f6c87499a597dc076f2d7c1be7e05f0a892a5f7d68c5119ed2af91561
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189
4882d78696d87a2caa676ad463cf0c10edd58e837cce27c3f61631218f9b0f3c
49391ae8063a15967e320b1f8fee26dd6fc94c803650ba87463a0af7a94551c4
49c6d65b4dba8e6d76974a11087bab2a938c49a4d8dc0594fc72fdaf779d1cf6
4a022e9c64e75eaac9fb8214aae8effc83d5f873c4764d122122c2802fcd59be
4aa4e7d47ae495651216ae5b5625e144146fcadd4c55e4ad77e794338d3f5578
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b968dd9042b119b4c62bb90938d7cc8aaaa841f12e8060fa9198b6730a07e6d
4c76303b20c6e1cb54e49e2249050d4000c2b90ddd74902ef2b140d5c73b95ec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea23613d9534e96d683292d16d845d71c266328f52393312d51fa778946ed9e
4eb827e40f38ad5ab643361f347ad79c6fc0e767f56ab6e796e925d71eb05a4a
4ebfb77d3f78a5169b34967ead91f7d5327cd0bbe3c94ad972cde972813604b3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
509462bceaa85aa49996bf168611149074a30659a709948634a306a41a7f1af6
53dc68501287c66e9f5516d02db1a696da711a988ff424f9d3506a7613c9b80c
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5ba74c93c63114948ecfb87ca913eb896b191b517db4a25744fed167a424633a
5ca59b988cbfb75b3cb18696cc421b25e2b2ccb0741f4c994a6bafc091076de5
5cba2acb7380bc6453fc66d5eb049e51e12dd1b3e53bcb78937f9753399d6219
5ff26fdbbe6197ffd53f7bf49ed3af28a3c90be2e3c8a9355cfe1e6823ea77e3
616fd7be1c8c79ecbf65650556936e4e2134ec5b320e922efaddfff3c681f609
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637c0312614310314e51fc47e254b8996b9c2a83a102c6aba2e94e1068a54da7
66237b466c703a486fc0f6a02af9479dc57ec82f58f6f95496dc8b342f8241a0
665c27bdbc24e4347087818b713a7a18d2cd43b4aac2420d39c25486ae49608c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66b81cc9bdfa688a111a5c0f9656e0a39fc90290fb4d97f78aa41823944d2094
68552cca682bb0b73fe0c5bccadba8c66051f3bb0f87e49aafabd3915249eee8
688c7af9d72c5f8492cddf9ba0de6af044cd5c4b2b943c470a92187170889d11
69c181079260c18fcc52e6bfd658ab7076237a84a24e1f4346d26e80e20cf330
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e
75b7bf3f583a747a93b5ff3098818ceb8e9e5f60432da2dcca08b30c71b30f1d
7998a6596897c766dd683788e5683ef2f7c89d735853e8a39f37e023ed65eb4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7be245f67780d22fe79866b087df99a3a08810bf55b08d6c5ba30c33d485a2f5
7c6eb317b92bd2d756731769804ed1a8e6e4c2d7ac8ad88a879e4eb4157d0d95
81aa91ef94548e48b6c1a08512c3f513a029e22026c035a72f0a9dc3b7a06eb5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85764e3d281c3748129051ff30544d7705cd95ac363e17d599cf0358ed7c0584
858afccd925bf9c9f09a042747627aef51f2fad25aba25cf3505ac88078165e6
883305a308a696d24084a1eb21151efb3ad5604eb56b1774151f986a6ec2a4d8
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1c54cc815d6d40a41d0f1d47b727828833398fb05268963d360111c04edd13
8adaa640eb43470b71f182d1824954661430abea93a3cbbf0f413958dc8e8ae4
8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790
8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536
8bd792543ee3f33a6e21a6f03050c1c3b5ad773a06b33d2e50b1faf427b17c29
8d1c8408f99907cb34a0b564150efd58c057326c440cb947a9148426eb308285
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a1ad8599d395bf94f20d32a7d2a17b7506a52737e6b34677be70fcf180dd3b9
9a6e5a83211909b83cf5acaed836a5d08663dfa738f205977cbff3e68065b7c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad8af487226a67b176761854418bbeb5356b76368dee01a2fc931c943b389f3
9c62a2778f1392cb784b0592bfe3fc6804cdd0ee1dcedea4faaade38ed428295
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1ef6da1684f83f781ae3635fc6a94ce8524ea5184200cb23f03faa817212f6d
a209c9f6cd10cb3caf430918142b530d23106126fbf86ca69c68f0bb210a89b6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58355a565fa089b86a32188e63bfb70b5833099051515a9ccd9aff60e447454
a6744c72c1997b4835a6b7a80b83214cfadcbbf180fccce587e0536db0f3e4bd
a8981b430d4c419eb8e514265cc5f41b20c521a2b44dfc8723fcc78aa4745976
aa6daf8d75a3d4c029ddc0b88f87e5b698651730ab2deacb4ec231a060a7eafd
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
adca7b7aed131b00fa815d42aa4c3815bb0a1c71cd5fb7bf1694f9c8b4cc7549
adf7c6354065608b860ed7ca69fe36466bcc8b2905a0662271a0042cf7e01088
ae05e6d7b6007543a64bb4fb4b12f226d984bb890d9984b2cd6a7cc9d76a1e89
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af25596021c4e799a0e73e1aaf6bd48a6fefcffc341b0d342c69aa4cf61d9b55
af6343a1de071547347b554a57c5cca8c2e7ea923c8e095a17d2c08f80199927
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
aff04fbdf4d909193c492673a70fdaf74bb44b3718be4a8a99c5f2581f997c9c
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0b99dfbb46f8af62b648594d81ec752a0c4deedf87b833345b43f98221ee46f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1607769e873bc6c340ab654a4deb4ef4c32257f0b5777a65a9bf77ec7543df1
b72ed4e794ebfc8120b4cd67016450c7f1eb121dd2029b5021e9023a10312b1a
b757a087adeb63ecd17755a42f3bc3b7dde93ec384890f0bf55cf977749d47f4
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b819dcb40958b1ef2e74f72fa5ba96f9370c421b31ecccabf7683f24372b80a2
b8910f5ac639eb100c682c4e8b224d16750da9d6b10b64ff5b5d7c504e286a59
b8f46d01a1673daa7a5b307436e04d79695181bdcde1ed3c4b22bf00bbe9fa01
b9e902238705b06b640bb8fcbaf78e930e7151e73993f135070e62c06ecddd2d
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc1afd3c4a84170ccf792346615f50e68f9b679c329dd345b27e2d994bdd7424
bc29e4a5be14bd3d21f7479ac02bfba19ff2a7a0419f1ae37a54362b4df857bd
bdaa45add05fb6a742549affbe0c6351520d4a2d7e2a8677ae431b88c7d8846d
becf9725f0d23bf66a66c5c8cff6ad88fc0a515c767479a9b2069f405899710d
bf3e457a0a3b636c10cd705c293d3dafd811ce21a48ef34f4f5a47dc12814358
c0be40bedf24a0814c233857889e6a74c91b74f9b0789d6cfd3316999717fa6d
c1dd743428314900a9afccbeedd8acabaeab8f4196bce583bf36ffd98b7daff0
c42c9a8abecb6e5733fc9ad519d88a6dc765c415672fc3970f15fc07b75b2874
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5b58882c5b70eccb73235aa0738045f1d89cb49247ff7ce7c0c9857efb0c3ee
c6b10bd7f3574ce25dcc4a766476902554f7928b4d8a336c868c81b7d1d569b5
c6d6b201216e03058ca331c2a2175947f9bbb54c695797df529f91cce67da599
c7a023e0c994779879d811aa2d508be73962ab6a450b5e1d054c5ceb2f0abddc
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c86040e9c0339b2f4ce17a91eeee19c06bb2a2aaa17126892556fbe08881ce56
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cc8b30e9bfe6a385b5619c0d0a34b8f562e02ee4c09ab0637eed496ca3944fcb
ce0334984e5f44af91c12d8ed33b76b040558ef5100a1985cb5bc0354ebcab64
ce199809cce8c12d848eecc371b6d8546304e052d2009766dded8f6dc55206ad
ce69d85a4c17d0dce07435bf2302100fcb81f5887236c02a1aaec899aab6d7ba
ceab43f4286da5b4a1b52c163f98fd411766dfc2f7ef8bf3351d72116c9382b6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d53a26054d308844b2ccab2858a548c6f712c6fab0098212562584ee2aa59f67
d54ccc52a3a62e658f07796f5fb6958ab614b45f216007e9fe7c2d47ad1214f2
d634787c78d2bb877a7a961704e4fa1fa1dd52aa5bc73b661dd30589fb239bb2
d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e
d749579e51cf490ba27a6782bcfe07c52e44ffa8e3fbb4db7a4dded9d0d9ef29
d793355cc34790c02c85cea76cf972beb8d83987d3ae4db156ccbc103f0d82ba
d7b63d0a48c5e325d251017852c0a6e7cbbe1c98a43af51311e3e2bc64069d09
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42
d89114165fc1ed6fc8839646204d84b09aa3748a7b71086db66e04e2df0b8252
d90cc845daa971d718a2e190f9ffc63b4ee132e2ce25e860f595793919f88eec
daa0c2970e088fc8b0062dbc1165de1ccfb26687eb7f0de46893b8445a02a6ef
db15da32296382af4df5523c292893a2f403e7788ff761c45a675334abcf572a
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc73466beec122c7762580e1d70ed135978baccedf3dfa38d4a6a7623a80443f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78
e01afc77d59042df44454c3dd2669bf150061985dd79ea8086fe11473748b805
e071f0859de3d6056d1db499fa4ada42ca229d68c46e1c40c989d2c60e28bfed
e12da6309c50c072343e9638e1754cafa221369cb8a172460dc67c40e2c79c72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea8c1ddc6c172bec15509fc6bd1d1f04b77f2919ec950d4e26494669d1b66ac9
ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67
eab860ba90c14938be13eb05228febacf3a90b4146c3bf4a5d935bac892eb316
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ec2fdad621bb30d4a9be0ef7759a40840c0e90fe9aa89b51248982d4662070e4
ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9
ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3dd0f86adc5c104883883df6e1ae76c254f65e0444b968453110e76d5fb5786
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f64e213942f412af3bc34d67607bd19c2d50f4477fe11ff9b7b2aa607c5afeda
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f9bb67c5d2c319cbf5f3f9577fc999f6166acd2324f82bb52b9590a7b6e8a3d1
f9c1f218151c6df1dab3a5f3da6f5cd1da78f7e9cde44eb2b8e49fbc3a3d79d1
fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2
fb158ee3a60ca46559d0535a2101a6569c76957c58c4da910744adc525d77949
fc4fec40905fbd51adf29ef0554369e7e7ead1adfbaa03adfe158faf2ddd5872
feb1be706a9d56318716bd69b368f3907c2ef3857cda6771efdaaf0dd5da88c1
feebbd4e74fb5ba9765291e01e947b466906d5b220fbfa102909825f0433260d
ff84f911a44335ea2e55eaee50a6f2301aeadb4aa62c092262fe0102b9967361

jennifer4.com Open in urlscan Pro 103.153.177.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

365 Requests

91 %HTTPS

44 %IPv6

63 Domains

92 Subdomains

74 IPs

12 Countries

7337 kBTransfer

14972 kBSize

51 Cookies

60 Outgoing links

Page URL History

Redirected requests

365 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jennifer4.com Open in urlscan Pro
103.153.177.10 Public Scan

Screenshot
Live screenshot

Full Image

365
Requests

91 %
HTTPS

44 %
IPv6

63
Domains

92
Subdomains

74
IPs

12
Countries

7337 kB
Transfer

14972 kB
Size

51
Cookies

365 HTTP transactions
4 data transactions